rufus.ie
185.199.108.153

Go To Rescan
Add Verdict Report

Submitted URL:
http://rufus.ie/
Effective URL:
http://rufus.ie/en/
Submission: On September 15 via manual (September 15th 2021, 8:44:36 pm UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 59 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is rufus.ie.

This is the only time rufus.ie was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
12	142.250.178.2 142.250.178.2	15169 (GOOGLE) (GOOGLE)
2	142.250.180.14 142.250.180.14	15169 (GOOGLE) (GOOGLE)
11	216.58.213.2 216.58.213.2	15169 (GOOGLE) (GOOGLE)
1	142.250.179.226 142.250.179.226	15169 (GOOGLE) (GOOGLE)
2	142.250.187.194 142.250.187.194	15169 (GOOGLE) (GOOGLE)
4	142.250.200.2 142.250.200.2	15169 (GOOGLE) (GOOGLE)
17	142.250.187.225 142.250.187.225	15169 (GOOGLE) (GOOGLE)
2 3	142.250.180.4 142.250.180.4	15169 (GOOGLE) (GOOGLE)
2	142.250.178.10 142.250.178.10	15169 (GOOGLE) (GOOGLE)
3	142.250.178.3 142.250.178.3	15169 (GOOGLE) (GOOGLE)
59	12

5 185.199.108.153 (United States) 1 redirects

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

rufus.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.178.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.14 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.213.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s25-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s31-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.187.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s33-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.200.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s29-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.187.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr25s34-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.180.4 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lhr25s32-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.178.10 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.178.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr48s27-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	357 KB
11	doubleclick.net googleads.g.doubleclick.net	97 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
5	rufus.ie 1 redirects rufus.ie	37 KB
4	googletagservices.com www.googletagservices.com	141 KB
3	gstatic.com www.gstatic.com	12 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googleadservices.com partner.googleadservices.com	655 B
59	9

	Domain	Requested by
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	rufus.ie pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	rufus.ie	1 redirects rufus.ie
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google-analytics.com	rufus.ie www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
59	11

This site contains links to these domains. Also see Links.

Domain
policies.google.com
github.com
unetbootin.sourceforge.net
www.pendrivelinux.com
www.microsoft.com
www.fosshub.com
www.freedos.org
en.wikipedia.org
infrarecorder.org
cdburnerxp.se
www.gnu.org
mingw-w64.org
www.ventoy.net
git-scm.com
en.wiktionary.org
winhelp2002.mvps.org
www.fsf.org
www.adata-group.com
www.archlinux.org
archbang.org
www.nu2.nu
centos.org
www.damnsmalllinux.org
www.debian.org
fedoraproject.org
www.freenas.org
www.gentoo.org
gparted.org
www.gnewsense.org
www.hirensbootcd.org
reboot.pro
knoppix.net
kolibrios.org
www.kubuntu.org
linuxmint.com
pogostick.net
partedmagic.com
www.partitionwizard.com
www.raspbian.org
reactos.org
www.redhat.com
www.rodsbooks.com
www.slackware.com
www.supergrubdisk.org
tails.boum.org
trinityhome.org
www.ubuntu.com
www.ultimatebootcd.com
msdn.microsoft.com
pete.akeo.ie
pages.github.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://rufus.ie/en/
Frame ID: 2C217A6E297EE1A29FB758FBE3E5596F
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/zrt_lookup.html
Frame ID: 86CA3568DA7B22E98FFB0A7CAA0F5152
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110
Frame ID: 33FACCB772AE4A32CCF956CC4C06274A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117
Frame ID: 76BEADB9B389C6197D946BBBB44FC5D8
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&adk=1812271804&adf=3025194257&lmt=1630356485&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Frufus.ie%2Fen%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631738676808&bpp=1&bdt=180&idt=111&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&nras=1&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=114
Frame ID: 24D25CAD5D455B376BD7A0BD9120A003
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 846B5779C87ACF8718CEE2BE09666C1E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 67482E242AFCF08DAA037600D2B2F67A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: 8DFE88143C4083EF78279A13A66EF851
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: 6998C5990D97A0EAED9982E0ED2D5BFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9ED705C12AB76ED0504DBEA4370B2115
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 4BA0FB572A9887B34B2F47F0E6408825
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: E521ED877A1C96D94309A59C0225B957
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DD49D51F9446679AF6CE17C6B5D491BD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB82B6FC88C7802CF62E5DC32761760D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://rufus.ie/ Page URL
http://rufus.ie/en HTTP 301
http://rufus.ie/en/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

59
Requests

93 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

12
IPs

1
Countries

667 kB
Transfer

1784 kB
Size

7
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://policies.google.com/technologies/cookies?hl=en_IE
Title: See details

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/wiki/Localization#wiki-Translating_the_Rufus_Homepage
Title: Want your language here?

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus
Title: Rufus

Search URL Search Domain Scan URL

URL: http://unetbootin.sourceforge.net/
Title: UNetbootin

Search URL Search Domain Scan URL

URL: http://www.pendrivelinux.com/universal-usb-installer-easy-as-1-2-3
Title: Universal USB Installer

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/download/windows-usb-dvd-download-tool
Title: Windows 7 USB download tool

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/releases/download/v3.15/rufus-3.15.exe
Title: Rufus 3.15

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/releases/download/v3.15/rufus-3.15p.exe
Title: Rufus 3.15 Portable

Search URL Search Domain Scan URL

URL: https://www.fosshub.com/Rufus.html
Title: Other versions (FossHub)

Search URL Search Domain Scan URL

URL: http://www.freedos.org/
Title: FreeDOS

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/ISO_image
Title: ISO image

Search URL Search Domain Scan URL

URL: http://infrarecorder.org/
Title: InfraRecorder

Search URL Search Domain Scan URL

URL: http://cdburnerxp.se/
Title: CDBurnerXP

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/wiki/FAQ
Title: HERE

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/issues
Title: issue tracker

Search URL Search Domain Scan URL

URL: http://www.gnu.org/licenses/gpl.html
Title: GNU General Public License (GPL) version 3

Search URL Search Domain Scan URL

URL: http://mingw-w64.org/
Title: MinGW32

Search URL Search Domain Scan URL

URL: https://www.gnu.org/software/grub/
Title: GRUB

Search URL Search Domain Scan URL

URL: https://www.ventoy.net/
Title: Ventoy

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/EFI_system_partition
Title: ESP

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/uefi-ntfs
Title: UEFI:NTFS

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/Fido
Title: Fido ISO download script

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/blob/master/ChangeLog.txt
Title: Other versions

Search URL Search Domain Scan URL

URL: https://github.com/pbatard/rufus/archive/v3.15.zip
Title: Rufus 3.15

Search URL Search Domain Scan URL

URL: http://git-scm.com/
Title: git

Search URL Search Domain Scan URL

URL: https://en.wiktionary.org/wiki/m%C3%A9c%C3%A9nat
Title: mécénat

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Free_and_open_source_software
Title: FLOSS

Search URL Search Domain Scan URL

URL: http://winhelp2002.mvps.org/hosts.htm
Title: blocking them

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Free_software
Title: Free Software

Search URL Search Domain Scan URL

URL: http://www.fsf.org/
Title: Free Software Foundation

Search URL Search Domain Scan URL

URL: http://www.adata-group.com/index.php?action=product_feature&cid=1&piid=145&lan=en
Title: 16 GB USB 3.0 ADATA S102 flash drive

Search URL Search Domain Scan URL

URL: http://www.archlinux.org/
Title: Arch Linux

Search URL Search Domain Scan URL

URL: http://archbang.org/
Title: Archbang

Search URL Search Domain Scan URL

URL: http://www.nu2.nu/pebuilder/
Title: BartPE/pebuilder

Search URL Search Domain Scan URL

URL: http://centos.org/
Title: CentOS

Search URL Search Domain Scan URL

URL: http://www.damnsmalllinux.org/
Title: Damn Small Linux

Search URL Search Domain Scan URL

URL: https://www.debian.org/
Title: Debian

Search URL Search Domain Scan URL

URL: http://fedoraproject.org/
Title: Fedora

Search URL Search Domain Scan URL

URL: http://www.freenas.org/
Title: FreeNAS

Search URL Search Domain Scan URL

URL: http://www.gentoo.org/
Title: Gentoo

Search URL Search Domain Scan URL

URL: http://gparted.org/
Title: GParted

Search URL Search Domain Scan URL

URL: http://www.gnewsense.org/
Title: gNewSense

Search URL Search Domain Scan URL

URL: http://www.hirensbootcd.org/
Title: Hiren's Boot CD

Search URL Search Domain Scan URL

URL: http://reboot.pro/forum/52/
Title: LiveXP

Search URL Search Domain Scan URL

URL: http://knoppix.net/
Title: Knoppix

Search URL Search Domain Scan URL

URL: http://kolibrios.org/
Title: KolibriOS

Search URL Search Domain Scan URL

URL: http://www.kubuntu.org/
Title: Kubuntu

Search URL Search Domain Scan URL

URL: http://linuxmint.com/
Title: Linux Mint

Search URL Search Domain Scan URL

URL: http://pogostick.net/~pnh/ntpasswd/
Title: NT Password Registry Editor

Search URL Search Domain Scan URL

URL: http://partedmagic.com/
Title: Parted Magic

Search URL Search Domain Scan URL

URL: http://www.partitionwizard.com/partition-wizard-bootable-cd.html
Title: Partition Wizard

Search URL Search Domain Scan URL

URL: http://www.raspbian.org/
Title: Raspbian

Search URL Search Domain Scan URL

URL: http://reactos.org/
Title: ReactOS

Search URL Search Domain Scan URL

URL: http://www.redhat.com/
Title: Red Hat

Search URL Search Domain Scan URL

URL: http://www.rodsbooks.com/refind/
Title: rEFInd

Search URL Search Domain Scan URL

URL: http://www.slackware.com/
Title: Slackware

Search URL Search Domain Scan URL

URL: http://www.supergrubdisk.org/category/download/supergrub2diskdownload/super-grub2-disk-stable/
Title: Super Grub2 Disk

Search URL Search Domain Scan URL

URL: https://tails.boum.org/
Title: Tails

Search URL Search Domain Scan URL

URL: http://trinityhome.org/
Title: Trinity Rescue Kit

Search URL Search Domain Scan URL

URL: http://www.ubuntu.com/
Title: Ubuntu

Search URL Search Domain Scan URL

URL: http://www.ultimatebootcd.com/
Title: Ultimate Boot CD

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=140&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows XP (SP2+)

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=146&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows Vista

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=351&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows Server 2008

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=350&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows 7

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=481&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows 8

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=524&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows 8.1

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=483&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows Server 2012

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/software-download/windows10ISO/
Title: Windows 10

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/subscriptions/downloads/default.aspx#searchTerm=&ProductFamilyId=665&Languages=en&FileExtensions=.iso&PageSize=10&PageIndex=0&FileId=0
Title: Windows Server 2016

Search URL Search Domain Scan URL

URL: https://pete.akeo.ie/
Title: Pete Batard

Search URL Search Domain Scan URL

URL: https://pages.github.com/
Title: GitHub

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rufus.ie/ Page URL
http://rufus.ie/en HTTP 301
http://rufus.ie/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 32

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 35

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

59 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
rufus.ie/ 2 KB
1 KB 173ms
91ms Document
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://rufus.ie/
Protocol: HTTP/1.1
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash

Request headers

Host: rufus.ie
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: GitHub.com
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 30 Aug 2021 20:48:05 GMT
Access-Control-Allow-Origin: *
ETag: W/"612d4405-6ed"
expires: Mon, 13 Sep 2021 22:27:40 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
x-proxy-cache: MISS
X-GitHub-Request-Id: 67C8:E32F:14B5FDE:15B211B:613FCE04
Content-Length: 836
Accept-Ranges: bytes
Date: Wed, 15 Sep 2021 20:44:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-hhn4075-HHN
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1631738676.331573,VS0,VE86
Vary: Accept-Encoding
X-Fastly-Request-ID: 57b0f375882994b107c5c680209024e9f425331f

GET
H/1.1

200
OK

Primary Request / Show response
rufus.ie/en/
Redirect Chain

http://rufus.ie/en
http://rufus.ie/en/

30 KB
10 KB

93ms
92ms

Document
text/html

185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://rufus.ie/en/
Requested by: Host: rufus.ie
URL: http://rufus.ie/
Protocol: HTTP/1.1
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: d7a099c582c9536a920000cf59e8a2ba2b635b355cfaa0b06b5c46a331ec5353

Request headers

Host: rufus.ie
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://rufus.ie/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

Server: GitHub.com
Content-Type: text/html; charset=utf-8
Last-Modified: Mon, 30 Aug 2021 20:48:05 GMT
Access-Control-Allow-Origin: *
ETag: W/"612d4405-79df"
expires: Wed, 15 Sep 2021 03:55:07 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
x-proxy-cache: HIT
X-GitHub-Request-Id: 7B3A:2720:1C8430C:1D78B3F:61416D63
Content-Length: 9704
Accept-Ranges: bytes
Date: Wed, 15 Sep 2021 20:44:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-hhn4075-HHN
X-Cache: HIT
X-Cache-Hits: 1
X-Timer: S1631738677.536380,VS0,VE87
Vary: Accept-Encoding
X-Fastly-Request-ID: 273f40558724a6a177ef7bd262819c8979f70d1c

Redirect headers

Server: GitHub.com
Content-Type: text/html
Location: http://rufus.ie/en/
Access-Control-Allow-Origin: *
expires: Wed, 15 Sep 2021 20:45:17 GMT
Cache-Control: max-age=600
x-proxy-cache: HIT
X-GitHub-Request-Id: 608A:AA9A:ED13D:F4014:61425B34
Content-Length: 162
Accept-Ranges: bytes
Date: Wed, 15 Sep 2021 20:44:36 GMT
Via: 1.1 varnish
Age: 0
Connection: keep-alive
X-Served-By: cache-hhn4075-HHN
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1631738676.442964,VS0,VE87
Vary: Accept-Encoding
X-Fastly-Request-ID: d1e25794ce9972d1d92ca4a11e120b57f77fda04

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 100ms
50ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rufus.ie
URL: http://rufus.ie/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

077c1a0cab75f943fd03916bcb92bdd6222e9fd213636ad852566714cea8a4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48948
x-xss-protection: 0
server: cafe
etag: 9817538859181931123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:44:36 GMT

GET
H/1.1 200
OK rufus-128.png
rufus.ie/pics/ 11 KB
12 KB 89ms
89ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rufus.ie/pics/rufus-128.png
Requested by: Host: rufus.ie
URL: http://rufus.ie/en/
Protocol: HTTP/1.1
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: dfb617fea19c1ab8515ad34dfdc3dc352a975899b3ee5bfb7c1e77c1ebd79237

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: rufus.ie
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://rufus.ie/en/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Fastly-Request-ID: 317579266546a91577a372c8fa9f024523248726
Date: Wed, 15 Sep 2021 20:44:36 GMT
Via: 1.1 varnish
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 11725
X-Served-By: cache-hhn4075-HHN
Last-Modified: Mon, 30 Aug 2021 20:48:05 GMT
Server: GitHub.com
X-GitHub-Request-Id: 1B5C:11E30:60386E:62C985:613C1E56
X-Timer: S1631738677.649306,VS0,VE84
ETag: "612d4405-2dcd"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
expires: Sat, 11 Sep 2021 03:14:41 GMT
Cache-Control: max-age=600
Accept-Ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
X-Cache-Hits: 1

GET
H/1.1 200
OK rufus_en.png
rufus.ie/pics/ 12 KB
13 KB 98ms
93ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rufus.ie/pics/rufus_en.png
Requested by: Host: rufus.ie
URL: http://rufus.ie/en/
Protocol: HTTP/1.1
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 56d4f5356d9b1997203b6b6bf6374881b63fd9b5f22a9373601b0f14ad409fd1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: rufus.ie
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://rufus.ie/en/
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

X-Fastly-Request-ID: f86e2082bf568838736c90320457de490505f2ab
Date: Wed, 15 Sep 2021 20:44:36 GMT
Via: 1.1 varnish
Age: 0
X-Cache: HIT
Connection: keep-alive
Content-Length: 12797
X-Served-By: cache-hhn4030-HHN
Last-Modified: Mon, 30 Aug 2021 20:48:05 GMT
Server: GitHub.com
X-GitHub-Request-Id: D532:2720:1CB1C51:1DA93A5:614180E9
X-Timer: S1631738677.655206,VS0,VE87
ETag: "612d4405-31fd"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
expires: Wed, 15 Sep 2021 05:23:13 GMT
Cache-Control: max-age=600
Accept-Ranges: bytes
x-proxy-cache: MISS
X-Cache-Hits: 1

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
20 KB

69ms
18ms

Script
text/javascript

142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rufus.ie
URL: http://rufus.ie/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3747
date: Wed, 15 Sep 2021 19:42:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 15 Sep 2021 21:42:09 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 251 KB
93 KB 51ms
51ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

6cd910e21782ecb6252b8cc0dfb33026dcc45477ac48fbab6a5b8040a3e3f43f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94963
x-xss-protection: 0
server: cafe
etag: 107904342515089326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:44:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/ Frame 86CA 10 KB
5 KB 67ms
18ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210914/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 15 Sep 2021 01:09:12 GMT
expires: Wed, 29 Sep 2021 01:09:12 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 70524
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 52ms
25ms XHR
text/plain 142.250.180.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=709227681&t=pageview&_s=1&dl=http%3A%2F%2Frufus.ie%2Fen%2F&ul=en-us&de=UTF-8&dt=Rufus%20-%20Create%20bootable%20USB%20drives%20the%20easy%20way&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=936658262&gjid=1581023111&cid=1220010213.1631738677&tid=UA-37022602-1&_gid=841827440.1631738677&_r=1&_slc=1&z=1166041388

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://rufus.ie/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:44:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://rufus.ie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
655 B 94ms
33ms Script
text/javascript 142.250.179.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rufus.ie&callback=_gfp_s_&client=ca-pub-8924382055379825

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s31-in-f2.1e100.net

Software

cafe /

Resource Hash

d4ff31636412c8f4d99214c0e38202071afd8e9bd20ca9fb0bceafcd4eb7649b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 78ms
29ms Script
application/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rufus.ie

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 20:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33FA 64 KB
24 KB 581ms
546ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

7846138216f5f4659a86f1d9090fd5b805d26177d988b6c697bcbed20cd27741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 20:44:37 GMT
server: cafe
content-length: 24869
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 20:59:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 20:44:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 81ms
32ms Script
text/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

sffe /

Resource Hash

aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631547519045135"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 20:44:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76BE 64 KB
24 KB 623ms
598ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

48985a85ef8e64cf808604264e137a61ba4d90fb62efb05e609f9074dca1e5ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 20:44:37 GMT
server: cafe
content-length: 24895
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 20:59:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 20:44:37 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 24D2 142 KB
38 KB 724ms
705ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&adk=1812271804&adf=3025194257&lmt=1630356485&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Frufus.ie%2Fen%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631738676808&bpp=1&bdt=180&idt=111&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&nras=1&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

fae8aa78fb82e074eeaf34793c7399cd5b848f5a838aa6bf1901cd15497469a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&adk=1812271804&adf=3025194257&lmt=1630356485&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Frufus.ie%2Fen%2F&ea=0&flash=0&pra=7&wgl=1&dt=1631738676808&bpp=1&bdt=180&idt=111&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x90&nras=1&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Sep 2021 20:44:37 GMT
server: cafe
content-length: 39319
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 15-Sep-2021 20:59:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 20:44:37 GMT
cache-control: private

GET
H2 200 18177270807172645137
tpc.googlesyndication.com/simgad/ Frame 33FA 8 KB
9 KB 123ms
72ms Image
image/png 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18177270807172645137?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmA5NEqGYHavuHrtQ8i8j6qSZQgYw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

sffe /

Resource Hash

56078d4cfb6b5535373db11e331396fb17fa7f777d335add0d78916988a0611d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8463
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 21:18:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Sep 2022 20:44:37 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/ Frame 33FA 18 KB
8 KB 68ms
18ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:23:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 33FA 2 KB
1 KB 80ms
33ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:05:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33FA 125 KB
38 KB 65ms
40ms Script
text/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 20:44:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 33FA 14 KB
6 KB 68ms
21ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 22:48:46 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 33FA 26 KB
11 KB 81ms
34ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
server: cafe
etag: 553973696465445763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:45:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33FA 0
0 46ms
45ms Fetch
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMLIGNFtCYfnHO8KItwfiloNoz8aiiGXs2dyWgQ6wkB8QASCf8P4PYMkGoAGnkpHgA8gBAqgDAcgDyQSqBKEBT9BGI_wjyHMs-ISQzPtg3wr58gJpP1lUrpdUjkKWyi_x_-mkGj_pvGZv6GKSItCWTAiRkrbYmAXde3HGFZSWindYVuXvyr9t6jQXuqsqL7drzGsbIT23dtIzWqmi83uWQAs9axsK9LE6obcgSWUL7rlUQsJJHaYQOMbxe4rDMnOM7JT-HZ6aYMT1wpXklf9KIrInwKbJTWCxTjAEOIMQsBfABLP5_sbjA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfB7e4fqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBRC3pMQE0ggJCIDhgGAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTg5MjQzODIwNTUzNzk4MjUYAA&sigh=eTzr1LtZKm0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 15 Sep 2021 20:44:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 15 Sep 2021 20:44:37 GMT

GET
H2 200 8700184617888513633
tpc.googlesyndication.com/simgad/ Frame 76BE 8 KB
8 KB 42ms
42ms Image
image/png 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8700184617888513633?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmrlGNAbKr9LoEkUzTjo2U8XPz4LA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

sffe /

Resource Hash

0e3438b6ffbcf51765ed3a84f5f361ad701b3907453a836b9bd90fce3877b0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 02:21:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 13:06:24 GMT
server: sffe
age: 498174
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8073
x-xss-protection: 0
expires: Sat, 10 Sep 2022 02:21:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/ Frame 76BE 18 KB
7 KB 35ms
35ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:23:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 76BE 2 KB
1 KB 43ms
43ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:05:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76BE 125 KB
38 KB 29ms
29ms Script
text/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 20:44:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 76BE 14 KB
6 KB 36ms
35ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78951
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 22:48:46 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 76BE 26 KB
11 KB 44ms
43ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:45:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
server: cafe
etag: 553973696465445763
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:45:50 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 76BE 0
0 41ms
41ms Fetch
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cgv97NFtCYaTMO9XgtwfFgIqQAYnFpb9kyoeM8qwO-d-Mi9EoEAEgn_D-D2DJBqAB8Zqg0AHIAQKoAwHIA8kEqgSkAU_QUyMImwUDoTwVA936ogE_veKqsj1Zn4DwDA9pQw4dYYbjwWAQMHZcoIQt-oOWe7JXxzt2WIRBsTs-8hONrxLsuFC981JpPak-HBCZBN7y3SLLsdjfUwA_Me-KPg0Ck4EthRc2bnTVbTsnLjmpXQJEnCrx9Z3lBFgIP2bkuikHGoPzbaWjTOeG13XVSs2D1boaVOInFKdMHU5cHGHwQgY7avjuwATgx8mN1gOSBQQIBBgBkgUECAUYBKAGAoAH9-TfrwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcEEJaFUtIICQiA4YBgEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04OTI0MzgyMDU1Mzc5ODI1GAA&sigh=NCZfBk3IuQ8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 15 Sep 2021 20:44:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 846B 143 B
163 B 28ms
28ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnfKorQVvMSQuYix8SSlbhNr3lnQYeYWqnaj0xTLn59RRRx73drRwilBkV8S_s
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=600&slotname=8722233764&adk=683163061&adf=693658193&pi=t.ma~as.8722233764&w=160&lmt=1630356485&psa=0&format=160x600&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676795&bpp=4&bdt=167&idt=94&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&correlator=3412653487178&frm=20&pv=2&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1332&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=qEZ9KO9t8h&p=http%3A//rufus.ie&dtd=110

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Sep 2021 19:54:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 33FA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e3982083694cce2f43287ec621150eccbbe3d002375b705c2ded1cdad9e3b01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6748 143 B
163 B 28ms
28ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnfKorQVvMSQuYix8SSlbhNr3lnQYeYWqnaj0xTLn59RRRx73drRwilBkV8S_s; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8924382055379825&output=html&h=90&slotname=7142613500&adk=2464676006&adf=2911419773&pi=t.ma~as.7142613500&w=728&lmt=1630356485&psa=0&format=728x90&url=http%3A%2F%2Frufus.ie%2Fen%2F&flash=0&wgl=1&dt=1631738676799&bpp=1&bdt=172&idt=114&shv=r20210914&mjsv=m202109130101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=3412653487178&frm=20&pv=1&ga_vid=1220010213.1631738677&ga_sid=1631738677&ga_hid=709227681&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=305&ady=66&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062518%2C44750533%2C31062297&oid=3&pvsid=143829989953441&pem=127&ref=http%3A%2F%2Frufus.ie%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=8D6xL17tXC&p=http%3A//rufus.ie&dtd=117

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 15 Sep 2021 19:54:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 76BE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05b12bbf0bb99d49a69db5f5aae90368285ea97120e0c1eb73e10b5507621baf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 846B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

50ms
50ms

Document
text/html

216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnfKorQVvMSQuYix8SSlbhNr3lnQYeYWqnaj0xTLn59RRRx73drRwilBkV8S_s; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 20:44:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 15-Sep-2021 21:44:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 20:44:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 20:44:37 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/ 145 KB
52 KB 48ms
48ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

2c356d4cb2e44d4952054f58726e38635d547a6caa07990497c5783a01a51b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53090
x-xss-protection: 0
server: cafe
etag: 1275406230024671029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 20:44:37 GMT

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DFE 35 KB
13 KB 19ms
18ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 19:25:39 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6748
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

34ms
34ms

Document
text/html

216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnfKorQVvMSQuYix8SSlbhNr3lnQYeYWqnaj0xTLn59RRRx73drRwilBkV8S_s; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 20:44:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 15-Sep-2021 21:44:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 15 Sep 2021 20:44:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 15 Sep 2021 20:44:37 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame 6998 35 KB
13 KB 19ms
18ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 19:25:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 65ms
28ms Script
application/javascript 142.250.187.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rufus.ie

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s33-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 20:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/ Frame 9ED7 10 KB
5 KB 29ms
29ms Document
text/html 216.58.213.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.213.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s25-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUnfKorQVvMSQuYix8SSlbhNr3lnQYeYWqnaj0xTLn59RRRx73drRwilBkV8S_s; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 15 Sep 2021 01:37:51 GMT
expires: Wed, 29 Sep 2021 01:37:51 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 68806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 9ED7 4 KB
1 KB 76ms
26ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:10:15 GMT
server: ESF
date: Wed, 15 Sep 2021 20:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:44:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ED7 205 B
588 B 69ms
18ms Image
image/png 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 11:16:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 379715
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
expires: Sun, 11 Sep 2022 11:16:02 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ED7 604 B
694 B 70ms
19ms Image
image/png 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 22:32:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 252716
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
expires: Mon, 12 Sep 2022 22:32:41 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/elements/html/ Frame 9ED7 17 KB
8 KB 44ms
17ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:29:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7656
x-xss-protection: 0
server: cafe
etag: 8352096984186353373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 12:29:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4BA0 6 KB
669 B 52ms
27ms Stylesheet
text/css 142.250.178.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f10.1e100.net

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 20:12:21 GMT
server: ESF
date: Wed, 15 Sep 2021 20:44:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Sep 2021 20:44:38 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 4BA0 1 KB
857 B 18ms
18ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:45:21 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/ Frame 4BA0 18 KB
7 KB 19ms
19ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:23:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4857
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:23:41 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 4BA0 2 KB
1 KB 21ms
21ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 23:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 23:05:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BA0 125 KB
38 KB 37ms
37ms Script
text/javascript 142.250.200.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.200.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s29-in-f2.1e100.net

Software

sffe /

Resource Hash

f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38646
x-xss-protection: 0
server: sffe
etag: "1631547526571764"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 15 Sep 2021 20:44:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/ Frame 4BA0 14 KB
6 KB 19ms
19ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210914/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 22:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78952
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Sep 2021 22:48:46 GMT

GET
H3 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 4BA0 26 KB
11 KB 63ms
28ms Script
text/javascript 142.250.178.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f3.1e100.net

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:57:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 20:25:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Tue, 14 Dec 2021 12:57:47 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 76ms
41ms XHR
application/json 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210914&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

91772dea6dda9d9766ab014ced94e494d4f1069fe2115f729b4e1617b4e4bade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Sep 2021 20:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8560
x-xss-protection: 0

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame E521 35 KB
13 KB 18ms
18ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Host: rufus.ie
URL: http://rufus.ie/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 19:25:39 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109130101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 15 Sep 2021 20:44:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DD49 12 KB
5 KB 18ms
18ms Document
text/html 142.250.187.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.187.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s34-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 15 Sep 2021 18:40:38 GMT
expires: Thu, 15 Sep 2022 18:40:38 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB82 783 B
532 B 72ms
31ms Document
text/html 142.250.180.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr25s32-in-f4.1e100.net

Software

GSE /

Resource Hash

e97e7920f464314cc2e65cb30f35f8d6d763124d9382837b2ec58a7c905d3700

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tVCK1aw7na6I9U4WVM7Otw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://rufus.ie/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/

Response headers

expires: Wed, 15 Sep 2021 20:44:38 GMT
date: Wed, 15 Sep 2021 20:44:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-tVCK1aw7na6I9U4WVM7Otw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame DD49 35 KB
13 KB 19ms
19ms Script
text/javascript 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:18:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 14 Sep 2022 19:18:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB82 0
0 60ms
60ms Image
text/html 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210914&jk=143829989953441&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.178.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lhr48s27-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
31ms Image
image/gif 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210914&jk=143829989953441&bg=!-_il-LzNAAaUnz4elJ87ACkAdvg8Wtq55V9f_s05uO9Xql7HHMucQDmkCQKYLVzscWe6qYBRd4XapAIAAABjUgAAAAdoAQcKAGSC8oAfKQofEHa-pvKUF53E9xHNpqQaJ7bYpM976gievVJJeYoIUGBPaLSIepk2eDTKXAGpMN9FIy7UZ9XwBjYDCqwW81vULcB-qEo8UzSajXEECnu20aAcugNP4cJHAnrMOS-EmQJzaXmXJhe4Yd1N20Jd0Jwdnf-E-ZHOKXmZdBqGyVReCQ85Wu4Hx0Ni1FJd_JOtN3U4kYCva9UXb4UVT_p4_-fY4VWJ9Hd9AwbTNTH0mSrw9eNyZl8kEjqNrOZYuLSqLReewjqXm0YkS4_hG15A4ECYhI6rKdq6NclnfRJ83oewiHoqLkAff7M3WXJ8tzbRkLJXo8xpIeqbyW6MAYL0a6smgA2LoVz6e0p5_wC8qtG4JL8LjmWk-hjwi02PuNAgz8oatVwiQkOH2BkRc4_0YAT203PhjU1M8alzR2pAK4bobnqKr4K0wz6Xe6NGUKCP58Kf3E1OhT8KacuxeAij0tD0KKLzb4AZgraCnghSuhpzSCeuZsRMQ4APAKgOuSq-sv4vPVaqj_OAM00iPwaTbXRI_YzFwAUZBxuSv1n6SuoZJfWTeFU5AfvNr749E2M-XOVZGqV121_jVAoYwrruNNts6Ud4SSH5FGUl7cFdUbXlN8lRlx2tY3P8GAbuXp0csYXAvbnm41xV-IMIQ3qy6NL7zJx7lwIhpEfAcfYVz0XemvpvBIJqGUFkObfAFsrIXGcWSiBE1foWUeOel_gs5IcCGxCZGkYISZM-ko5gh5Oddw17aQcK4qqG4bRJvHLE5wOZCUeZ7NBric1z_zxaDtTMqHVkQc7dN7jUM_IS3EmbrMR_BAJb_iLNzJ32MF9z6SFayAUdu15esS8BrYKsyrHtknqHXKQhly5XjTXB3jEBG8l3AL1mKSbnNOqThY-S2AwYm-RQukFBfwo-XrHRvy-d5I6v-pK0WwJ2sfBFlyW0NpHiPvWiDPdd9SjYRwCPYokI6UNL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://rufus.ie/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76BE 42 B
64 B 43ms
42ms Fetch
image/gif 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstzTpLOvnKa3t0ShM67lgCOPUSN53W48-nAYBLghsUZOUTj656UFNXjJPdvpPzTX7rB9hb41Z8_8vMj-pv1sba7voSHWfbQzzLURQS8Q4pngAxschavxA&sai=AMfl-YQa5L5lRP83wM8yGOBu543s9WuYezYrOKvdsHdGM4gUlQcKaY8sxFbhlL2YZL9DL9IJQxDvj1MIPYmq&sig=Cg0ArKJSzALXu7z5T_xaEAE&id=lidar2&mcvt=1000&p=66,305,156,1033&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2464676006&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1631738676917&rpt=763&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 33FA 42 B
64 B 49ms
49ms Fetch
image/gif 142.250.178.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUrx3Zf1mq79pSkO10bIMh5yMBLP4JpDzU3QFmrDCvB92ed2majbGrmiTRVNcMG7zhO4YmImCTBPUs_-ONxH1Oxm02gcCniSqvEY2fyuqGqQo7p58haw&sai=AMfl-YTMl3EImQPlChQ1SDIspVaHEgCJ76tjQIPxhK-0YkC9FQwm54-6qiSjROl_wmHf5yvC4LAkmpZsqfYY&sig=Cg0ArKJSzOyHUgc-TeQlEAE&id=lidar2&mcvt=1002&p=123,1332,723,1492&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210913&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=683163061&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1631738676907&rpt=786&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.178.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr48s27-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Sep 2021 20:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rufus.ie/	1970-01-20 14:46:50	Name: _ga Value: GA1.2.1220010213.1631738677
.rufus.ie/	1970-01-19 21:17:05	Name: _gid Value: GA1.2.841827440.1631738677
.rufus.ie/	1970-01-19 21:15:38	Name: _gat Value: 1
.rufus.ie/	1970-01-20 06:37:14	Name: __gads Value: ID=595b032146fc903b-22965fdc3ccb0045:T=1631738676:RT=1631738676:S=ALNI_Mb3vCZG5zgN8XXD3nRe24N9xmfC7g
.doubleclick.net/	1970-01-20 14:46:50	Name: IDE Value: AHWqTUnfKorQVvMSQuYix8SSlbhNr3lnQYeYWqnaj0xTLn59RRRx73drRwilBkV8S_s
.doubleclick.net/	1970-01-19 21:15:39	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:15:42	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
rufus.ie
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.178.10
142.250.178.2
142.250.178.3
142.250.179.226
142.250.180.14
142.250.180.4
142.250.187.194
142.250.187.225
142.250.200.2
185.199.108.153
216.58.213.2
05b12bbf0bb99d49a69db5f5aae90368285ea97120e0c1eb73e10b5507621baf
077c1a0cab75f943fd03916bcb92bdd6222e9fd213636ad852566714cea8a4f4
0e3438b6ffbcf51765ed3a84f5f361ad701b3907453a836b9bd90fce3877b0a9
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2c356d4cb2e44d4952054f58726e38635d547a6caa07990497c5783a01a51b8b
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
48985a85ef8e64cf808604264e137a61ba4d90fb62efb05e609f9074dca1e5ce
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
56078d4cfb6b5535373db11e331396fb17fa7f777d335add0d78916988a0611d
56d4f5356d9b1997203b6b6bf6374881b63fd9b5f22a9373601b0f14ad409fd1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6cd910e21782ecb6252b8cc0dfb33026dcc45477ac48fbab6a5b8040a3e3f43f
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
7846138216f5f4659a86f1d9090fd5b805d26177d988b6c697bcbed20cd27741
89e590d44510a10b9602ebffa228e2d8a2f2aeb1acc462b51cd19df5f5434308
8a5a8396abf78790c1831c48ac3abb959821f8c99aa2a37151e3d1594f8b1c93
8e3982083694cce2f43287ec621150eccbbe3d002375b705c2ded1cdad9e3b01
91772dea6dda9d9766ab014ced94e494d4f1069fe2115f729b4e1617b4e4bade
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aefe9f31909799252840c143110e10be71d8515345f8b54473b819ac1376b9a4
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
d4ff31636412c8f4d99214c0e38202071afd8e9bd20ca9fb0bceafcd4eb7649b
d7a099c582c9536a920000cf59e8a2ba2b635b355cfaa0b06b5c46a331ec5353
dfb617fea19c1ab8515ad34dfdc3dc352a975899b3ee5bfb7c1e77c1ebd79237
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e97e7920f464314cc2e65cb30f35f8d6d763124d9382837b2ec58a7c905d3700
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4fcf19981dfc07f2a86835a35058ab48ecc08b36de09f50f6be890c4fcec5fe
fae8aa78fb82e074eeaf34793c7399cd5b848f5a838aa6bf1901cd15497469a7
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

rufus.ie Open in urlscan Pro 185.199.108.153

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

93 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

12 IPs

1 Countries

667 kBTransfer

1784 kBSize

7 Cookies

72 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rufus.ie
185.199.108.153

Screenshot
Live screenshot

Full Image

59
Requests

93 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

12
IPs

1
Countries

667 kB
Transfer

1784 kB
Size

7
Cookies

59 HTTP transactions
2 data transactions