urlscan.io logo urlscan.io
SecurityTrails logo

www.proinvestor.com Open in urlscan Pro
178.63.23.254  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&...
Submission: On January 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 178.63.23.254, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.proinvestor.com.
TLS certificate: Issued by R3 on December 28th 2023. Valid for: 3 months.
This is the only time www.proinvestor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    178.63.23.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: test.proinvestor.com
www.proinvestor.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
12 googlesyndication.com
d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
152 KB
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
161 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2616
www.google.com — Cisco Umbrella Rank: 2
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
94 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6518
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
92 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
93 KB
1 proinvestor.com
www.proinvestor.com
2 KB
25 8
Domain Requested by
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.proinvestor.com
2 www.googletagservices.com www.proinvestor.com
securepubads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.google.de www.proinvestor.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com www.proinvestor.com
1 ajax.googleapis.com www.proinvestor.com
1 www.proinvestor.com
25 12

This site contains links to these domains. Also see Links.

Domain
elo.foundation
Subject Issuer Validity Valid
proinvestor.com
R3		 2023-12-28 -
2024-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Frame ID: 4D8A662AA6A022B6F0D585A406C5646D
Requests: 12 HTTP requests in this frame

Frame: https://d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A6BD5BB75508217FEAE9289D2BCCCFF7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBLnWElyt6KyfVQO0fppqONOVeKfmouWkQBbtYylRjo4ky3kN5nuGd_h0R_uxAUN4rL1v4IUVgFU3dVW-PCBmUqgYPobSjCmFtGK2QX923APpqdWOT0S25bb2hQ5TnEBp8681nuZWvH8fHxDTYG5TvTUOMpfT5KhrwsYscTkw11yx2wfY5os1NoDVGpKhfRhcS5xZLgl8XhpRp5dUItISaTe6K_SIhAwLBz8GUtVJTDSJ1H7flsMQT5ENU-93kjwF6NKYvaAlnt8RwkB3YS5l7hYF0vkbYCJ7oRE2R2r-Trh71hZM6MJ58It2JRvgeHm9y9_Lk9lULfk1oqN7PtONhXsB-mWl1vIdZjvdL21JYYFiCv2z9rotIu3Ig2zgc&sai=AMfl-YSbzf0VFPfDu13Adu-86AMwgmahYG9C0vms0npOk09hyZzaCGRzicIrYacvjYkH_CeXg0_QQ81fDjIFvzTP_hMNPxuJkO6em5UTDhLIHN17MJuxJT-sgkVeRFoNLz8j0AoQTYiMbPbNyFHMLcksZhg&sig=Cg0ArKJSzOGah-DC7PayEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C553CCE2C839D3251DC7262F680E46B3
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6B0D8BB8B87286927FCBCE19364F496
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08E049B8C1BAEBAD2FDC53D8590DA186
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Du viderestilles om 2 sekunder | ProInvestor

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

92 %
IPv6

8
Domains

12
Subdomains

13
IPs

3
Countries

597 kB
Transfer

1391 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request r.php
www.proinvestor.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.63.23.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
test.proinvestor.com
Software
Apache/2.4.38 /
Resource Hash
3b02fc0e08873603aecf8bdfc90b6dd0700415ba89ee5d1d21356434a3e641f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1656
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Jan 2024 15:02:15 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.38
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js
Requested by
Host: www.proinvestor.com
URL: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:42:58 GMT
x-content-type-options
nosniff
age
487157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94840
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jan 2025 23:42:58 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-95PDYWRT9D
Requested by
Host: www.proinvestor.com
URL: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dcbe4302757aaa9b79b0a912f718f36e391186f9e5a867a8e3cc226bbe8f07cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93756
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 29 Jan 2024 15:02:15 GMT
gpt.js
www.googletagservices.com/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.proinvestor.com
URL: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8fff0d48d5945f480fb6c1f05a56d5946eb944419f8cd65eaaba729220022b75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29422
x-xss-protection
0
server
cafe
etag
350 / 19751 / 31080708 / config-hash: 10961985379633005465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 29 Jan 2024 15:02:15 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-95PDYWRT9D&gtm=45je41o0v9165017437&_p=1706540535855&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=533264209.1706540536&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706540535&sct=1&seg=0&dl=https%3A%2F%2Fwww.proinvestor.com%2Fr.php%3Fu%3Dhttps%253A%252F%252Felo.foundation%2FP1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org%26topic_id%3D4413031033&dt=Du%20viderestilles%20om%205%20sekunder%20%7C%20ProInvestor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=284
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-95PDYWRT9D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 15:02:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.proinvestor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-95PDYWRT9D&cid=533264209.1706540536&gtm=45je41o0v9165017437&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-95PDYWRT9D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 15:02:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.proinvestor.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-95PDYWRT9D&cid=533264209.1706540536&gtm=45je41o0v9165017437&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=842201652
Requested by
Host: www.proinvestor.com
URL: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 15:02:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4de3f2c85751bffda4d0fe23ab5e6f37ad4560503bb44b8ef122fe5112584994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 08:31:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
23425
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137734
x-xss-protection
0
server
cafe
etag
16079809720530243235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 28 Jan 2025 08:31:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3200946142420758&correlator=4396029827365739&eid=31080255%2C31080708&output=ldjh&gdfp_req=1&vrg=202401240101&ptt=17&impl=fif&iu_parts=1038205%2CGenerel300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1706540536157&lmt=1706540536&adxs=650&adys=455&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.proinvestor.com%2Fr.php%3Fu%3Dhttps%253A%252F%252Felo.foundation%2FP1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org%26topic_id%3D4413031033&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=533264209.1706540536&ga_sid=1706540536&ga_hid=307628066&ga_fc=true&dlt=1706540535729&idt=412&adks=789247538&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ffa68c64516db8f10be5253c569447d8a91470f5b2b45afcb817f3969521bfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26335
x-xss-protection
0
google-lineitem-id
5245615097
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138438048290
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.proinvestor.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A6BD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proinvestor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 15:02:16 GMT
expires
Tue, 28 Jan 2025 15:02:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
056624355ffa4ab527a5cf6ca23ad7a4ec91030c5d832fe5b3403680bb099568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12273
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame C553 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBLnWElyt6KyfVQO0fppqONOVeKfmouWkQBbtYylRjo4ky3kN5nuGd_h0R_uxAUN4rL1v4IUVgFU3dVW-PCBmUqgYPobSjCmFtGK2QX923APpqdWOT0S25bb2hQ5TnEBp8681nuZWvH8fHxDTYG5TvTUOMpfT5KhrwsYscTkw11yx2wfY5os1NoDVGpKhfRhcS5xZLgl8XhpRp5dUItISaTe6K_SIhAwLBz8GUtVJTDSJ1H7flsMQT5ENU-93kjwF6NKYvaAlnt8RwkB3YS5l7hYF0vkbYCJ7oRE2R2r-Trh71hZM6MJ58It2JRvgeHm9y9_Lk9lULfk1oqN7PtONhXsB-mWl1vIdZjvdL21JYYFiCv2z9rotIu3Ig2zgc&sai=AMfl-YSbzf0VFPfDu13Adu-86AMwgmahYG9C0vms0npOk09hyZzaCGRzicIrYacvjYkH_CeXg0_QQ81fDjIFvzTP_hMNPxuJkO6em5UTDhLIHN17MJuxJT-sgkVeRFoNLz8j0AoQTYiMbPbNyFHMLcksZhg&sig=Cg0ArKJSzOGah-DC7PayEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.proinvestor.com
URL: https://www.proinvestor.com/r.php?u=https%3A%2F%2Felo.foundation/P1-am3T-d5-4GolandQ3Erl-Qsl4RAdQ3Ell-y5Q3E-y5or4RAal-d5org&topic_id=4413031033
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 15:02:16 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame C553 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 21:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
64434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
16165788300067284045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 21:08:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C553 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 21:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
64571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Feb 2024 21:06:05 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C553 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66337
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1706100845105677"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 15:02:16 GMT
17262913558371870739
tpc.googlesyndication.com/simgad/ Frame C553 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17262913558371870739
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3bda3f2c19d8be3311667df33c997993de7a834e19c8d5e2a7846cbfacedc8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 22 Jan 2025 10:23:20 GMT
date
Tue, 23 Jan 2024 10:23:20 GMT
x-content-type-options
nosniff
age
535136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101098
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 19:10:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame C553 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae0c1a1c55ce051a2c75d21852eb7b43e019a2fed873db68538abde7906591d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401240101/pubads_impl.js?cb=31080708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 15:02:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C553 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXLi9bMi2m-KlR0-fRSC0Cz25I3472-dfMOoO92pTmPqbp_S0HW2mCyM5mqwyiC6-NGaoKHTM6IWQvfSmDLuDoEzPjpQm1ooB7zBhT1uFT_NHKXdayh98G8fEKNTGzEQ5oNwdXMnQISOETCxYkhgcy22emNHQrRZl0PH6NVo7f1EZWfy6JjDkFjsNONPaRMW-wv5WYeYXz6X5uWnHv07GhDlr_9ymT4X-bokghPtjnefSFYfdoCT9TCGhicICvX_anSt8QznYiP_QMGu-uHemBmy4QSbRzrWKrCzaWhkCDNEXVC0kaZbROT6X2Lz8SQjNe1fnyXopOkMKqKIOhyPMTTUOwvwu1mGbYpe8c-_JXSAOQdGAtVCP7NqVVaZUk1oo&sai=AMfl-YRe4Utrk5XgxrA76u6o6Pc8_VUI_qV7hOE7iTcLctKrAbezjjVQENVxFSFkfE5_RbNlsrJyUE1WV_-dEtzX9pKpQ6kxFw0G5SuDNeNZP3eOpTlX2cwCJW7k-AgyH1Uu_KaDxZQ33ZlTOK4h-jkDvtA&sig=Cg0ArKJSzKG5-e9FHZgJEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 29 Jan 2024 15:02:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C6B0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.proinvestor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 13:10:24 GMT
expires
Tue, 28 Jan 2025 13:10:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 08E0 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
94d85ed63df74fde8e655005c71550156269370f3ff41b6827f3d8dcaac2acae
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wnOhxojl9hdKg8Ol0b6B8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.proinvestor.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-wnOhxojl9hdKg8Ol0b6B8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 29 Jan 2024 15:02:16 GMT
expires
Mon, 29 Jan 2024 15:02:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame C6B0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 12:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
9106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Jan 2025 12:30:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 08E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401240101&jk=3200946142420758&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C6B0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ruWBig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 15:02:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401240101&jk=3200946142420758&bg=!cXKlcj3NAAa8BdJLnAU7ADQBe5WfODNQI_p2fhDbH_vb1cJ_gYBTdQbKLebLv7usyyUNuaGkuEqjTFUwd5PSXQFP3KtIAgAAAC1SAAAAAmgBB5kCzu6PlxItccuKCLUbSZ0EH47uSaGOnesb66VpwkpPlTYZ17PbKwF8-2RbcHP0XkprsPdMCzfCA28RcFiMLtQhj8xoCO39x9VxJORRUnfCRVrqColbLISanAqq1SG4l0wbZkePRtdRLAtCuxooXr7dXe4nx_G18seZ_1uIbJI4Ph20t9apEVyYPAtGI7nMPOmTgNMgqcVAOAZGTz3-yqcjgiK-MIg9NYyZlx1Z4WuhZudBTnRprkYrASdt8m-RVbLPn-0uLdXsywyCyySdaQ0Uc4Edx9awCqn1ppTOErEQoasQtvaHYNy2FUNczOgKNj7pxRjbObKE3XNY_bJovBTaXPfg2Eio_tbCLeY7X5oBx4C2P1BNBVfXSrOL3ljrpA7EzoQvEM-J7A42F-m7XXGebqf5jIeVHHTyGCvpW0_XL6BLNhMHaTppkPqKthunuPw40KajyPJ_I3g3KZiP-Igy2bBtw1lxiCF9_AH9jIhWkeClCvm5LFgc9rqwEKEv01thsaTfUQPBzP6cs6tIkshkW_h3Bsfg07-nIKnl9vXYhb8WWmjn178vtkjaW3XgQsBS0BT0MX1kQsTEaIcZEoll5v65xFA7IxeGw9hY1-K9EGMrZXdU8FEo4Qx5LPrJjmAJVRWybQj0_7od_H9KMQ5yne6VoPzyA-G6yGubUwpJhLHctnESJ6R4PYMfBSGFfs1WIN1VxDQ3S2x_oLogTLzugCor3gpYjyXuPU-qI4iHIeylyoPXXSosXz38CRtysjoUuHWEDv4a7myEbgwW4rmNDRLIlX3dDyiKoKH2MyPvsKaSL2ykABhshwS4OLKq9yHOQwPa5DyFLJZv-Lm_Vw7FBgF5PvuIIhZX7A78o0wL9bLkFFHpY7ZtF_XKBLnonT3AvbrnfbSYgSeyqhclIxb2l27NdywsijdiZ5UQf8iUKvW1j4ve2VNxEQwnrJ1YOw8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame C553 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoDz5gdan2MaCzL78FWVUfEl1l74GZ8YNwa7oR9QYS4RglHgRBocsf3tvAoo0G_gNk3FT6JxnkJ6n7zQvXRsr3oV88FtP2v782-2Y6-6lTYbX2Bpec9rBWzvfKPTDy3khnLNjy-lRvjzcPImgFWA4kMA&sig=Cg0ArKJSzH60NjJfak8BEAE&id=lidar2&mcvt=1000&p=455,650,705,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=789247538&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654053600&rst=1706540536325&rpt=131&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.proinvestor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Jan 2024 15:02:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| $ function| jQuery number| countSeconds string| newLocation number| countdownTimer object| googletag function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
www.proinvestor.com/ Name: PHPSESSID
Value: ecaqe7j0hhvv4h234ervo1jkhd
.proinvestor.com/ Name: _ga
Value: GA1.1.533264209.1706540536
.proinvestor.com/ Name: _ga_95PDYWRT9D
Value: GS1.1.1706540535.1.0.1706540535.60.0.0
.proinvestor.com/ Name: __gads
Value: ID=6db679004a3dc580:T=1706540536:RT=1706540536:S=ALNI_MZLYgukQ2uDsMbv-YPxHKNHaWGl8A
.proinvestor.com/ Name: __gpi
Value: UID=00000d4b5859fc4e:T=1706540536:RT=1706540536:S=ALNI_MZaFonpZ6NriRIeDsa5XZJtgtvZ8Q
.doubleclick.net/ Name: IDE
Value: AHWqTUksbjNa6m3DrazcdijCYT_vKnkzX0XUDDtUzKF3BzABhXoZd3lFdy1LxwmIHHo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d5d331a22669da390bed15eea81d8cac.safeframe.googlesyndication.com
pagead2.googlesyndication.com
region1.analytics.google.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.proinvestor.com
178.63.23.254
2001:4860:4802:34::36
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9a
056624355ffa4ab527a5cf6ca23ad7a4ec91030c5d832fe5b3403680bb099568
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
1ffa68c64516db8f10be5253c569447d8a91470f5b2b45afcb817f3969521bfa
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b02fc0e08873603aecf8bdfc90b6dd0700415ba89ee5d1d21356434a3e641f8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4de3f2c85751bffda4d0fe23ab5e6f37ad4560503bb44b8ef122fe5112584994
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8fff0d48d5945f480fb6c1f05a56d5946eb944419f8cd65eaaba729220022b75
94d85ed63df74fde8e655005c71550156269370f3ff41b6827f3d8dcaac2acae
ae0c1a1c55ce051a2c75d21852eb7b43e019a2fed873db68538abde7906591d0
c3bda3f2c19d8be3311667df33c997993de7a834e19c8d5e2a7846cbfacedc8b
dcbe4302757aaa9b79b0a912f718f36e391186f9e5a867a8e3cc226bbe8f07cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629