www.hs3uka.com Open in urlscan Pro
119.59.104.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apps.hs3uka.com/
Effective URL:
https://www.hs3uka.com/
Submission: On September 29 via api (September 29th 2021, 11:02:11 pm UTC) from GB — Scanned from DE

Summary HTTP 110 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 16 domains to perform 110 HTTP transactions. The main IP is 119.59.104.14, located in Thailand and belongs to METRABYTE-TH 453 Ladplacout Jorakhaebua, TH. The main domain is www.hs3uka.com.
TLS certificate: Issued by R3 on July 31st 2021. Valid for: 3 months.

This is the only time www.hs3uka.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	119.59.104.14 119.59.104.14	56067 (METRABYTE...) (METRABYTE-TH 453 Ladplacout Jorakhaebua)
7	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
18	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
34	142.250.186.129 142.250.186.129	() ()
3 6	142.250.186.166 142.250.186.166	() ()
5	142.250.185.194 142.250.185.194	() ()
3 4	142.250.185.196 142.250.185.196	() ()
2	142.250.185.234 142.250.185.234	() ()
3	172.217.23.99 172.217.23.99	() ()
110	13

24 119.59.104.14 (Thailand) 1 redirects

ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH)

apps.hs3uka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.hs3uka.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.186.129 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.166 (None, ) 3 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.196 (None, ) 3 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.99 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	678 KB
24	doubleclick.net 3 redirects googleads.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net Failed	205 KB
24	hs3uka.com 1 redirects apps.hs3uka.com www.hs3uka.com	2 MB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
5	googletagservices.com www.googletagservices.com	186 KB
3	gstatic.com www.gstatic.com	12 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	facebook.net connect.facebook.net	77 KB
1	googleadservices.com partner.googleadservices.com	656 B
0	adingo.jp Failed cc.adingo.jp Failed
0	innovid.com Failed ag.innovid.com Failed
0	casalemedia.com Failed ssum-sec.casalemedia.com Failed
0	mookie1.com Failed odr.mookie1.com Failed
0	addthis.com Failed e.dlx.addthis.com Failed
0	walmart.com Failed beacon.walmart.com Failed
0	rlcdn.com Failed id.rlcdn.com Failed
110	16

	Domain	Requested by
34	tpc.googlesyndication.com	apps.hs3uka.com googleads.g.doubleclick.net tpc.googlesyndication.com
23	www.hs3uka.com	1 redirects www.hs3uka.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com apps.hs3uka.com googleads.g.doubleclick.net
7	pagead2.googlesyndication.com	www.hs3uka.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	ad.doubleclick.net	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.google.com	3 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	connect.facebook.net	www.hs3uka.com connect.facebook.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	apps.hs3uka.com
0	cm.g.doubleclick.net Failed	googleads.g.doubleclick.net
0	cc.adingo.jp Failed	googleads.g.doubleclick.net
0	ag.innovid.com Failed	googleads.g.doubleclick.net
0	ssum-sec.casalemedia.com Failed	googleads.g.doubleclick.net
0	odr.mookie1.com Failed	googleads.g.doubleclick.net
0	e.dlx.addthis.com Failed	googleads.g.doubleclick.net
0	beacon.walmart.com Failed	googleads.g.doubleclick.net
0	id.rlcdn.com Failed	googleads.g.doubleclick.net
110	21

This site contains links to these domains. Also see Links.

Domain
www.penguinsim.com
wordpress.org
themezee.com

Subject Issuer	Validity	Valid
hs3uka.com R3	`2021-07-31` - `2021-10-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 20 frames:

Primary Page: https://www.hs3uka.com/
Frame ID: 87760C5676C921B48C2497BB7F9461D9
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 9ED5BD4CD63E82B468AB6C9B272C12F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121
Frame ID: BAFFFF56E8C99ADFCC8D472ED93A9115
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144
Frame ID: DBFB3739B6DD5EA343047C744D9517F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156
Frame ID: 262A87F18A4EDA09A82F29703AE26A73
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&adk=1812271804&adf=3025194257&lmt=1632956528&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hs3uka.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528956&bpp=1&bdt=1162&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280%2C856x280&nras=1&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=6
Frame ID: D7E049CF6025B3016F50EC7610098CBE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html
Frame ID: 4235241330549BE2E21991CF0DC6464D
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CLT3mY-lpfMCFTnquwgdxb4Nyg;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: DEA4C49CC76A037B705AF26713D71553
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html
Frame ID: 34306FAF386593663C85C203F36BE586
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_pre=COujno-lpfMCFQKXdwod_1ICUA;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 4F3E058A0B9C98D257C6C86A1207D1A9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 79210E972DD5D5938C56E8BF3EC11B6C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html
Frame ID: 60957F12462CC637F01C75B40725D893
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_pre=CMbaoI-lpfMCFdMViwodXDsLsg;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
Frame ID: EC843189DA58DFDEB3B05F417943883A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33
Frame ID: A4A1E16F35615C8AD6CB756A44E72C11
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 79D58D4B2218D3FDA0B8BA83A52DF262
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: F375D3823A8FFE2B8AF2E25F40AB6D77
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9B3A9C978D3B3A1B00B880401CF75C37
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E5F7271C3D6E227C9C1F91DBF89D0D3F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BA5DFD208964DE0DDF63F41FBEC4ADF1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F592888538707CC4482BF90AE66B5559
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HS3UKA.COM – บทความคอมพิวเตอร์ อิเล็กทรอนิกส์ วิทยุสมัครเล่น

Page URL History Show full URLs

https://apps.hs3uka.com/ Page URL
http://www.hs3uka.com/ HTTP 301
https://www.hs3uka.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

110
Requests

92 %
HTTPS

0 %
IPv6

16
Domains

21
Subdomains

13
IPs

3
Countries

2767 kB
Transfer

5582 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.penguinsim.com/
Title: เว็บซิมเพนกวิน

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

URL: https://themezee.com/themes/dynamicnews/
Title: Dynamic News

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://apps.hs3uka.com/ Page URL
http://www.hs3uka.com/ HTTP 301
https://www.hs3uka.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CLT3mY-lpfMCFTnquwgdxb4Nyg;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 42

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_pre=COujno-lpfMCFQKXdwod_1ICUA;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 50

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_pre=CMbaoI-lpfMCFdMViwodXDsLsg;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

110 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
apps.hs3uka.com/ 457 B
542 B 727ms
229ms Document
text/html 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: apps.hs3uka.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 29 Sep 2021 23:02:11 GMT
content-type: text/html
content-length: 303
x-accel-version: 0.01
etag: "1c9-4fb403d31df80-gzip"
accept-ranges: bytes
cache-control: max-age=3600
expires: Thu, 30 Sep 2021 00:02:11 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy

GET
H2

200

Primary Request / Show response
www.hs3uka.com/
Redirect Chain

http://www.hs3uka.com/
https://www.hs3uka.com/

48 KB
10 KB

776ms
775ms

Document
text/html

119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 6fb97ab4130b323b6d273df4873a78d3f2450b45c8dcd313e2be2b0504e14f80

Request headers

:method: GET
:authority: www.hs3uka.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://apps.hs3uka.com/

Response headers

server: nginx
date: Wed, 29 Sep 2021 23:02:13 GMT
content-type: text/html; charset=UTF-8
content-length: 10367
link: <https://www.hs3uka.com/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=3600
expires: Thu, 30 Sep 2021 00:02:13 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy

Redirect headers

Server: nginx
Date: Wed, 29 Sep 2021 23:02:12 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 231
Connection: keep-alive
Location: https://www.hs3uka.com/

GET
H2 200 custom-fonts.css
www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/ 2 KB
718 B 461ms
459ms Stylesheet
text/css 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 5e9549dcf4e69eac1bdcde3f6cd80ac2a9e0f46788aaab79c4cf64d4c357e163

Request headers

:path: /wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 01:21:26 GMT
server: nginx
etag: W/"60bec616-9dd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 style.min.css
www.hs3uka.com/wp-includes/css/dist/block-library/ 79 KB
14 KB 459ms
457ms Stylesheet
text/css 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 23:36:35 GMT
server: nginx
etag: W/"613bec03-13abe"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 style.css
www.hs3uka.com/wp-content/themes/dynamic-news-lite/ 54 KB
13 KB 232ms
231ms Stylesheet
text/css 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/style.css?ver=1.6.7
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 00ada518c05526ce852a14ba026d02c9919b2698c562a29f554d2afc3d726a33

Request headers

:path: /wp-content/themes/dynamic-news-lite/style.css?ver=1.6.7
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 01:21:25 GMT
server: nginx
etag: W/"60bec615-d776"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 genericons.css
www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/genericons/ 28 KB
16 KB 460ms
458ms Stylesheet
text/css 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/genericons/genericons.css?ver=3.4.1
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

:path: /wp-content/themes/dynamic-news-lite/css/genericons/genericons.css?ver=3.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 01:21:26 GMT
server: nginx
etag: W/"60bec616-6e6a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 jquery.min.js Show response
www.hs3uka.com/wp-includes/js/jquery/ 87 KB
35 KB 461ms
460ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 23:36:36 GMT
server: nginx
etag: W/"613bec04-15db1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.hs3uka.com/wp-includes/js/jquery/ 11 KB
5 KB 682ms
681ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 05:32:06 GMT
server: nginx
etag: W/"607e6756-2bd8"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 navigation.js Show response
www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/ 4 KB
1 KB 460ms
459ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/navigation.js?ver=20210324
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 3fdcdfd20f719bd492a121fcd444f0dd6524bb3da0421f42ea8581fc63fcd759

Request headers

:path: /wp-content/themes/dynamic-news-lite/js/navigation.js?ver=20210324
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 01:21:26 GMT
server: nginx
etag: W/"60bec616-e73"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 sidebar.js Show response
www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/ 3 KB
1 KB 460ms
459ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/sidebar.js?ver=20210324
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: d0ee3870dcefaa10fb84c35cc3eecf01760c7743f2906f5ce3fcd47f302ccb22

Request headers

:path: /wp-content/themes/dynamic-news-lite/js/sidebar.js?ver=20210324
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:13 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 01:21:26 GMT
server: nginx
etag: W/"60bec616-a87"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:13 GMT

GET
H2 200 cropped-chips_electronic_wallpaper.jpg
www.hs3uka.com/wp-content/uploads/2014/11/ 80 KB
80 KB 233ms
232ms Image
image/jpeg 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hs3uka.com/wp-content/uploads/2014/11/cropped-chips_electronic_wallpaper.jpg
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 7f81f34316ca2e866324c8f94de3e657c44caf057bffd8876eb6d748a8920af9

Request headers

:path: /wp-content/uploads/2014/11/cropped-chips_electronic_wallpaper.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
last-modified: Sun, 16 Nov 2014 03:00:08 GMT
server: nginx
etag: "54681338-13ef8"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 81656
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 104ms
50ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hs3uka.com
URL: https://www.hs3uka.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2b9d8f134f92b518f4abd954c7fa61c95fd4fb6e8ee6c2e65fdfd5668ee99030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49995
x-xss-protection: 0
server: cafe
etag: 6661097763461573863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:02:08 GMT

GET
H2 200 dashicons.min.css
www.hs3uka.com/wp-includes/css/ 58 KB
36 KB 227ms
227ms Stylesheet
text/css 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path: /wp-includes/css/dashicons.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 05:32:06 GMT
server: nginx
etag: W/"607e6756-e688"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 thickbox.css
www.hs3uka.com/wp-includes/js/thickbox/ 3 KB
1 KB 227ms
226ms Stylesheet
text/css 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/js/thickbox/thickbox.css?ver=5.8.1
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

:path: /wp-includes/js/thickbox/thickbox.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 05:32:07 GMT
server: nginx
etag: W/"607e6757-a63"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 wp-embed.min.js Show response
www.hs3uka.com/wp-includes/js/ 1 KB
974 B 440ms
439ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 18:57:02 GMT
server: nginx
etag: W/"60788c7e-592"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 thickbox.js Show response
www.hs3uka.com/wp-includes/js/thickbox/ 13 KB
5 KB 440ms
440ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4

Request headers

:path: /wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 05:32:07 GMT
server: nginx
etag: W/"607e6757-338a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.hs3uka.com/wp-includes/js/ 18 KB
6 KB 437ms
437ms Script
application/x-javascript 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
content-encoding: gzip
last-modified: Fri, 10 Sep 2021 23:36:37 GMT
server: nginx
etag: W/"613bec05-4705"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 ubuntu-v11-latin-ext_latin-regular.woff2
www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/ 65 KB
65 KB 437ms
437ms Font
application/font-woff2 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/ubuntu-v11-latin-ext_latin-regular.woff2
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 9738e74b15ccfde5d94d73c5f7fff840e1c58027b9e4a34c4be6a198ea590daf

Request headers

:path: /wp-content/themes/dynamic-news-lite/fonts/ubuntu-v11-latin-ext_latin-regular.woff2
pragma: no-cache
origin: https://www.hs3uka.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Origin: https://www.hs3uka.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
last-modified: Tue, 08 Jun 2021 01:21:26 GMT
server: nginx
etag: "60bec616-10450"
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 66640
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 francois-one-v11-latin-ext_latin-regular.woff2
www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/ 25 KB
25 KB 448ms
448ms Font
application/font-woff2 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/francois-one-v11-latin-ext_latin-regular.woff2
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb

Request headers

:path: /wp-content/themes/dynamic-news-lite/fonts/francois-one-v11-latin-ext_latin-regular.woff2
pragma: no-cache
origin: https://www.hs3uka.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Origin: https://www.hs3uka.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
last-modified: Tue, 08 Jun 2021 01:21:26 GMT
server: nginx
etag: "60bec616-6298"
content-type: application/font-woff2
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25240
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.hs3uka.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 Tourist-Ham-VR.jpg
www.hs3uka.com/wp-content/uploads/2016/10/ 155 KB
155 KB 295ms
295ms Image
image/jpeg 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hs3uka.com/wp-content/uploads/2016/10/Tourist-Ham-VR.jpg
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 902bee017260c8706075d13f73ede9e212f1c41d8d29248ac0cdb9f68458c424

Request headers

:path: /wp-content/uploads/2016/10/Tourist-Ham-VR.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:14 GMT
last-modified: Sun, 09 Oct 2016 02:45:49 GMT
server: nginx
etag: "57f9af5d-26bf0"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 158704
expires: Thu, 29 Sep 2022 23:02:14 GMT

GET
H2 200 P_20160807_135711.jpg
www.hs3uka.com/wp-content/uploads/2016/08/ 378 KB
379 KB 474ms
470ms Image
image/jpeg 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hs3uka.com/wp-content/uploads/2016/08/P_20160807_135711.jpg
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: dc35fafb2856c869d5af4bb7da3420db82762479350bc2f90af36ea2a8f67ec4

Request headers

:path: /wp-content/uploads/2016/08/P_20160807_135711.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:15 GMT
last-modified: Mon, 08 Aug 2016 10:59:43 GMT
server: nginx
etag: "57a8661f-5e8aa"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 387242
expires: Thu, 29 Sep 2022 23:02:15 GMT

GET
H2 200 P_20160710_142446.jpg
www.hs3uka.com/wp-content/uploads/2016/07/ 436 KB
437 KB 241ms
240ms Image
image/jpeg 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hs3uka.com/wp-content/uploads/2016/07/P_20160710_142446.jpg
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 5a7454cee17704354767d21916d1ed9b87db69cfc2a3884d98542a88a3eca09d

Request headers

:path: /wp-content/uploads/2016/07/P_20160710_142446.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:15 GMT
last-modified: Wed, 13 Jul 2016 05:53:28 GMT
server: nginx
etag: "5785d758-6d19f"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 446879
expires: Thu, 29 Sep 2022 23:02:15 GMT

GET
H2 200 P_20150420_115111.jpg
www.hs3uka.com/wp-content/uploads/2016/04/ 291 KB
291 KB 443ms
442ms Image
image/jpeg 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hs3uka.com/wp-content/uploads/2016/04/P_20150420_115111.jpg
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: b1619779d9188d22bb7cd8af4bc50f7186522fca16b597bd026c6c510fb28b23

Request headers

:path: /wp-content/uploads/2016/04/P_20150420_115111.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:15 GMT
last-modified: Wed, 06 Apr 2016 12:52:35 GMT
server: nginx
etag: "57050693-48a7e"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 297598
expires: Thu, 29 Sep 2022 23:02:15 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 78ms
23ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.hs3uka.com
URL: https://www.hs3uka.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

17b1aa736abfe31da9cfa6f2777bf05e4138fab73abdd0f715806f78681ce2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3BsHpZeVFuSv7Hu34Pl8xg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: mN8jaHrSevG40jXG4ux0+1TDM9u9EK9iHW1TU7I/6lbgYXg36jb3muXe92tCngsWmXF42xrDSzMk7vCcl2bI/A==
x-fb-trip-id: 686109401
x-fb-content-md5: f4b162cbb51aa90e06c7cc227da5f583
x-frame-options: DENY
date: Wed, 29 Sep 2021 23:02:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5181077bc43e940ddeaaeef818830e6b"
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:18:53 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 255 KB
95 KB 51ms
50ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96603
x-xss-protection: 0
server: cafe
etag: 5043874018115547463
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:02:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 9ED5 10 KB
5 KB 467ms
35ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 29 Sep 2021 05:23:04 GMT
expires: Wed, 13 Oct 2021 05:23:04 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 63545
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 264 KB
75 KB 63ms
24ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=32915fba4b31ff8da4d34b19b687b388

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

9fe967f25c7818876097da597b8adb36049f9917789f06d3704b34d75998b294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hs3uka.com/
Origin: https://www.hs3uka.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: RBQ8FELXz7DEnibVIFJOwQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76345
x-fb-rlafr: 0
x-fb-debug: caUgDVAd3GzRBdOH143YvfklybiGUG4AdQbYeppALJngTjgliFALoBsrNLIHuY/Rknes+NcmHTGvAgIP3OwOQw==
x-fb-content-md5: f78045fd6a5580453c3ef5b1cf355203
x-frame-options: DENY
date: Wed, 29 Sep 2021 23:02:08 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1988532f7b97ea0a4c873b8e8f5b8d06"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Sep 2022 22:05:15 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
656 B 385ms
42ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.hs3uka.com&callback=_gfp_s_&client=ca-pub-9550899622990799

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e701577265c58e50b8a343b8cbe3f803536d589c6b94127a03416d048e9281df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 373ms
33ms Script
application/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hs3uka.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Sep 2021 23:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BAFF 123 KB
39 KB 550ms
537ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2b4b2bb9ad1fffb410c63f901e0761abc4cb5c29af3f27171335831ff91dee74

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI-56o6lpfMCFSmCgwcdxJcEgg&gqi=cfBUYeWCCfuAjuwPxKaFiAw&layout=/sadbundle/%24csp%253Der3%24/6106022246456534406/970x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI-56o6lpfMCFSmCgwcdxJcEgg&gqi=cfBUYeWCCfuAjuwPxKaFiAw&layout=/sadbundle/%24csp%253Der3%24/6106022246456534406/970x250/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Sep 2021 23:02:09 GMT
server: cafe
content-length: 39246
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 23:17:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:09 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DBFB 135 KB
43 KB 533ms
522ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

45893eb2b671c29ae201ad4c4da36e26b78f1af891ffd8bb9d97f705d9319c15

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOf646lpfMCFY1EHQkdJtwJjw&gqi=cfBUYeHACcmS3gPozoXgCw&layout=/sadbundle/%24csp%253Der3%24/10684766324861814094/970x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOf646lpfMCFY1EHQkdJtwJjw&gqi=cfBUYeHACcmS3gPozoXgCw&layout=/sadbundle/%24csp%253Der3%24/10684766324861814094/970x250/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Sep 2021 23:02:09 GMT
server: cafe
content-length: 42932
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 23:17:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:09 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 262A 135 KB
43 KB 368ms
359ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a251d9b4041f062df7015ce988c33da08db3c35262fc68ea9703998f60877205

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIPS6o6lpfMCFQOOhQodS2YOjA&gqi=cfBUYZmBCYWk3gPd3LHgDA&layout=/sadbundle/%24csp%253Der3%24/9984326474548969993/970x250/banner/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIPS6o6lpfMCFQOOhQodS2YOjA&gqi=cfBUYZmBCYWk3gPd3LHgDA&layout=/sadbundle/%24csp%253Der3%24/9984326474548969993/970x250/banner/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Sep 2021 23:02:09 GMT
server: cafe
content-length: 42816
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 23:17:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:09 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D7E0 167 KB
42 KB 468ms
461ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&adk=1812271804&adf=3025194257&lmt=1632956528&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hs3uka.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528956&bpp=1&bdt=1162&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280%2C856x280&nras=1&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

76ab09f3dfecde51c3f673c5dd0bc88b670d7026dca5655cd633cd5cd671730a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9550899622990799&output=html&adk=1812271804&adf=3025194257&lmt=1632956528&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hs3uka.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528956&bpp=1&bdt=1162&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280%2C856x280&nras=1&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Sep 2021 23:02:09 GMT
server: cafe
content-length: 42690
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 23:17:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:09 GMT
cache-control: private

GET
H2 200 loadingAnimation.gif
www.hs3uka.com/wp-includes/js/thickbox/ 15 KB
15 KB 443ms
442ms Image
image/gif 119.59.104.14
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hs3uka.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: nginx /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

:path: /wp-includes/js/thickbox/loadingAnimation.gif
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hs3uka.com
referer: https://www.hs3uka.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:15 GMT
last-modified: Sat, 15 Nov 2014 05:32:45 GMT
server: nginx
etag: "5466e57d-3b86"
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15238
expires: Thu, 29 Sep 2022 23:02:15 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/ Frame 4235 2 KB
2 KB 424ms
45ms Document
text/html 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Requested by

Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6d432a9d7fadd1e54f7291cd96edbfb984c442ff6223c88a2896c7d0d24d1403

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 881
date: Fri, 24 Sep 2021 11:44:42 GMT
expires: Sat, 24 Sep 2022 11:44:42 GMT
last-modified: Fri, 17 Sep 2021 10:17:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 472647
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

B26466194.314208247;dc_pre=CLT3mY-lpfMCFTnquwgdxb4Nyg;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame DEA4
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CLT3mY-lpfMCFTnquwgdxb4Nyg;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag...

42 B
63 B

71ms
41ms

Fetch
image/gif

142.250.186.166

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CLT3mY-lpfMCFTnquwgdxb4Nyg;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 23:02:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 23:02:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B26466194.314208247;dc_pre=CLT3mY-lpfMCFTnquwgdxb4Nyg;dc_trk_aid=506904076;dc_trk_cid=157806424;ord=1725125249;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DEA4 0
0 105ms
68ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CC3eccfBUYcPVCYOclgTLzLngCMrK0qllxqLz6NEO3NkeEAEg7sL2EGDJBqAB9Li_xQPIAQmoAwHIA0iqBLoBT9CM5Q-Ky-y0bSupkNzONp_iKhVSsPSoFhjycyZSTl7Da-XaR6JLkC3inyegeyyZxeDze3u2EADtWwJF0InxCx5onlUd-c7R26866kI-HbULPX2RbrwCPnTla3cQj8XfV8-sGW5YfdFwfD134SdD03eiyJN50lqM7zpaHyGCKLpebknb2SRjvqJAGkq5dR6xpeuioi2ydSpNlOJ68jO1TS5-7BQ_X6JSlnKtNbENfl3TW98bDudKE-V5wASexaqj1AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmeqRowGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEOKWGtIIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTU1MDg5OTYyMjk5MDc5ORgA&sigh=olCcd-aIEgc&template_id=419

Requested by

Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 29 Sep 2021 23:02:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 29 Sep 2021 23:02:09 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame DEA4 18 KB
8 KB 397ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:49:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame DEA4 3 KB
1 KB 415ms
38ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 938
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:46:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEA4 122 KB
37 KB 922ms
545ms Script
text/javascript 142.250.185.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 29 Sep 2021 23:02:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame DEA4 14 KB
6 KB 400ms
23ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:58:28 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/ Frame 3430 2 KB
899 B 59ms
22ms Document
text/html 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html

Requested by

Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7bd43318e40e244e9fa12bfa8cfa3d9b35c17a4f0376d0b19b84544feee8e6a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 871
date: Mon, 27 Sep 2021 15:49:53 GMT
expires: Tue, 27 Sep 2022 15:49:53 GMT
last-modified: Tue, 16 Feb 2021 14:38:51 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 198737
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

B25226572.294012057;dc_pre=COujno-lpfMCFQKXdwod_1ICUA;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 4F3E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_pre=COujno-lpfMCFQKXdwod_1ICUA;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_...

42 B
63 B

43ms
43ms

Fetch
image/gif

142.250.186.166

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_pre=COujno-lpfMCFQKXdwod_1ICUA;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 23:02:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 23:02:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B25226572.294012057;dc_pre=COujno-lpfMCFQKXdwod_1ICUA;dc_trk_aid=487187125;dc_trk_cid=144929394;ord=398174187;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F3E 0
0 64ms
63ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsEGicfBUYc-8CamEjuwPxK-SkAjQiNKpZcDzoLO8DdzZHhABIO7C9hBgyQagAfS4v8UDyAEJqAMByANIqgS3AU_QW6F8T0PZsPp7hcFddPYKm4Deo1sLrV7zKFJwSq2M_yjrYVX4YDDqLgEMcI6rMOv6YI5llfUEjJS1QZ_2PNKmxyeJiBxD9hrmJHIRpAr0WBHTXGnuW8hI_-ONT-AJVerVCB47knu0NQS4BY4FXGCHxq_XU6E3dUXUWKrI-xG1V7PR_t_HHNkIj7XZYyTIZLWDZgEyZetpsxFqiP4IUO_vK_3d12eGKS-3ve2Qnl6XAsVptMIPU8AEme7gtpoDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5nqkaMBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBD54CLSCAcIgGEQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk1NTA4OTk2MjI5OTA3OTkYAA&sigh=jXkHSYQTOAM&template_id=419

Requested by

Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 29 Sep 2021 23:02:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 4F3E 18 KB
7 KB 54ms
19ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:49:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 4F3E 3 KB
1 KB 60ms
25ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:46:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F3E 122 KB
37 KB 451ms
450ms Script
text/javascript 142.250.185.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 29 Sep 2021 23:02:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 4F3E 14 KB
6 KB 57ms
22ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:58:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7921 143 B
163 B 27ms
27ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528672&bpp=1&bdt=879&idt=146&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=X4DSsDt93X&p=https%3A//www.hs3uka.com&dtd=156

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 29 Sep 2021 23:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/ Frame 6095 2 KB
905 B 23ms
22ms Document
text/html 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html

Requested by

Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6f37a31a6b9fb0665ed636ebcf5623f1f345707b91423f5df5ad659d273b144f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 877
date: Tue, 28 Sep 2021 08:08:59 GMT
expires: Wed, 28 Sep 2022 08:08:59 GMT
last-modified: Thu, 22 Jul 2021 09:24:40 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 139991
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

B24649592.282244909;dc_pre=CMbaoI-lpfMCFdMViwodXDsLsg;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame EC84
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_pre=CMbaoI-lpfMCFdMViwodXDsLsg;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag...

42 B
63 B

40ms
39ms

Fetch
image/gif

142.250.186.166

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_pre=CMbaoI-lpfMCFdMViwodXDsLsg;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 23:02:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Sep 2021 23:02:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B24649592.282244909;dc_pre=CMbaoI-lpfMCFdMViwodXDsLsg;dc_trk_aid=476018774;dc_trk_cid=137626446;ord=4142266237;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EC84 0
0 66ms
66ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxLZbcfBUYaOjCo2J9fgPprin-AjQiNKpZdmV243vDdzZHhABIO7C9hBgyQagAfS4v8UDyAEJqAMByANIqgTOAU_Q8DNnS4eWIQR89asS1x_FDOXJNJHr1HGsePJf9Gi-d7xLqxFbAH9jrZrTPGPt5SHhc-9MYJgPELZUy_l8Ij3pXeh7teyjDG012CPJR6Jl9dK6By7kTE_K8E6zWKiQ_eHHQyLPmJUyImqmAfeRaBpqOCy_CPSrib_mJ6a6nJa-L8DY_VEMbi_CuPD-05bK_QpZatUF8f6rvR0DTY9k6mjZ0C41flV4yWmEqXE5UUC1oyCJXDTpKgeolij8QzpHozS_0j3_zoObTKkq-G4RwASZ7uC2mgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmeqRowGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEPvTGdIIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTU1MDg5OTYyMjk5MDc5ORgA&sigh=cvPBCD47aZY&template_id=419

Requested by

Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 29 Sep 2021 23:02:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame EC84 18 KB
7 KB 20ms
19ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:49:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame EC84 3 KB
1 KB 25ms
25ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:46:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC84 122 KB
38 KB 367ms
366ms Script
text/javascript 142.250.185.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 29 Sep 2021 23:02:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame EC84 14 KB
6 KB 22ms
22ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:58:28 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 142 KB
51 KB 39ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f0251e5919b517e6ab4783fbf49073baa359418f197b8f189350d50790a96306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52317
x-xss-protection: 0
server: cafe
etag: 53139206650774794
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:02:10 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 69ms
29ms Script
application/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hs3uka.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Sep 2021 23:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A4A1 70 KB
28 KB 416ms
415ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 29 Sep 2021 23:02:10 GMT
server: cafe
content-length: 28353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 79D5 143 B
163 B 30ms
29ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 29 Sep 2021 23:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F375 143 B
163 B 29ms
29ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 29 Sep 2021 23:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4235 9 KB
3 KB 21ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 30 Sep 2021 01:24:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4235 26 KB
10 KB 22ms
21ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:30:30 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/ Frame 4235 143 KB
40 KB 24ms
24ms Script
application/x-javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 472644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40854
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 10:17:17 GMT
server: sffe
date: Fri, 24 Sep 2021 11:44:46 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Sep 2022 11:44:46 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3430 9 KB
3 KB 32ms
31ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 30 Sep 2021 01:24:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3430 26 KB
10 KB 32ms
31ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:30:30 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/ Frame 3430 140 KB
39 KB 37ms
36ms Script
application/x-javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 479627
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40127
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 14:38:51 GMT
server: sffe
date: Fri, 24 Sep 2021 09:48:23 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Sep 2022 09:48:23 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/ Frame 9B3A 10 KB
5 KB 32ms
31ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hs3uka.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hs3uka.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 29 Sep 2021 06:24:23 GMT
expires: Wed, 13 Oct 2021 06:24:23 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 59867
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6095 9 KB
3 KB 43ms
42ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77852
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 30 Sep 2021 01:24:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6095 26 KB
10 KB 43ms
42ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84700
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 29 Sep 2021 23:30:30 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/ Frame 6095 143 KB
40 KB 45ms
44ms Script
application/x-javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 397168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40854
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 09:24:40 GMT
server: sffe
date: Sat, 25 Sep 2021 08:42:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Sep 2022 08:42:42 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 7921
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

40ms
40ms

Document
text/html

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Sep 2021 23:02:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 00:02:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Sep 2021 23:02:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/ Frame 3430 157 KB
17 KB 52ms
23ms XHR
application/json 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6106022246456534406/970x250/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6e7ac855fc61d2ae115eb4a789c061f77a05195e4961bd2274058d8fc066640b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 49734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16917
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 14:38:51 GMT
server: sffe
date: Wed, 29 Sep 2021 09:13:16 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Sep 2022 09:13:16 GMT

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/ Frame 4235 208 KB
24 KB 64ms
39ms XHR
application/json 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9984326474548969993/970x250/banner/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6856571223ea65394170de3bac959140d7eca67d79a11565ab013bc24b8cc0cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 472644
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24692
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 10:17:17 GMT
server: sffe
date: Fri, 24 Sep 2021 11:44:46 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Sep 2022 11:44:46 GMT

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/ Frame 6095 263 KB
17 KB 52ms
32ms XHR
application/json 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10684766324861814094/970x250/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

673cf2eba1d04a2276c1ae5aa6af8af4140e95db4769b3d02c5441ec9fbe0db6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 214724
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17142
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 09:24:40 GMT
server: sffe
date: Mon, 27 Sep 2021 11:23:26 GMT
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 11:23:26 GMT

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 3430 35 KB
13 KB 22ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 12:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 29 Sep 2022 12:52:15 GMT

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4235 35 KB
13 KB 23ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 12:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 29 Sep 2022 12:52:15 GMT

GET
H3 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6095 35 KB
13 KB 24ms
24ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 12:52:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 29 Sep 2022 12:52:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9B3A 4 KB
1 KB 92ms
35ms Stylesheet
text/css 142.250.185.234

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:12:53 GMT
server: ESF
date: Wed, 29 Sep 2021 23:02:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 23:02:10 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9B3A 205 B
764 B 84ms
29ms Image
image/png 172.217.23.99

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:24:04 GMT
x-content-type-options: nosniff
age: 13086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Sep 2022 19:24:04 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9B3A 604 B
695 B 85ms
29ms Image
image/png 172.217.23.99

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:13:48 GMT
x-content-type-options: nosniff
age: 13702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Sep 2022 19:13:48 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/elements/html/ Frame 9B3A 17 KB
8 KB 23ms
22ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7655
x-xss-protection: 0
server: cafe
etag: 17297134792721902632
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:18:04 GMT

GET
DATA 200
OK truncated
/ Frame EC84 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e7bc842011b6e1780dbea1b0463833976e89128a9726d4b42c9f1b44ca3f947

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4F3E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73497242dd14af6feef10b19b049fde3f9ec66ac77756f006cc7f92a5f8094f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DEA4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b55834002d71a8a6bd261eafb0fff02c5119c4428cb80d57a4cac05a01c328a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 79D5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

41ms
41ms

Document
text/html

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528666&bpp=5&bdt=873&idt=98&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=1502120275765&frm=20&pv=2&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=3&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Xhz37dGBL7&p=https%3A//www.hs3uka.com&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Sep 2021 23:02:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 00:02:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Sep 2021 23:02:11 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F375
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

71ms
71ms

Document
text/html

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632956528&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956528671&bpp=1&bdt=877&idt=141&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=whFKpIiqdn&p=https%3A//www.hs3uka.com&dtd=144

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Sep 2021 23:02:11 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 00:02:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 29 Sep 2021 23:02:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 29 Sep 2021 23:02:11 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 17608981366876599500
tpc.googlesyndication.com/daca_images/simgad/ Frame A4A1 127 KB
127 KB 22ms
22ms Image
image/png 142.250.186.129

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17608981366876599500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 21:54:29 GMT
x-content-type-options: nosniff
age: 349661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130480
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 11:27:43 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Sep 2022 21:54:29 GMT

GET
H3 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame A4A1 18 KB
7 KB 21ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:49:56 GMT

GET
H3 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame A4A1 3 KB
1 KB 24ms
23ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:46:31 GMT

GET
H3 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A4A1 122 KB
37 KB 85ms
43ms Script
text/javascript 142.250.185.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 29 Sep 2021 23:02:11 GMT

GET
H3 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame A4A1 14 KB
6 KB 21ms
21ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:58:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A4A1 0
0 102ms
40ms Image
text/html 142.250.185.196

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK_jGtn5waZvafc2rDL9q1NeGd8UIRyLwrQnKVG3iJmUCWUMqbdo3cQaNS0OqAKr2FxwDpe3JTh8g7pGKaEUiFfc3e5A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.196 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame A4A1 27 KB
11 KB 25ms
24ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 00:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82099
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 00:13:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A4A1 0
0 70ms
69ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRX5CcvBUYZnZB8XKlgSqz4rICsiN67Zkw8DHt7gOncfrj9wmEAEg7sL2EGDJBqABg7CdnwLIAQKoAwHIA8kEqgTAAU_QzxENut31RwXRLodJbxT4YBdACB2IR9LbIgu_gGquPjvvdJiircMdX1anyKnAn1DEtSv9T3yGXpSyfxTZLoftYM4UYUI_gvW_9tc8can4DpmcANVBUGEYRSvSibsIlbAcSoCmO9RZaWlItSH2_25sv8sKYw33vko6Uy0qlQZRtY7K2gU9_mqLBk5_L5knT02yR-s-TY5zeWd_-tLp4C8dSRf4ie8uNlWITdit4rigmbra1Q6PO6yfx5BKUD-SBsAEqK38tNsDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7zYj5QCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCQ-wjSCAcIgGEQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk1NTA4OTk2MjI5OTA3OTkYAA&sigh=YT5KiAocL9s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 29 Sep 2021 23:02:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E5F7 3 KB
578 B 82ms
43ms Stylesheet
text/css 142.250.185.234

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.234 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:08:26 GMT
server: ESF
date: Wed, 29 Sep 2021 23:02:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 23:02:11 GMT

GET
H3 200 load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame E5F7 1 KB
889 B 20ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3417
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:05:13 GMT

GET
H3 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame E5F7 18 KB
7 KB 20ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:49:56 GMT

GET
H3 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame E5F7 3 KB
1 KB 21ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:46:31 GMT

GET
H3 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E5F7 122 KB
37 KB 67ms
57ms Script
text/javascript 142.250.185.194

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 23:02:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 29 Sep 2021 23:02:11 GMT

GET
H3 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame E5F7 14 KB
6 KB 22ms
20ms Script
text/javascript 142.250.186.129

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 22:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 22:58:28 GMT

GET
H3 200 a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame E5F7 27 KB
11 KB 51ms
23ms Script
text/javascript 172.217.23.99

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 03:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 03:59:53 GMT

GET
H3 200 s
googleads.g.doubleclick.net/pagead/drt/ Frame BA5D 143 B
163 B 32ms
32ms Document
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

safe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&adk=2272403411&adf=3518896305&pi=t.aa~a.4184449269~i.3~rp.4&w=856&fwrn=4&fwrnh=100&lmt=1632956530&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9302228041&psa=0&ad_type=text_image&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&pra=3&rh=200&rw=856&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632956530053&bpp=1&bdt=2259&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3De62a08abcbcf57b3-22ba8bc1e2ca008f%3AT%3D1632956529%3ART%3D1632956529%3AS%3DALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=1502120275765&frm=20&pv=1&ga_vid=1983552423.1632956529&ga_sid=1632956529&ga_hid=27779120&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=3308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062519%2C31062919%2C31062312&oid=2&pvsid=2324102087658165&pem=462&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=W0ZupEJs2E&p=https%3A//www.hs3uka.com&dtd=33

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 29 Sep 2021 23:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F592 1 KB
749 B 23ms
22ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 29 Sep 2021 21:06:15 GMT
expires: Thu, 30 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 6956
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET 466606.gif
id.rlcdn.com/ Frame F592 0
0

GET etap.gif
beacon.walmart.com/ Frame F592 0
0

GET s-3614
e.dlx.addthis.com/e/a-1189/ Frame F592 0
0

GET sync
odr.mookie1.com/t/v2/ Frame F592 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame F592 0
0

GET trk
ag.innovid.com/ Frame F592 0
0

GET /
cc.adingo.jp/adx/push/ Frame F592 0
0

GET attr
cm.g.doubleclick.net/pixel/ Frame F592 0
0

GET

si
googleads.g.doubleclick.net/pagead/drt/ Frame BA5D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

GET
DATA 200
OK truncated
/ Frame A4A1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id.rlcdn.com
URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL2bgDGiWvKXbLVnL3Ul7hW214_eka7bg3ZpuJ_BTSeTNYeLqVxZOkT5U2AU_djmvU-Q9Rjz5Zege27wSiGG-tCSyFENd04&google_gid=CAESEHPLpkizp34M4XP3qyhBPbs&google_cver=1

Domain: beacon.walmart.com
URL: https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEOY9M3MBK98YSCtuFh3qQtU&google_cver=1&google_push=AYg5qPJGar3u-Pai0JEpHVg9dtktxbbKkBnvCLcN_sAK2ioadUnrThZHy-bQjD9BJb2NSmXVOGzlgZCPPvAG29s8ZGDc57QjIKrW

Domain: e.dlx.addthis.com
URL: https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK6c1R5-cSYPRAshytj2wWKMO7vqfahjhvHI9ZG1QWwuOKURJbB5px5QSHNLuerJjxh8y6keDs4iSvjBeX1Bm70kXyzplw&google_gid=CAESEAEVeqZworGdVl3SoeYZGDY&google_cver=1

Domain: odr.mookie1.com
URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEPw4hfIkl-aSES42ztTES4U&google_cver=1&google_push=AYg5qPK_ImmfZtweo1LprtPeh7w0diaa4LRTehshWAEUE4mCNe6083yyT9LENpv-en2yJhF_kK4umOCXpdcLAeMLf6lTYqohBw8

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFVIbCgIfoeg_y5dW_FyKjU&google_cver=1&google_push=AYg5qPJyk90kR-kj2EzGJMK-3nt7rM0xEVMMQjcnl9HNeVYhp-d4zzFU8ZFhzjupSTaQVgy89XaMJPu8PCWRzGPnJ1g_zmDEF_jN

Domain: ag.innovid.com
URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFJpNsnDgLf5A1n22o0oNQs&google_cver=1&google_push=AYg5qPIflbFJM4hWY0OB1Te77IJCCVGpfY7nMXr-362RPqCv7sCqiuvX4aj3ZURaedDvpFLv92m2CcPlj-URSDJEFJAqsdiXWCSd

Domain: cc.adingo.jp
URL: https://cc.adingo.jp/adx/push/?google_gid=CAESELMPpFI1j3OSM3YlJEHMB8U&google_cver=1&google_push=AYg5qPKnVm7F-q0kWYRTzFZpgHiA9YsaIqmx2nMs1X7LT3rWN79FJfzwjlfH6mH3gDtpjC72sXUCN5u62XdsK8hpC_kCnMeqM_zE

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMHxGca8dtzGlxlPK0UcpUV5AuQOERq68Ce4AjcJfYsWEU5k5GdMDXqNbI7m8ChADZQ_b5

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/drt/si

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hs3uka.com/	1970-01-20 06:57:32	Name: __gads Value: ID=e62a08abcbcf57b3-22ba8bc1e2ca008f:T=1632956529:RT=1632956529:S=ALNI_Mb7-jjryKVs_IMi8zcHx2SGkl3XFQ
.doubleclick.net/	1970-01-20 15:07:08	Name: IDE Value: AHWqTUmIJiegyJGOvCL1SR1VcWrJBmEOPXhwu1r93FqQWKyxBGkTj33dENwl4pFXEuM
.doubleclick.net/	1970-01-19 21:35:57	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
ag.innovid.com
apps.hs3uka.com
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
connect.facebook.net
e.dlx.addthis.com
fonts.googleapis.com
googleads.g.doubleclick.net
id.rlcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.hs3uka.com
ag.innovid.com
beacon.walmart.com
cc.adingo.jp
cm.g.doubleclick.net
e.dlx.addthis.com
googleads.g.doubleclick.net
id.rlcdn.com
odr.mookie1.com
ssum-sec.casalemedia.com
119.59.104.14
142.250.184.194
142.250.185.194
142.250.185.196
142.250.185.226
142.250.185.234
142.250.186.129
142.250.186.166
172.217.16.130
172.217.23.99
216.58.212.162
31.13.92.14
00ada518c05526ce852a14ba026d02c9919b2698c562a29f554d2afc3d726a33
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0e7bc842011b6e1780dbea1b0463833976e89128a9726d4b42c9f1b44ca3f947
17b1aa736abfe31da9cfa6f2777bf05e4138fab73abdd0f715806f78681ce2c7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2b4b2bb9ad1fffb410c63f901e0761abc4cb5c29af3f27171335831ff91dee74
2b9d8f134f92b518f4abd954c7fa61c95fd4fb6e8ee6c2e65fdfd5668ee99030
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
3fdcdfd20f719bd492a121fcd444f0dd6524bb3da0421f42ea8581fc63fcd759
45893eb2b671c29ae201ad4c4da36e26b78f1af891ffd8bb9d97f705d9319c15
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
5a7454cee17704354767d21916d1ed9b87db69cfc2a3884d98542a88a3eca09d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
5e9549dcf4e69eac1bdcde3f6cd80ac2a9e0f46788aaab79c4cf64d4c357e163
673cf2eba1d04a2276c1ae5aa6af8af4140e95db4769b3d02c5441ec9fbe0db6
6856571223ea65394170de3bac959140d7eca67d79a11565ab013bc24b8cc0cb
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6d432a9d7fadd1e54f7291cd96edbfb984c442ff6223c88a2896c7d0d24d1403
6e7ac855fc61d2ae115eb4a789c061f77a05195e4961bd2274058d8fc066640b
6f37a31a6b9fb0665ed636ebcf5623f1f345707b91423f5df5ad659d273b144f
6fb97ab4130b323b6d273df4873a78d3f2450b45c8dcd313e2be2b0504e14f80
73497242dd14af6feef10b19b049fde3f9ec66ac77756f006cc7f92a5f8094f3
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
76ab09f3dfecde51c3f673c5dd0bc88b670d7026dca5655cd633cd5cd671730a
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
7b55834002d71a8a6bd261eafb0fff02c5119c4428cb80d57a4cac05a01c328a
7bd43318e40e244e9fa12bfa8cfa3d9b35c17a4f0376d0b19b84544feee8e6a4
7f81f34316ca2e866324c8f94de3e657c44caf057bffd8876eb6d748a8920af9
902bee017260c8706075d13f73ede9e212f1c41d8d29248ac0cdb9f68458c424
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9738e74b15ccfde5d94d73c5f7fff840e1c58027b9e4a34c4be6a198ea590daf
9fe967f25c7818876097da597b8adb36049f9917789f06d3704b34d75998b294
a251d9b4041f062df7015ce988c33da08db3c35262fc68ea9703998f60877205
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1619779d9188d22bb7cd8af4bc50f7186522fca16b597bd026c6c510fb28b23
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b6d09da0c3245664a4a6b03f0e4d6b132db88ce994750d8324640403f93814d6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
cf904fd2211866586cb256a696153a1f72e1f020f782486feff507727c9b92e7
d0ee3870dcefaa10fb84c35cc3eecf01760c7743f2906f5ce3fcd47f302ccb22
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
dc35fafb2856c869d5af4bb7da3420db82762479350bc2f90af36ea2a8f67ec4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e701577265c58e50b8a343b8cbe3f803536d589c6b94127a03416d048e9281df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0251e5919b517e6ab4783fbf49073baa359418f197b8f189350d50790a96306

www.hs3uka.com Open in urlscan Pro 119.59.104.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

92 %HTTPS

0 %IPv6

16 Domains

21 Subdomains

13 IPs

3 Countries

2767 kBTransfer

5582 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hs3uka.com Open in urlscan Pro
119.59.104.14 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

92 %
HTTPS

0 %
IPv6

16
Domains

21
Subdomains

13
IPs

3
Countries

2767 kB
Transfer

5582 kB
Size

3
Cookies

110 HTTP transactions
5 data transactions