urlscan.io logo urlscan.io
SecurityTrails logo

abiturhelfer.de Open in urlscan Pro
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vengvi.uber.space/
Effective URL: https://abiturhelfer.de/
Submission: On March 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 17 domains to perform 96 HTTP transactions. The main IP is 2a00:d0c0:200:0:c8b3:e2ff:fe13:3959, located in Germany and belongs to UBERSPACE, DE. The main domain is abiturhelfer.de.
TLS certificate: Issued by R3 on March 3rd 2023. Valid for: 3 months.
This is the only time abiturhelfer.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

16    2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 (Germany)

ASN205766 (UBERSPACE, DE)
vengvi.uber.space
abiturhelfer.de
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
25    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    3.127.132.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-132-6.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.120.90.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-90-14.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
8    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
cm.g.doubleclick.net
2    213.155.156.182 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com
d5p.de17a.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
3    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
38 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
507 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
126 KB
15 abiturhelfer.de
abiturhelfer.de
278 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
3 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
76 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
3 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
829 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
146 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
818 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 377
2 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4426
653 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 1967
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 855
609 B
1 uber.space
vengvi.uber.space
260 B
96 17
Domain Requested by
25 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
abiturhelfer.de
tpc.googlesyndication.com
15 abiturhelfer.de abiturhelfer.de
13 pagead2.googlesyndication.com abiturhelfer.de
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
abiturhelfer.de
googleads.g.doubleclick.net
8 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
4 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
4 fonts.googleapis.com abiturhelfer.de
googleads.g.doubleclick.net
3 onetag-sys.com 2 redirects googleads.g.doubleclick.net
3 www.googletagservices.com abiturhelfer.de
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 secure.adnxs.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 d5p.de17a.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com abiturhelfer.de
www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 vengvi.uber.space 1 redirects
96 22

This site contains links to these domains. Also see Links.

Domain
de.wordpress.org
Subject Issuer Validity Valid
abiturhelfer.de
R3		 2023-03-03 -
2023-06-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh

This page contains 16 frames:

Primary Page: https://abiturhelfer.de/
Frame ID: DDA0F0104D8519A93A9A241C4FAEBAD5
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Frame ID: 910E68BAFA67C5302F70EDA3E256E2D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&adk=1812271804&adf=3025194257&lmt=1677998071&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fabiturhelfer.de%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998071138&bpp=202&bdt=87&idt=338&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=947113865423&frm=20&pv=2&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=360
Frame ID: 00A12B6B6B5B47F07908D877F47111A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Frame ID: 04CBC7BB19DB31921C8C48D66295FF2D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8DB05B3EB31015FDB1AE1A0D9845DEE9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Frame ID: 20392803CC42C229AA664AB8F7F91596
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Frame ID: 0F6330962CBE8651CC5DB270159B2F30
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cbrzg9zcEZMi7IPiD1fAPoru3-A7K_uGdb7vZr82QEZXruq2UJRABIJr75h9glYKAgJQHoAG-i5HQA8gBCakCda6mCKjXsT6oAwHIA0iqBMgBT9BQkAo3VZYigCPhKKz2QXn8iJ8h2_z9GuvNVHFSOv0qYq3czK-dB438K-qe7WLbUVMojPGY1xB1PTU_2HoHNcGgtTm78yTpPolWhuM27Y1iG6I2yEok6l6_MUUcmgZ33d-uUJ9wy47RMerB8aL4DI8TpvLyt0z7DKk3oQOl93FmJq6dUqBbhOiwNLQJmPO6v6Gy10I7XZSBc2_d0AgUSdvP6NnT0vHt3UVzo2Z94HRSC6drqBjzCwxEmBzP1vn0NYJaH8U3OrXABO_qi6OvBJIFBAgEGAGSBQQIBRgEoAYugAfq0pUwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQm7xS0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNzMzMzYyMjcyOTQ4NzQyMhgA&sigh=Hvc2zTjhSUY&uach_m=[UACH]&cid=CAQSGwDUE5yml9m13Zd8fkwZWjIA_3mtaNequ9GPGBgB&template_id=419
Frame ID: 5FC1EFF81FCF605954847A8F1BD667C5
Requests: 7 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EF7451357A225D528F3994FBD8529E6C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 674CAAC4962820CDF9597651B30C1B82
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 505F2E0B0285853CF757E13FA620CBC6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6B4466F1E74CCA3A66945AC9D36D29A1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: D29C1C0836C9C027FA0167ECD2D4FADB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5795A1B96FD23A4FA667766EA42EB317
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78B00BDEB8FC77B72C76D56499ED62C1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Frame ID: 5CDE60E2886B3533A3A76ECB040DB175
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

www.abiturhelfer.de

Page URL History Show full URLs

  1. https://vengvi.uber.space/ HTTP 301
    https://abiturhelfer.de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

96
Requests

93 %
HTTPS

65 %
IPv6

17
Domains

22
Subdomains

16
IPs

5
Countries

1159 kB
Transfer

2864 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vengvi.uber.space/ HTTP 301
    https://abiturhelfer.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 86
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPQ6aDpXS8q7lwnoqqJ_6PQ&google_cver=1&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-EIn_cReLmPU HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPQ6aDpXS8q7lwnoqqJ_6PQ&google_cver=1&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-EIn_cReLmPU HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1252380-c4e0-44db-b7e9-a885ec7ece29&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-EIn_cReLmPU&google_hm=tZFtUMCCSCafckBsdT21KQ==
Request Chain 87
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI86QkN-YR1P3A4eWHZh6Zo&google_cver=1&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_z-gKxn1I HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI86QkN-YR1P3A4eWHZh6Zo&google_cver=1&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_z-gKxn1I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_z-gKxn1I
Request Chain 88
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_cver=1&google_push=Aa02lx-cWGeMrbMXE6x5yFC8ZFajPC3JQjzJw_Sivh3_C9PC5dfy5Tv74Lc_I4buKjtOjhoIxke6ny6K-vvestmBbakxatX3HCns5r4 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_push=Aa02lx-cWGeMrbMXE6x5yFC8ZFajPC3JQjzJw_Sivh3_C9PC5dfy5Tv74Lc_I4buKjtOjhoIxke6ny6K-vvestmBbakxatX3HCns5r4&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_hm=ZAQ3-Bv_fLDbz6Pg6m9hhgAABGIAAAIB&google_nid=index&google_push=Aa02lx-cWGeMrbMXE6x5yFC8ZFajPC3JQjzJw_Sivh3_C9PC5dfy5Tv74Lc_I4buKjtOjhoIxke6ny6K-vvestmBbakxatX3HCns5r4
Request Chain 89
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHkax9OGnBfDU2Fzrv-JR-4&google_cver=1&google_push=Aa02lx9zgiEkDGuVi1_kZ1QgulbVbMMPJBVx4t33PbE20iyEBdMcSsV0_bItzMAldwItiiCrdMDF8fAoKK_JpDuSatg9H28-Rvd9a68 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9zgiEkDGuVi1_kZ1QgulbVbMMPJBVx4t33PbE20iyEBdMcSsV0_bItzMAldwItiiCrdMDF8fAoKK_JpDuSatg9H28-Rvd9a68
Request Chain 90
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHkax9OGnBfDU2Fzrv-JR-4&google_cver=1&google_push=Aa02lx_sB-FiKU2C4JdN4_hdI3eQhxf_WIpYZCGXyfJ4VF7rBoZBQQftAzL2E7KrprGUq-t8FBmyZYUBsDVNb0duKpQvemdeSi7nFpeC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_sB-FiKU2C4JdN4_hdI3eQhxf_WIpYZCGXyfJ4VF7rBoZBQQftAzL2E7KrprGUq-t8FBmyZYUBsDVNb0duKpQvemdeSi7nFpeC HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 91
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGLw3oG1XI6bHJYv5fwNXN4&google_cver=1&google_push=Aa02lx8xsFmdyv-qRSGiN70syzx4ssOe56tKLnEqCAFJsbmLGvX3uw2co5I2ghRUds2GYIrY5CS4l1Rf-p0ccV5ehD-cJ15F7bdEEwS9 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGLw3oG1XI6bHJYv5fwNXN4%26google_cver%3D1%26google_push%3DAa02lx8xsFmdyv-qRSGiN70syzx4ssOe56tKLnEqCAFJsbmLGvX3uw2co5I2ghRUds2GYIrY5CS4l1Rf-p0ccV5ehD-cJ15F7bdEEwS9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTU0NDA4Mzg4NTE2MzA2MTE%3D&google_gid=CAESEGLw3oG1XI6bHJYv5fwNXN4&google_cver=1&google_push=Aa02lx8xsFmdyv-qRSGiN70syzx4ssOe56tKLnEqCAFJsbmLGvX3uw2co5I2ghRUds2GYIrY5CS4l1Rf-p0ccV5ehD-cJ15F7bdEEwS9
Request Chain 92
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENar1sYZ6XbXExgNQ28NvDM&google_cver=1&google_push=Aa02lx8IcRqHzNj17xIcFmrlvttpsmRGI1Hk8h5CHL1KaI4RB3Mj-qGC-03yZ8i-ptQcazVv_qwMJm5pxN4gwsTaMErJQnMjbRrtFw0 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENar1sYZ6XbXExgNQ28NvDM&google_cver=1&google_push=Aa02lx8IcRqHzNj17xIcFmrlvttpsmRGI1Hk8h5CHL1KaI4RB3Mj-qGC-03yZ8i-ptQcazVv_qwMJm5pxN4gwsTaMErJQnMjbRrtFw0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b5916d50-c082-4826-9f72-406c753db529&%%GOOGLE_PUSH_PAIR%%
Request Chain 94
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
abiturhelfer.de/
Redirect Chain
  • https://vengvi.uber.space/
  • https://abiturhelfer.de/
55 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
08c64a22f495b3eec554da914b04fb6324ec2d910ec4a455646c628e793a04d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 05 Mar 2023 06:34:30 GMT
link
<https://abiturhelfer.de/wp-json/>; rel="https://api.w.org/", <https://abiturhelfer.de/>; rel=shortlink
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 05 Mar 2023 06:34:30 GMT
location
https://abiturhelfer.de/
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-redirect-by
WordPress
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		2 KB
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lobster
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
258af51a5e10e796639702d81aac6eb41cbd458ec7e2413f47f6bbc452a4893a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 05:09:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 06:34:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		141 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0af4fe966a9de722647ccfe847ff10d0e843d5bbb7eab1d860140d494db57ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48514
x-xss-protection
0
server
cafe
etag
300943267612194495
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 05 Mar 2023 06:34:31 GMT
style.min.css
abiturhelfer.de/wp-includes/css/dist/block-library/ 		40 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-includes/css/dist/block-library/style.min.css?ver=5.3.14
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 11 Jun 2020 03:04:19 GMT
server
nginx
content-encoding
gzip
etag
W/"a055-5a7c6376ff2c0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
style.css
abiturhelfer.de/wp-content/plugins/simple-pdf-viewer/css/ 		413 B
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/plugins/simple-pdf-viewer/css/style.css?ver=5.3.14
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
1cd7d6c7396ac1b47078c665fe5f9a0287a6c61bb156b923c51a09e671b970c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
etag
"19d-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
content-length
413
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		8 KB
666 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb874dc17127d3b8b55d7dd1a05a7481cbf258273583206381706b599ac4d49c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 05:23:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 06:34:31 GMT
style.css
abiturhelfer.de/wp-content/themes/twentyseventeen/ 		81 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/themes/twentyseventeen/style.css?ver=5.3.14
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
f87825918913399e5758013958101a820da191110957757901d7210d6dc79a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
content-encoding
gzip
etag
W/"1445d-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
main.js
abiturhelfer.de/wp-content/plugins/simple-pdf-viewer/js/ 		148 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/plugins/simple-pdf-viewer/js/main.js?ver=5.3.14
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
8740708bccc09a7210f44596394f7ebf8fa418d7155130c7e7088b2375b5df2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
etag
"94-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
148
x-xss-protection
1; mode=block
jquery.js
abiturhelfer.de/wp-includes/js/jquery/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 14:07:42 GMT
server
nginx
content-encoding
gzip
etag
W/"17a69-59ad84010a780"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
jquery-migrate.min.js
abiturhelfer.de/wp-includes/js/jquery/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:43 GMT
server
nginx
content-encoding
gzip
etag
W/"2748-59ad7d8699ec0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
cropped-36104737630_ab9f797800_k-1.jpg
abiturhelfer.de/wp-content/uploads/2017/08/ 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abiturhelfer.de/wp-content/uploads/2017/08/cropped-36104737630_ab9f797800_k-1.jpg
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
b19412cd3c1dfd0ae14c188ee6b6de99ec9bb92f29d4d8539a2d4eb48c008e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
etag
"26568-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
157032
x-xss-protection
1; mode=block
cropped-abiturhelfer-logo-white.png
abiturhelfer.de/wp-content/uploads/2017/08/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abiturhelfer.de/wp-content/uploads/2017/08/cropped-abiturhelfer-logo-white.png
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
582cad98453cbeca6ff1434e10b63bd8c9c8460b2de76bb735d77df89a44b3c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
etag
"3e29-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
15913
x-xss-protection
1; mode=block
skip-link-focus-fix.js
abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/ 		683 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
etag
"2ab-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
content-length
683
x-xss-protection
1; mode=block
navigation.js
abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=1.0
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
content-encoding
gzip
etag
W/"eaa-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
global.js
abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
content-encoding
gzip
etag
W/"1e02-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
jquery.scrollTo.js
abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 29 Dec 2019 13:38:42 GMT
server
nginx
content-encoding
gzip
etag
W/"16cc-59ad7d85a5c80"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
wp-embed.min.js
abiturhelfer.de/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-includes/js/wp-embed.min.js?ver=5.3.14
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Apr 2021 14:34:59 GMT
server
nginx
content-encoding
gzip
etag
W/"56f-5c003c4970ab7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
wp-emoji-release.min.js
abiturhelfer.de/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abiturhelfer.de/wp-includes/js/wp-emoji-release.min.js?ver=5.3.14
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959 , Germany, ASN205766 (UBERSPACE, DE),
Reverse DNS
Software
nginx /
Resource Hash
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 15 Apr 2021 14:34:59 GMT
server
nginx
content-encoding
gzip
etag
W/"3619-5c003c4970ab7"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/ 		362 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc6f957f676ddc539deb793f3aa704e146a9d4d315d979dfcbcf50ea63dcfde7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121960
x-xss-protection
0
server
cafe
etag
18374034424028568843
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 05 Mar 2023 06:34:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/ Frame 910E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
42454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 18:46:57 GMT
etag
2378337311435320485
expires
Sat, 18 Mar 2023 18:46:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 Mar 2023 06:14:50 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1181
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sun, 05 Mar 2023 08:14:50 GMT
jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://abiturhelfer.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 16:31:08 GMT
x-content-type-options
nosniff
age
223403
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27268
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:56:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 16:31:08 GMT
neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v28/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lobster
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://abiturhelfer.de
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 08:47:44 GMT
x-content-type-options
nosniff
age
251207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33436
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:01:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 08:47:44 GMT
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1686400901&t=pageview&_s=1&dl=https%3A%2F%2Fabiturhelfer.de%2F&ul=en-us&de=UTF-8&dt=www.abiturhelfer.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1388123970&gjid=840410376&cid=1021235909.1677998071&tid=UA-105315697-1&_gid=459222402.1677998071&_r=1&_slc=1&z=489340040
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://abiturhelfer.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://abiturhelfer.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		397 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=abiturhelfer.de&callback=_gfp_s_&client=ca-pub-7333622729487422
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a4fbb593eb5064bfe104984267ee95f421416e72dd150a87e4c4124e236c424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
257
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=abiturhelfer.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=abiturhelfer.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=IMG&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 00A1 		301 KB
78 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&adk=1812271804&adf=3025194257&lmt=1677998071&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fabiturhelfer.de%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998071138&bpp=202&bdt=87&idt=338&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=947113865423&frm=20&pv=2&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=360
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6414a10a1d340c9a95a9c7051c0fe1194363d339d0a53318a5fb13255c1ff3ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
79432
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:31 GMT
expires
Sun, 05 Mar 2023 06:34:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-105315697-1&cid=1021235909.1677998071&jid=1388123970&gjid=840410376&_gid=459222402.1677998071&_u=IEBAAEAAAAAAACAAI~&z=1069113534
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://abiturhelfer.de/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 05 Mar 2023 06:34:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://abiturhelfer.de
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230301&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2239a19a7e1a0de48855d1191f317bcc37b6a9a12c47ba362ddfc75bc333e6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11182
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/reactive_library_fy2021.js?bust=31072715
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8c6942fab378b6e0fa189f198139cfda3616cdf9151a80ba3f111c50c3381fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52390
x-xss-protection
0
server
cafe
etag
879703449118642908
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 05 Mar 2023 06:34:32 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=abiturhelfer.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=abiturhelfer.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 04CB 		81 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a2c59bafe23ba593ee98844bb7c48a2e5accda9048c572238ee3d0c6bb8e8b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
33158
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:32 GMT
expires
Sun, 05 Mar 2023 06:34:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Mar 2023 06:34:32 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=abiturhelfer.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=abiturhelfer.de
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 8DB0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33446
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 21:17:06 GMT
etag
2378337311435320485
expires
Sat, 18 Mar 2023 21:17:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/ Frame 2039 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7333622729487422&plah=abiturhelfer.de&bust=31072715
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
33446
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 21:17:06 GMT
etag
2378337311435320485
expires
Sat, 18 Mar 2023 21:17:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 8DB0 		4 KB
732 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 05:32:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 06:34:32 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8DB0 		205 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 20:42:16 GMT
x-content-type-options
nosniff
age
35536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 03 Mar 2024 20:42:16 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8DB0 		604 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 05:29:05 GMT
x-content-type-options
nosniff
age
3927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Mar 2024 05:29:05 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/ Frame 8DB0 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 19:00:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
41658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8547
x-xss-protection
0
server
cafe
etag
17360858034827311943
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 19:00:14 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/ Frame 0F63 		22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5de4dc7afcaf8ffffe29daa61a300ea9f8cd5424b815e7bd972439cd84316e5f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
503308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4673
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Feb 2023 10:46:04 GMT
expires
Tue, 27 Feb 2024 10:46:04 GMT
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 5FC1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cbrzg9zcEZMi7IPiD1fAPoru3-A7K_uGdb7vZr82QEZXruq2UJRABIJr75h9glYKAgJQHoAG-i5HQA8gBCakCda6mCKjXsT6oAwHIA0iqBMgBT9BQkAo3VZYigCPhKKz2QXn8iJ8h2_z9GuvNVHFSOv0qYq3czK-dB438K-qe7WLbUVMojPGY1xB1PTU_2HoHNcGgtTm78yTpPolWhuM27Y1iG6I2yEok6l6_MUUcmgZ33d-uUJ9wy47RMerB8aL4DI8TpvLyt0z7DKk3oQOl93FmJq6dUqBbhOiwNLQJmPO6v6Gy10I7XZSBc2_d0AgUSdvP6NnT0vHt3UVzo2Z94HRSC6drqBjzCwxEmBzP1vn0NYJaH8U3OrXABO_qi6OvBJIFBAgEGAGSBQQIBRgEoAYugAfq0pUwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQm7xS0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNzMzMzYyMjcyOTQ4NzQyMhgA&sigh=Hvc2zTjhSUY&uach_m=[UACH]&cid=CAQSGwDUE5yml9m13Zd8fkwZWjIA_3mtaNequ9GPGBgB&template_id=419
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Mar 2023 06:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 05 Mar 2023 06:34:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 5FC1 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
78959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 08:38:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 5FC1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 11:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
67777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 11:44:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 5FC1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
43407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 18:31:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5FC1 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Mar 2023 06:34:32 GMT
css
fonts.googleapis.com/ Frame EF74 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 05 Mar 2023 05:22:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Mar 2023 06:34:32 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame EF74 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
43407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 18:31:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame EF74 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
78959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 08:38:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame EF74 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 11:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
67777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 11:44:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame EF74 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
43407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 18:31:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF74 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Mar 2023 06:34:32 GMT
887cfa9374a0c130d54aa7fe143e0312.js
www.gstatic.com/mysidia/ Frame EF74 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 08:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14316
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 07:42:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 29 May 2023 08:24:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 674C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 17:17:50 GMT
expires
Sun, 03 Mar 2024 17:17:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 505F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
91153bd979764a0e13227f44978fb4dfc066062f25ef9de5c9ca8c705e257e00
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SGjE3C0_absSL6lMPhwcqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abiturhelfer.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-SGjE3C0_absSL6lMPhwcqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:32 GMT
expires
Sun, 05 Mar 2023 06:34:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 0F63 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 19:25:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
40129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 05 Mar 2023 19:25:43 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0F63 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 04:42:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
6744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 06 Mar 2023 04:42:08 GMT
32754a7fa217aad34acbb3a3dbb03bab.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/ Frame 0F63 		75 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/32754a7fa217aad34acbb3a3dbb03bab.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
666233ba7de9a030068b01b45bfd0ab16e49103b0ec630c2b73b288352d0cc46
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 10:46:05 GMT
age
503307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19655
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:46:05 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6B44 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:22:10 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5FC1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97f583b5bc78d09e1081f8962123c948f5cb0dce5692bf82862e6b1d1a911198

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
user_uploaded_bechtle_din_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/fonts/ Frame 0F63 		107 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/fonts/user_uploaded_bechtle_din_700_normal.ttf
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/32754a7fa217aad34acbb3a3dbb03bab.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ab5520384598a50eb366d83f5f674ff819da88d5b97238dbfa09fece23b3968
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 10:46:05 GMT
age
503307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53136
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:46:05 GMT
60b251518d59290307c3be43135e7888.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/ Frame 0F63 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/60b251518d59290307c3be43135e7888.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beeb2cafcb4472a7cc6ebc34432e3dcaa63acfb7ff9f4e876d3bf6432798e4c9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 10:46:05 GMT
age
503307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3497
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:46:05 GMT
a6bbc0bf7adcea5559699818d25507fb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/ Frame 0F63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/a6bbc0bf7adcea5559699818d25507fb.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 Feb 2023 10:46:05 GMT
age
503307
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1059
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:46:05 GMT
3cdf9bc3ee551d81c026cf91ae864748.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/ Frame 0F63 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/3cdf9bc3ee551d81c026cf91ae864748.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403bc1b821990d313902dc47e3521a05f095b0a947c9a46d9f6862a952546235
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 27 Feb 2023 10:46:02 GMT
x-content-type-options
nosniff
age
503310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3951
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:46:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6B44
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:32 GMT
expires
Sun, 05 Mar 2023 06:34:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:32 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 674C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 13:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
61656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 13:26:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 505F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230301&jk=2877483408293324&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
3cdf9bc3ee551d81c026cf91ae864748.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/ Frame 0F63 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15271754957833417869/media/3cdf9bc3ee551d81c026cf91ae864748.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230301/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
403bc1b821990d313902dc47e3521a05f095b0a947c9a46d9f6862a952546235
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 27 Feb 2023 10:46:02 GMT
x-content-type-options
nosniff
age
503310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3951
x-xss-protection
0
last-modified
Mon, 27 Feb 2023 10:37:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 27 Feb 2024 10:46:02 GMT
truncated
/ Frame 0F63 		291 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6257b943845e5b82bdb41dd5f2eff94a6bfe91cd395b7df837d3d63d2e515ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=UTF-8
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame D29C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: abiturhelfer.de
URL: https://abiturhelfer.de/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 13:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
61656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 13:26:56 GMT
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 0F63 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 13:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
61656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 13:26:56 GMT
generate_204
tpc.googlesyndication.com/ Frame 674C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TEQl6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
2038330835151595533
tpc.googlesyndication.com/simgad/ Frame 04CB 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2038330835151595533?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qncdoR7rOzDzayYGFz3R_WTtqQtrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f40c135c6224ebfe30995de4da00661ceb32a0d6440e838e9ccbfc5a6128ca48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:51:51 GMT
x-content-type-options
nosniff
age
146561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26976
x-xss-protection
0
last-modified
Thu, 07 Mar 2019 13:44:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 02 Mar 2024 13:51:51 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/ Frame 04CB 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:38:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
78959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9103
x-xss-protection
0
server
cafe
etag
315661852888499207
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 08:38:33 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 04CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 11:44:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
67777
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 11:44:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 04CB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 18:31:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
43407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8558
x-xss-protection
0
server
cafe
etag
3110455901848521628
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 18:31:05 GMT
l
www.google.com/ads/measurement/ Frame 04CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR11C_J0VcQ8q5mMSxIYTrkuApfnEVTtgA7s-AcWWGgXDRMB-1U_C26ZoWcXtEJYnAqufiTItfSMivRIiYHKscPgGKgDg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 04CB 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1677673803517815"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 Mar 2023 06:34:32 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/ Frame 04CB 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230301/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 19:00:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
41669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13717
x-xss-protection
0
server
cafe
etag
17409078185802295553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Mar 2023 19:00:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 04CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ch-FC-DcEZNrHBITG1fAPwI6d4A-r_6H0buPYl6O-ELKp6tz9FhABIJr75h9glYKAgJQHoAG98rrgA8gBAqkCda6mCKjXsT6oAwHIA8kEqgTJAU_Q0aDt94t8GOWRcVfVRLcEItUEhcZrVoTw5FzzypnLjRT7s7Xw7k4lvkMEuaDP95tgJDPSVVcZKaMs295Mt_aZmLYxieTq-2qJmrSowl9CcJq5ZVTaH8ArmiUhNeFhdrp5VvhcWOWH3aEC9R1jnRx46SmT-8rp0i-5H3YfGsXRyaFMFmHzVXaPMwbaAQ8cJeaJqhrdBteNngc9N9eVDU2o7w5SsLYHnPK7Jn8DZhNXyzDs4Qmuf_b0X4lkAef6AQRL3i9TRMi-Y8AEvNf2zJIEkgUECAQYAZIFBAgFGASgBgKAB7fT4iuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDnlDfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MzMzNjIyNzI5NDg3NDIyGAA&sigh=GpnsokZArDw&uach_m=[UACH]&cid=CAQSOwDUE5ymXghmNpiCWQmk5dZ9KOn9-vmY937-2ixXyWzEvjIEJPiv6pyRyiUKGmZJRd6k_ft8cKsz5zWuGAE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 05 Mar 2023 06:34:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5795 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:22:10 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 78B0 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85978
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 06:41:34 GMT
etag
48472445140208031
expires
Sun, 05 Mar 2023 06:41:34 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 04CB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2103f160be70fc9b9f563dc9ca29835af9926159c9aa5fc9376d664a1a759c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 78B0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPQ6aDpXS8q7lwnoqqJ_6PQ&google_cver=1&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPQ6aDpXS8q7lwnoqqJ_6PQ&google_cver=1&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNm...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c1252380-c4e0-44db-b7e9-a885ec7ece29&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-EIn_cReLmPU&google_hm=tZFtUMCCSCafckBsdT21...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-EIn_cReLmPU&google_hm=tZFtUMCCSCafckBsdT21KQ==
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8rZGqVhEXcZQDlcjcZehEUoxdpN1GGXk2MSkWNokEkdCk5gcpkua_b6Z2guMweeaTFR3h4t1ha7YJiNmSC1Du-EIn_cReLmPU&google_hm=tZFtUMCCSCafckBsdT21KQ==
date
Sun, 05 Mar 2023 06:34:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 78B0
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEI86QkN-YR1P3A4eWHZh6Zo&google_cver=1&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEI86QkN-YR1P3A4eWHZh6Zo&google_cver=1&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_z-gKxn1I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_z-gKxn1I
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9H3tFXKPkfjNI2lSwEf1ikjjaJSUtAbsh9FDv1-uVoffa5L2SbtzmdgrITFITJjHYP1_LL301iNtE0ZCk-ahpvn7_z-gKxn1I
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 78B0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_hm=ZAQ3-Bv_fLDbz6Pg6m9hhgAABGIAAAIB&google_nid=index&google_push=Aa02lx-cWGeMrbMXE6x5yFC8ZFajPC3JQjzJw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_hm=ZAQ3-Bv_fLDbz6Pg6m9hhgAABGIAAAIB&google_nid=index&google_push=Aa02lx-cWGeMrbMXE6x5yFC8ZFajPC3JQjzJw_Sivh3_C9PC5dfy5Tv74Lc_I4buKjtOjhoIxke6ny6K-vvestmBbakxatX3HCns5r4
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 05 Mar 2023 06:34:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP9tLkr9W8Zi8iCOPw4GKCs&google_hm=ZAQ3-Bv_fLDbz6Pg6m9hhgAABGIAAAIB&google_nid=index&google_push=Aa02lx-cWGeMrbMXE6x5yFC8ZFajPC3JQjzJw_Sivh3_C9PC5dfy5Tv74Lc_I4buKjtOjhoIxke6ny6K-vvestmBbakxatX3HCns5r4
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 78B0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHkax9OGnBfDU2Fzrv-JR-4&google_cver=1&google_push=Aa02lx9zgiEkDGuVi1_kZ1QgulbVbMMPJBVx4t33PbE20iyEBdMcSsV0_bItzMAldwItiiCrdMDF8fAoKK_J...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9zgiEkDGuVi1_kZ1QgulbVbMMPJBVx4t33PbE20iyEBdMcSsV0_bItzMAldwItiiCrdMDF8fAoKK_JpDuSatg9H28-Rvd9a68
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9zgiEkDGuVi1_kZ1QgulbVbMMPJBVx4t33PbE20iyEBdMcSsV0_bItzMAldwItiiCrdMDF8fAoKK_JpDuSatg9H28-Rvd9a68
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9zgiEkDGuVi1_kZ1QgulbVbMMPJBVx4t33PbE20iyEBdMcSsV0_bItzMAldwItiiCrdMDF8fAoKK_JpDuSatg9H28-Rvd9a68
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 78B0
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEHkax9OGnBfDU2Fzrv-JR-4&google_cver=1&google_push=Aa02lx_sB-FiKU2C4JdN4_hdI3eQhxf_WIpYZCGXyfJ4VF7rBoZBQQftAzL2E7KrprGUq-t8FBmyZYUBsDV...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_sB-FiKU2C4JdN4_hdI3eQhxf_WIpYZCGXyfJ4VF7rBoZBQQftAzL2E7KrprGUq-t8FBmyZYUBsDVNb0duKpQvemdeSi7nFpeC
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 78B0
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEGLw3oG1XI6bHJYv5fwNXN4&google_cver=1&google_push=Aa02lx8xsFmdyv-qR...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEGLw3oG1XI6bHJYv5fwNXN4%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTU0NDA4Mzg4NTE2MzA2MTE%3D&google_gid=CAESEGLw3oG1XI6bHJYv5fwNXN4&google_cver=1&google_push=Aa02lx8xsFmdyv-qRSGiN70syzx4ssOe56tKLnEq...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTU0NDA4Mzg4NTE2MzA2MTE%3D&google_gid=CAESEGLw3oG1XI6bHJYv5fwNXN4&google_cver=1&google_push=Aa02lx8xsFmdyv-qRSGiN70syzx4ssOe56tKLnEqCAFJsbmLGvX3uw2co5I2ghRUds2GYIrY5CS4l1Rf-p0ccV5ehD-cJ15F7bdEEwS9
Protocol
H2
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 05 Mar 2023 06:34:32 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
41245d47-6bb7-4e87-a447-e26ac153bea2
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=OTU0NDA4Mzg4NTE2MzA2MTE%3D&google_gid=CAESEGLw3oG1XI6bHJYv5fwNXN4&google_cver=1&google_push=Aa02lx8xsFmdyv-qRSGiN70syzx4ssOe56tKLnEqCAFJsbmLGvX3uw2co5I2ghRUds2GYIrY5CS4l1Rf-p0ccV5ehD-cJ15F7bdEEwS9
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 78B0
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENar1sYZ6...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENa...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b5916d50-c082-4826-9f72-406c753db529&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b5916d50-c082-4826-9f72-406c753db529&%%GOOGLE_PUSH_PAIR%%
Protocol
H3
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b5916d50-c082-4826-9f72-406c753db529&%%GOOGLE_PUSH_PAIR%%
date
Sun, 05 Mar 2023 06:34:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 78B0 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaVNZBOWf-Gy3aLuPMYYyhAriGFh_Xgw2hYFxZ5N6wN_E9KEKoFVG5wm2GgpsQZGS1hYMxxKag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sun, 05 Mar 2023 06:34:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5795
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:32 GMT
expires
Sun, 05 Mar 2023 06:34:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 05 Mar 2023 06:34:32 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
pagead2.googlesyndication.com/bg/ Frame 5CDE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/I2AVw-E8vr7fia97GFekWL1oTCJcTvshaudARuK5faA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333622729487422&output=html&h=280&adk=697414510&adf=3840399070&pi=t.aa~a.1381849204~i.5~rp.4&w=904&fwrn=4&fwrnh=100&lmt=1677998072&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3459654250&ad_type=text_image&format=904x280&url=https%3A%2F%2Fabiturhelfer.de%2F&fwr=0&pra=3&rh=200&rw=904&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677998072030&bpp=2&bdt=980&idt=2&shv=r20230301&mjsv=m202302270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D58a51bfbc450c974-2256ebb542dd0053%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q&gpic=UID%3D00000bbf324fe870%3AT%3D1677998071%3ART%3D1677998071%3AS%3DALNI_MbBtJT_5HZn27c443c_GPskVIljMw&prev_fmts=0x0&nras=2&correlator=947113865423&frm=20&pv=1&ga_vid=1021235909.1677998071&ga_sid=1677998071&ga_hid=1686400901&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=1484&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777876%2C31071870%2C31072715%2C31072726%2C31071662%2C31071976&oid=2&pvsid=2877483408293324&tmod=674503034&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=MBnxLQQctL&p=https%3A//abiturhelfer.de&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 13:26:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
61656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14266
x-xss-protection
0
last-modified
Tue, 28 Feb 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 13:26:56 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230301&jk=2877483408293324&bg=!7-yl7LjNAAbv3-2Ez987ADkAdvg8WlwIWy4DDYzbshniISMNzb5b2UyEOPPaMk4eeWTKv1etAHjUl3Wv6A5Db7UeHz7oeUJJtLkCAAAAn1IAAAACaAEHCgBg7qIf-mkOQGcbn0odTGMmly3U9lDlR22_RFHvYsyxvURkdKDrCM9X4yUJvIHQXfdPWfVLxhU35FCqXbSW7M3-tc6W4TONM0T8YoMetHcuUPGq66l4RIGnveIazMhAYZcCmQKhkOWn3BTWnIw1mpfDgcnXrbKxPx-UkBtS-v4nwiCpy1uMLv0Ks246a4Wg0wLaEjhEMpXbGzzpc0hXxuGxYDOdEb1__Y9dc8fNyROo4RaMUGJDzksfjGtXWJeWfZT3Vrv-KyFK8BCQTx2p80KIXmzzkP2v9kNQ3Kk9ttSsT5-NuXROhxhRuTrI6KKTsrNnuQQs-L5P_mU9wBk3drxVpGqPjkktDB7Tr_jyUWe8ThR9_Q2QfOefDtF0gKsvKcReAP0CpOPytSv64PKWrBsDCnq5dwvF3yGjJyBH_1RI81tIi1AakF89BiTnJDGmfkSW4Sxw_SfeF_0qx2qQJlHaQ4Ogy53tUccHkKmLhQ25CTx10_tkS0tnejC83ZAHh-nAENzJFS4KkBPfOp7NsUMyXAL9cIo2UZCdsjOkeEc135ySGAFxTi-FlfAogaY4wbuR4gTucd7HxDPWDk0qCN_3RzW7IGB3gICvByMpNzsavHch76Potp24_NrVaxdSm3QeYCWXJHwGZUGD88YrQlIkhWh59ndNIuxGHuZYBRvjruRxmE9ybN9bl61DrtEcFgRNihRe3CZYAPeUiX5qvQJa305QCJ9u4G206dzI8GdOIbKKqBCdLBAX60GT-eBUQgc1vAY2Wzhmpedft4mmVARnLeU_a9NS9qFUzBC1JAGkaNN9bS3FHgVXxxEk-p4MlAb89xnRRifztUF_4X78Ie7-jgKF_r1SZEWlvQeOOeySO_A2KZOHwIZlvusYI_wRXxb0RGDOV8c_FSprO5U6WZ__SnOhri0H2d0nU_4jL5BTXYtkvmu8Wx8O90yEJCRbnyuT6D3BSAc_zc9kQedesN9Zpwb3wFwNZ-j5PgCAvJ1HO8bCjQsFGxg5klzg9S_FPuc_7ViUyw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://abiturhelfer.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5FC1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstb-KogGPv1ht3Ab1f0wSZDO0SAnhMcdwXGQeCs8i7PtaQp5J_OFa41ETicS0Fy-MuCLxAAA6lGUCImNBnsNwqSiFWnmP9gNhi4smJNqGG5MpaXDqDCqUNmpv7mO5aARpr2ENLV8Q&sai=AMfl-YTaU7VNNetv1nNIn986JX3SUBNrvTeOLKKe4VTWv2S7iG8VpXJ7aJ7RcK9zVcv0NSa3WIxLX115yP1b&sig=Cg0ArKJSzCfpdWkd13TAEAE&cid=CAQSGwDUE5yml9m13Zd8fkwZWjIA_3mtaNequ9GPGBgB&id=lidar2&mcvt=1000&p=1,0,83.84375,646&mtos=0,836,1000,1028,1066&tos=0,836,164,28,38&v=20230301&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677998072116&rpt=190&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Mar 2023 06:34:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| $ function| jQuery function| google_spfd number| google_unique_id object| google_sv_map string| GoogleAnalyticsObject function| ga string| gaProperty string| disableStr function| gaOptout object| twentyseventeenScreenReaderText object| jQuery1124038449392057923726 object| wp object| twemoji object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp number| google_lpabyc object| GoogleGcLKhOms object| googletag

20 Cookies

Domain/Path Name / Value
.abiturhelfer.de/ Name: _ga
Value: GA1.2.1021235909.1677998071
.abiturhelfer.de/ Name: _gid
Value: GA1.2.459222402.1677998071
.abiturhelfer.de/ Name: _gat
Value: 1
.abiturhelfer.de/ Name: __gads
Value: ID=58a51bfbc450c974-2256ebb542dd0053:T=1677998071:RT=1677998071:S=ALNI_MZBrr4SjHrDqmH4mKQVVICnHswC5Q
.abiturhelfer.de/ Name: __gpi
Value: UID=00000bbf324fe870:T=1677998071:RT=1677998071:S=ALNI_MbBtJT_5HZn27c443c_GPskVIljMw
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnSJB_BzCumCeyurMEuvVD0x6ASnnvDZANqPX13xPTrRgqzoNSRZcCu5CCLyWc
.adnxs.com/ Name: uuid2
Value: 95440838851630611
.casalemedia.com/ Name: CMID
Value: ZAQ3.Bv-fLDbz6Pg6m9hhgAA
.casalemedia.com/ Name: CMPS
Value: 1122
.casalemedia.com/ Name: CMPRO
Value: 1122
.de17a.com/ Name: guid
Value: 1.4753993263281516613
.bidswitch.net/ Name: c
Value: 1677998072
.bidswitch.net/ Name: tuuid_lu
Value: 1677998072
.bidswitch.net/ Name: tuuid
Value: b5916d50-c082-4826-9f72-406c753db529
.sportradarserving.com/ Name: zuuid
Value: c1252380-c4e0-44db-b7e9-a885ec7ece29
.sportradarserving.com/ Name: c
Value: 1677998073
.sportradarserving.com/ Name: zuuid_lu
Value: 1677998073
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1677998073

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
abiturhelfer.de
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
secure.adnxs.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vengvi.uber.space
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
172.217.23.98
185.80.39.216
185.89.210.90
213.155.156.182
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9a
2a00:d0c0:200:0:c8b3:e2ff:fe13:3959
3.120.90.14
3.127.132.6
51.38.120.206
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333
08c64a22f495b3eec554da914b04fb6324ec2d910ec4a455646c628e793a04d2
0ab5520384598a50eb366d83f5f674ff819da88d5b97238dbfa09fece23b3968
0af4fe966a9de722647ccfe847ff10d0e843d5bbb7eab1d860140d494db57ee1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cd7d6c7396ac1b47078c665fe5f9a0287a6c61bb156b923c51a09e671b970c3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2103f160be70fc9b9f563dc9ca29835af9926159c9aa5fc9376d664a1a759c2e
2239a19a7e1a0de48855d1191f317bcc37b6a9a12c47ba362ddfc75bc333e6bb
236015c3e13cbebedf89af7b1857a458bd684c225c4efb216ae74046e2b97da0
258af51a5e10e796639702d81aac6eb41cbd458ec7e2413f47f6bbc452a4893a
2a4fbb593eb5064bfe104984267ee95f421416e72dd150a87e4c4124e236c424
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
403bc1b821990d313902dc47e3521a05f095b0a947c9a46d9f6862a952546235
48a3803c66697398863063eaad8263078145e5d97110d0b777a7347640a5afc6
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582cad98453cbeca6ff1434e10b63bd8c9c8460b2de76bb735d77df89a44b3c9
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5de4dc7afcaf8ffffe29daa61a300ea9f8cd5424b815e7bd972439cd84316e5f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6414a10a1d340c9a95a9c7051c0fe1194363d339d0a53318a5fb13255c1ff3ae
666233ba7de9a030068b01b45bfd0ab16e49103b0ec630c2b73b288352d0cc46
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7a2c59bafe23ba593ee98844bb7c48a2e5accda9048c572238ee3d0c6bb8e8b6
8740708bccc09a7210f44596394f7ebf8fa418d7155130c7e7088b2375b5df2c
91153bd979764a0e13227f44978fb4dfc066062f25ef9de5c9ca8c705e257e00
95309410230b1d3148e52211dcee018bfa011a2d69e9d7d6f81164035e8518a0
97f583b5bc78d09e1081f8962123c948f5cb0dce5692bf82862e6b1d1a911198
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b19412cd3c1dfd0ae14c188ee6b6de99ec9bb92f29d4d8539a2d4eb48c008e8e
b5dc8a0ea6886f4daba8c6e6b722071a21796725c2c59ea0ce264d0d7019de52
b6257b943845e5b82bdb41dd5f2eff94a6bfe91cd395b7df837d3d63d2e515ce
bc6f957f676ddc539deb793f3aa704e146a9d4d315d979dfcbcf50ea63dcfde7
beeb2cafcb4472a7cc6ebc34432e3dcaa63acfb7ff9f4e876d3bf6432798e4c9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
d6a2ec240f8adc5052cb9df96a33199c65de4c58457de2aca485120f70e53c89
df64e42095343505664a1d694617e4eec445c3e808f16467184a2f5b606c0b3a
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e37316f20ee8564506ca9dbf035ba412ef6f79d7fd534c98b6f7d2bd49e11dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f40c135c6224ebfe30995de4da00661ceb32a0d6440e838e9ccbfc5a6128ca48
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f87825918913399e5758013958101a820da191110957757901d7210d6dc79a8b
f8c6942fab378b6e0fa189f198139cfda3616cdf9151a80ba3f111c50c3381fe
fb874dc17127d3b8b55d7dd1a05a7481cbf258273583206381706b599ac4d49c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48