www.amarujala.com Open in urlscan Pro
104.16.205.36 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.amarujala.com/
Effective URL:
https://www.amarujala.com/
Submission: On October 23 via api (October 23rd 2021, 8:37:12 am UTC) from QA — Scanned from DE

Summary HTTP 187 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 32 IPs in 1 countries across 13 domains to perform 187 HTTP transactions. The main IP is 104.16.205.36, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.amarujala.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time www.amarujala.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	104.16.205.36 104.16.205.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
8	172.64.138.23 172.64.138.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.173 142.250.186.173	15169 (GOOGLE) (GOOGLE)
9	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
1 3	13.225.82.45 13.225.82.45	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
3	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
7	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
1	142.250.179.131 142.250.179.131	15169 (GOOGLE) (GOOGLE)
8	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
22	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
4 38	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
3	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
4	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
5	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
8	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
6	108.177.122.120 108.177.122.120	15169 (GOOGLE) (GOOGLE)
5	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
8	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
4	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
5	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
1	74.125.140.155 74.125.140.155	15169 (GOOGLE) (GOOGLE)
1 1	172.217.130.70 172.217.130.70	15169 (GOOGLE) (GOOGLE)
2	172.217.130.74 172.217.130.74	15169 (GOOGLE) (GOOGLE)
2	74.125.104.107 74.125.104.107	15169 (GOOGLE) (GOOGLE)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
187	32

11 104.16.205.36 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.amarujala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spiderimg.amarujala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
handler.amarujala.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.138.23 (United States)

ASN13335 (CLOUDFLARENET, US)

spiderjs1.itstrendingnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.173 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f13.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.95.65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.82.45 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-45.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.142 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s10-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 142.250.185.129 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.177.122.120 (United States)

ASN15169 (GOOGLE, US)
PTR: ym-in-f120.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.130.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f6.1e100.net

r1---sn-2gb7sn7r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.130.74 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f10.1e100.net

r5---sn-2gb7sn7r.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.104.107 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s07-in-f11.1e100.net

r5---sn-2gb7sn7k.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
72	googlesyndication.com 4 redirects dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	418 KB
37	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com	615 KB
21	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net bid.g.doubleclick.net	249 KB
11	amarujala.com 1 redirects www.amarujala.com spiderimg.amarujala.com handler.amarujala.com	315 KB
9	google.com accounts.google.com ampcid.google.com www.google.com	75 KB
8	2mdn.net 3 redirects s0.2mdn.net gcdn.2mdn.net r1---sn-2gb7sn7r.c.2mdn.net r5---sn-2gb7sn7r.c.2mdn.net r5---sn-2gb7sn7k.c.2mdn.net	942 KB
8	itstrendingnow.com spidercss1.itstrendingnow.com Failed spiderjs1.itstrendingnow.com
7	googleapis.com fonts.googleapis.com imasdk.googleapis.com	254 KB
7	google-analytics.com www.google-analytics.com	20 KB
5	googletagservices.com www.googletagservices.com	183 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	google.de ampcid.google.de www.google.de	906 B
2	cloudflareinsights.com static.cloudflareinsights.com
187	13

	Domain	Requested by
38	tpc.googlesyndication.com	4 redirects dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com www.amarujala.com securepubads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
22	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.amarujala.com dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	securepubads.g.doubleclick.net	www.amarujala.com securepubads.g.doubleclick.net dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
8	encrypted-tbn1.gstatic.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
8	www.gstatic.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
8	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	spiderjs1.itstrendingnow.com	www.amarujala.com
7	www.google.com	www.amarujala.com dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com tpc.googlesyndication.com
7	www.google-analytics.com	www.amarujala.com
6	csi.gstatic.com	imasdk.googleapis.com
5	encrypted-tbn2.gstatic.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
5	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
5	spiderimg.amarujala.com	www.amarujala.com
4	ade.googlesyndication.com
4	encrypted-tbn0.gstatic.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
4	imasdk.googleapis.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
4	handler.amarujala.com	www.amarujala.com handler.amarujala.com
3	googleads4.g.doubleclick.net	www.amarujala.com
3	fonts.googleapis.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
3	sb.scorecardresearch.com	1 redirects www.amarujala.com
2	r5---sn-2gb7sn7k.c.2mdn.net	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
2	r5---sn-2gb7sn7r.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	static.cloudflareinsights.com	www.amarujala.com
2	www.amarujala.com	1 redirects
1	encrypted-tbn3.gstatic.com	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
1	r1---sn-2gb7sn7r.c.2mdn.net	1 redirects
1	s0.2mdn.net	dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
1	www.google.de	www.amarujala.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	accounts.google.com	www.amarujala.com
0	spidercss1.itstrendingnow.com Failed	www.amarujala.com
187	37

This site contains links to these domains. Also see Links.

Domain
wlskyinfopartners.adsrv.eacdn.com
www.safalta.com
www.myjyotish.com
www.amarujalatv.com
play.google.com
itunes.apple.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
t.me
epaper.amarujala.com
results.amarujala.com
www.firkee.in

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-10-12` - `2021-12-21`	2 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.amarujala.com/
Frame ID: B57335FC6797EFF0BF9BCA9158C0477A
Requests: 52 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B59B651F5AD46F0F822AF85486EDC47E
Requests: 1 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C53694131DDC6A44843E0BC3FCC04A5D
Requests: 32 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 74AAA14C04C47DCA7DADC18766D3184C
Requests: 13 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B0FA0CFD2C521DF77640BAC87628E1F
Requests: 16 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CDABF0E28046DE6748A3FCB30D235C01
Requests: 17 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 08CBE1A7A70ECEDC943B88F62AD8E4C5
Requests: 19 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2259B77AC06742591580A6BC3398485F
Requests: 18 HTTP requests in this frame

Frame: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F3E4362CA33C5079C21623571A6F319
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQlZHVAhik0bW3ATAB&v=APEucNU91WCSiegdvfkOr0P21uW9BCEfdxByGvUQqDbDQU2ncfhVhYX_Iyk915VJvLihfrjJ-Zz0EbI6kQbDmKzeDBaR8PTkmQ
Frame ID: 6A560D30BBB02BA7BFBC6F8B5A335D39
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D6E1462C63D40027848147A4A5BD7411
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D9F49156E09ADD14618B36C4D67F8E89
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 162FF0A126069CE1B95CC1E611D12BF2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 4E83B55D5A924CD4360F12B1A14D9460
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FD7D9E821D26691107B99EE0D17B1CEC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hindi News (हिन्दी न्यूज़): Latest News In Hindi, Breaking News Headlines Today (हिंदी समाचार)

Page URL History Show full URLs

http://www.amarujala.com/ HTTP 301
https://www.amarujala.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

187
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

37
Subdomains

32
IPs

1
Countries

3070 kB
Transfer

5964 kB
Size

12
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://wlskyinfopartners.adsrv.eacdn.com/C.ashx?btag=a_695b_919c_&affid=4&siteid=695&adid=919&c=

Search URL Search Domain Scan URL

URL: https://wlskyinfopartners.adsrv.eacdn.com/C.ashx?btag=a_695b_920c_&affid=4&siteid=695&adid=920&c=

Search URL Search Domain Scan URL

URL: https://www.safalta.com/current-affairs-2021-sept?utm_source=Au&utm_medium=nativeHomepage1&utm_campaign=upes
Title: FREE करेंट अफेयर्स सितंबर माह 2021 - अभी डाउनलाड करे ।

Search URL Search Domain Scan URL

URL: https://www.myjyotish.com/astrology-services/puja/dashrath-lalita-parv-online-lalita-sahasranaam-pathh?utm_source=AU&utm_medium=HPNA&utm_campaign=HPNA
Title: Myjyotish गंभीर से गंभीर परेशानी होगी दूर,ललिता देवी शक्तिपीठ-नैमिषारण्य पर कराएं ललिता सहस्रनाम पाठ, मात्र रु:51/- में,अभी बुक करें

Search URL Search Domain Scan URL

URL: https://www.amarujalatv.com/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.org.AmarUjala.news

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/amar-ujala-hindi-news/id1028364855

Search URL Search Domain Scan URL

URL: https://play.google.com/store/newsstand/news/Amar_Ujala_Hindi_Newspaper?id=CAowotjcCg&hl=hi

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Amarujala

Search URL Search Domain Scan URL

URL: https://twitter.com/AmarUjalaNews

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/NewsAmarujala

Search URL Search Domain Scan URL

URL: https://www.instagram.com/amarujala/

Search URL Search Domain Scan URL

URL: https://t.me/amarujalaofficial

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/
Title: Today's e-Paper

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/dl/?format=img
Title: Delhi

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/lc/?format=img
Title: Lucknow

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/dc/?format=img
Title: Dehradun

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/cc/?format=img
Title: Chandigarh

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/sh/?format=img
Title: Shimla

Search URL Search Domain Scan URL

URL: https://epaper.amarujala.com/cj/?format=img
Title: Jammu

Search URL Search Domain Scan URL

URL: https://results.amarujala.com/
Title: Sarkari Result

Search URL Search Domain Scan URL

URL: https://www.myjyotish.com/talk-to-astrologers
Title: Talk To Astrologers

Search URL Search Domain Scan URL

URL: https://www.myjyotish.com/kundli-matching
Title: Kundli Milan

Search URL Search Domain Scan URL

URL: https://www.myjyotish.com/janam-kundli
Title: Janam Kundli

Search URL Search Domain Scan URL

URL: https://www.firkee.in/
Title: Firkee

Search URL Search Domain Scan URL

URL: https://www.safalta.com/
Title: SSC Coaching

Search URL Search Domain Scan URL

URL: https://www.myjyotish.com/
Title: My Jyotish

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.amarujala.com/ HTTP 301
https://www.amarujala.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://sb.scorecardresearch.com/b?c1=2&c2=21916725&ns__t=1634978227683&ns_c=UTF-8&cv=3.5&c8=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&c7=https%3A%2F%2Fwww.amarujala.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=21916725&ns__t=1634978227683&ns_c=UTF-8&cv=3.5&c8=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&c7=https%3A%2F%2Fwww.amarujala.com%2F&c9=

Request Chain 127

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi HTTP 301
https://tpc.googlesyndication.com/simgad/9074747796639100022

Request Chain 133

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi HTTP 301
https://tpc.googlesyndication.com/simgad/9074747796639100022

Request Chain 147

https://gcdn.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/05D4D507B8316E13BDB7A382B0BDFE467FA02FB3.421C12774506CA24C25AFE121FC6A5E5787CCE46/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/404C10230AE86F556631092A1E2511B71FD37264.48E45B439F52B56127AB444C009AD21D185746EA/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634977946/mv/m/mvi/1/pl/24/file/file.mp4 HTTP 302
https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/404C10230AE86F556631092A1E2511B71FD37264.48E45B439F52B56127AB444C009AD21D185746EA/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634977946/mv/m/mvi/1/pl/24/ir/1/rr/12/file/file.mp4

Request Chain 153

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
https://tpc.googlesyndication.com/simgad/14978601946328591918

Request Chain 163

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw HTTP 301
https://tpc.googlesyndication.com/simgad/14978601946328591918

Request Chain 167

https://gcdn.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6BE3D23A378590F93BC6851004AE28481AA9DA20.9CEDFE0EC238D9E1BB2BB652A56B69E32BB08848/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59823B75A703BCB03A590B9BDA1162B9E62BAE60.5A1589B90B64B1447BCC57E660A41BCB2C8F5FB7/key/cms1/cms_redirect/yes/mh/-z/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1634977946/mv/m/mvi/5/pl/24/file/file.mp4

187 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.amarujala.com/
Redirect Chain

http://www.amarujala.com/
https://www.amarujala.com/

544 KB
257 KB

64ms
41ms

Document
text/html

104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 582f5961c0eca0d23d36dcfbf9b22ebaf6cf91f69f8d69f9fe07f0487c6ffea7

Request headers

:method: GET
:authority: www.amarujala.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=30
amp-access-control-allow-source-origin: https://www.amarujala.com
x-cache: MISS
cf-cache-status: HIT
expires: Sat, 23 Oct 2021 08:37:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a29a44119ae715c-DUS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 23 Oct 2021 08:37:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 23 Oct 2021 09:37:07 GMT
Location: https://www.amarujala.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6a29a440cff3716c-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 amit-shah-jammu_1634975633.jpeg
spiderimg.amarujala.com/assets/images/2021/10/23/360x243/ 20 KB
20 KB 32ms
24ms Image
image/webp 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spiderimg.amarujala.com/assets/images/2021/10/23/360x243/amit-shah-jammu_1634975633.jpeg
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e444df21d53a9e6d8c4248f8416fae87073b1dab5b6db095bf36b96d5622aee6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: HIT
age: 2227
cf-polished: qual=85, origFmt=jpeg, origSize=30013
content-disposition: inline; filename="amit-shah-jammu_1634975633.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 07:53:54 GMT
server: cloudflare
etag: W/"6173bf92-753d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 23 Oct 2022 08:37:07 GMT
cache-control: public, max-age=31536000
cf-ray: 6a29a4418a73715c-DUS
cf-bgj: imgq:85,h2pri

GET
H2 200 1140x90-icc-t-20-wc-2021-sky247_61684273d1ed2.jpg
spiderimg.amarujala.com/assets/images/2021/10/14/ 25 KB
26 KB 27ms
24ms Image
image/webp 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spiderimg.amarujala.com/assets/images/2021/10/14/1140x90-icc-t-20-wc-2021-sky247_61684273d1ed2.jpg
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88dd40d571c3010ff3bf878bc9980a9af8b5dd61baa07e433167d6254ff49a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: HIT
age: 569066
cf-polished: qual=85, origFmt=jpeg, origSize=72413
content-disposition: inline; filename="1140x90-icc-t-20-wc-2021-sky247_61684273d1ed2.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 14:45:07 GMT
server: cloudflare
etag: W/"61684273-11add"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 23 Oct 2022 08:37:07 GMT
cache-control: public, max-age=31536000
cf-ray: 6a29a4418a76715c-DUS
cf-bgj: imgq:85,h2pri

GET
H2 200 414x64-icc-t-20-wc-2021-sky247_616842856543c.jpg
spiderimg.amarujala.com/assets/images/2021/10/14/ 7 KB
7 KB 28ms
28ms Image
image/webp 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spiderimg.amarujala.com/assets/images/2021/10/14/414x64-icc-t-20-wc-2021-sky247_616842856543c.jpg
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14865326c754c2b464ef40da661fc012463e36f0b3f91729f720b4d0184629cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: HIT
age: 569066
cf-polished: qual=85, origFmt=jpeg, origSize=29116
content-disposition: inline; filename="414x64-icc-t-20-wc-2021-sky247_616842856543c.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 14 Oct 2021 14:45:25 GMT
server: cloudflare
etag: W/"61684285-71bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 23 Oct 2022 08:37:07 GMT
cache-control: public, max-age=31536000
cf-ray: 6a29a4418a80715c-DUS
cf-bgj: imgq:85,h2pri

GET
H2 200 default_500.png
spiderimg.amarujala.com/assets/images/150x150/ 672 B
799 B 32ms
32ms Image
image/webp 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spiderimg.amarujala.com/assets/images/150x150/default_500.png
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2462fbd30325750a93ec59f2cf04c3dfb0a4d37485344560350034cd710b1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: HIT
age: 177856
cf-polished: origFmt=png, origSize=1261
content-disposition: inline; filename="default_500.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 05 Apr 2016 10:05:02 GMT
server: cloudflare
etag: W/"57038dce-4ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 23 Oct 2022 08:37:07 GMT
cache-control: public, max-age=31536000
cf-ray: 6a29a4418a81715c-DUS
cf-bgj: imgq:85,h2pri

GET
H2 200 default_500.png
spiderimg.amarujala.com/assets/images/1x1/ 34 B
188 B 25ms
24ms Image
image/webp 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spiderimg.amarujala.com/assets/images/1x1/default_500.png
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: HIT
age: 8561862
cf-polished: origFmt=png, origSize=924
content-disposition: inline; filename="default_500.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 28 Nov 2018 09:46:15 GMT
server: cloudflare
etag: W/"5bfe63e7-39c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 23 Oct 2022 08:37:07 GMT
cache-control: public, max-age=31536000
cf-ray: 6a29a4418a82715c-DUS
cf-bgj: imgq:85,h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 77ms
23ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 2161
date: Sat, 23 Oct 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Sat, 23 Oct 2021 10:01:06 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 465e9a6e1125152c73b5675302434378e37e4c8f0f76c2c58497ca136bddd14e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9755bca214ccf97ddda5a4fd04f3e36ebd9e04ae8e0c9775a26182ecfe83c3e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 156 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b1022a207e7a6ef700f81ec57473bc28967565907c7bf2b4f5cd307f442584

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET NotoSansDevanagariUI-Medium.woff2
spidercss1.itstrendingnow.com/assets/v1/fonts/ 0
0

GET
H2 403 jquery-1.11.3.min.js
spiderjs1.itstrendingnow.com/assets/js/ 0
0 74ms
26ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/assets/js/jquery-1.11.3.min.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 403 sw-register.js
spiderjs1.itstrendingnow.com/ 0
0 74ms
27ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/sw-register.js?v=m8juy87o0jrogrffgrddi
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 client Show response
accounts.google.com/gsi/ 184 KB
73 KB 138ms
78ms Script
application/javascript 142.250.186.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.173 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f13.1e100.net

Software

ESF /

Resource Hash

55f5b87b898e81bab8afdf327b6648eea9a87b2ecf9d60cd537ec7873db89a93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bhI/lV7rsGD8S338/CBJyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-bhI/lV7rsGD8S338/CBJyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQddombRAcENM20QqCld_3a336Eg9XP-Vozo013fZBwTVH3T1xpDAEqxCBb5DzA"
expires: Sat, 23 Oct 2021 08:37:07 GMT

GET
H2 403 main-8757d45ce2.js
spiderjs1.itstrendingnow.com/build/v1/js/ 0
0 76ms
28ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/build/v1/js/main-8757d45ce2.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 403 jquery.jscroll.min.js
spiderjs1.itstrendingnow.com/assets/v1/js/ 0
0 76ms
29ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/assets/v1/js/jquery.jscroll.min.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 403 jquery.inview.min-0d4f4c2c6a.js
spiderjs1.itstrendingnow.com/build/v1/js/ 0
0 88ms
41ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/build/v1/js/jquery.inview.min-0d4f4c2c6a.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 403 jinqjs.min.js
spiderjs1.itstrendingnow.com/assets/v1/js/ 0
0 89ms
42ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/assets/v1/js/jinqjs.min.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 403 widget.min-0a09a0aabd.js
spiderjs1.itstrendingnow.com/build/v1/js/ 0
0 23ms
22ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/build/v1/js/widget.min-0a09a0aabd.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 403 jquery.bxslider.min.js
spiderjs1.itstrendingnow.com/assets/v1/js/ 0
0 29ms
29ms Script
text/html 172.64.138.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://spiderjs1.itstrendingnow.com/assets/v1/js/jquery.bxslider.min.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.138.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 setcookies Show response
handler.amarujala.com/user/ 0
114 B 51ms
40ms Script
text/plain 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://handler.amarujala.com/user/setcookies?v=m8juy87o0jrogrffgrddi
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: X-Requested-With,content-type,X-CSRF-TOKEN
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-credentials: true
cf-ray: 6a29a4420b31715c-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H2 200 trackUserEvent.js Show response
handler.amarujala.com/static/js/ 8 KB
2 KB 32ms
21ms Script
application/javascript 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://handler.amarujala.com/static/js/trackUserEvent.js?v=m8juy87o0jrogrffgrddi
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c5da424ecbf338a9e617d4892f4d3a94d971ce4162fabb6469391684aad95a81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-encoding: br
cf-cache-status: HIT
age: 69240
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Sep 2021 11:37:00 GMT
server: cloudflare
etag: W/"2af1-17c2c319878"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/javascript; charset=UTF-8
expires: Wed, 27 Apr 2022 08:37:07 GMT
cache-control: public, max-age=16070400
cf-polished: origSize=10993
access-control-allow-credentials: true
cf-ray: 6a29a4420b2f715c-DUS
access-control-allow-headers: X-Requested-With,content-type,X-CSRF-TOKEN
cf-bgj: minify

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 88ms
36ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

8ade00ef9b3c7f137dfe82dd11ed970b47ece19df2e6014b9abce76bc91a1b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1022 / 547 of 1000 / last-modified: 1634854038"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27192
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Oct 2021 08:37:07 GMT

GET
H2 403 beacon.min.js
static.cloudflareinsights.com/ 0
0 46ms
23ms Script
text/html 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET NotoSansDevanagariUI-Medium.woff
spidercss1.itstrendingnow.com/assets/v1/fonts/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfc261f3b35fe71463e97b5da5a95048fee8f904308a4cd6194c669ac0619ce4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29cd9baf558e8dae93501711ae1718524ad59a9b07a9a76b0bb3d8e92ef0336

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbce3cee70669afcbc3dba769e5ef013a791e15509d0a2f1223a0ec1e00efe41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET NotoSansDevanagariUI-Medium.ttf
spidercss1.itstrendingnow.com/assets/v1/fonts/ 0
0

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058c62b6fd1dfbccc354319f1ad531e81c2542d3a3cfd3ad1f7d198cd9d26bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
505 B 94ms
31ms XHR
application/json 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amarujala.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.amarujala.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 36ms
8ms Script
application/javascript 13.225.82.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.82.45 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-82-45.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 02:08:36 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 23339
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: HRf37tQ5xnHk-nW5TjlKzcab6v55oo2r1XKVynwTd_nNmvdqmKuLGA==

GET
H2 403 beacon.min.js
static.cloudflareinsights.com/ 0
0 13ms
13ms Script
text/html 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET NotoSansDevanagariUI-Medium.otf
spidercss1.itstrendingnow.com/assets/v1/fonts/ 0
0

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=21916725&ns__t=1634978227683&ns_c=UTF-8&cv=3.5&c8=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%...
https://sb.scorecardresearch.com/b2?c1=2&c2=21916725&ns__t=1634978227683&ns_c=UTF-8&cv=3.5&c8=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0...

64 B
328 B

11ms
11ms

Image
image/gif

13.225.82.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=21916725&ns__t=1634978227683&ns_c=UTF-8&cv=3.5&c8=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&c7=https%3A%2F%2Fwww.amarujala.com%2F&c9=
Requested by: Host: www.amarujala.com
URL: https://www.amarujala.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.82.45 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-82-45.fra2.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: TzbPdK23Nn9Al46IovrM_RT1f9hwKyaavjS7mA42CIb_C_Ryi331cA==

Redirect headers

date: Sat, 23 Oct 2021 08:37:07 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=21916725&ns__t=1634978227683&ns_c=UTF-8&cv=3.5&c8=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&c7=https%3A%2F%2Fwww.amarujala.com%2F&c9=
content-length: 466
x-amz-cf-id: gOlAWZPNfDS1QXmFgd6hVhHaFQjSwxUJbrr05T6suqe7b91pGWBe7g==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
434 B 90ms
28ms XHR
application/json 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.amarujala.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.amarujala.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

OPTIONS
H3 200 event
handler.amarujala.com/user/ Frame 0
0 65ms
51ms Preflight 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://handler.amarujala.com/user/event
Protocol: H3
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.amarujala.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
x-powered-by: Express
access-control-allow-origin: https://www.amarujala.com
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: X-Requested-With,content-type,X-CSRF-TOKEN
access-control-allow-credentials: true
host: handler.amarujala.com
accept-encoding: gzip
cf-ipcountry: DE
x-forwarded-for: 216.131.111.39
x-forwarded-proto: https
cf-visitor: {"scheme":"https"}
pragma: no-cache
cache-control: no-cache
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.amarujala.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://www.amarujala.com/
cf-connecting-ip: 216.131.111.39
true-client-ip: 216.131.111.39
cdn-loop: cloudflare
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6a29a4438ac9717b-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 201 event Show response
handler.amarujala.com/user/ 45 B
491 B 122ms
110ms Fetch
application/json 104.16.205.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://handler.amarujala.com/user/event
Requested by: Host: handler.amarujala.com
URL: https://handler.amarujala.com/static/js/trackUserEvent.js?v=m8juy87o0jrogrffgrddi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.205.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 470566b14c91d85922fa9db4a10b0fc81ef80daa6890b06f3cb399c143ec561a

Request headers

Referer: https://www.amarujala.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: X-Requested-With,content-type,X-CSRF-TOKEN
x-powered-by: Express
etag: W/"2d-GhtFHQxDVrvzBmJHjjx0BnL/kxU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.amarujala.com
access-control-allow-credentials: true
cf-ray: 6a29a443fba77180-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45

GET
H3 200 pubads_impl_2021101401.js Show response
securepubads.g.doubleclick.net/gpt/ 361 KB
122 KB 66ms
36ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

50f06fa6a4a36d9702745dec58ef82ea73b36cc8e2636504a85f65207904322d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125076
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 17:37:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 23 Oct 2021 08:37:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
415 B 65ms
21ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-28612117-1&cid=823376848.1634978228&jid=449000100&gjid=853286348&_gid=26088047.1634978228&_u=YGBAgEABBAQCAE~&z=784675085

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amarujala.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Oct 2021 08:37:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.amarujala.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 61ms
21ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-57570453-1&cid=823376848.1634978228&jid=745026066&gjid=2024372340&_gid=26088047.1634978228&_u=YGDAgEABBAQCAE~&z=1219725112

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.amarujala.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 23 Oct 2021 08:37:07 GMT
content-type: text/plain
access-control-allow-origin: https://www.amarujala.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
22ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1313219581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amarujala.com%2F&ul=en-us&de=UTF-8&dt=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABBAQC~&jid=449000100&gjid=853286348&cid=823376848.1634978228&tid=UA-28612117-1&_gid=26088047.1634978228&cd3=Free&z=1480274635

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 14:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
21ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1313219581&t=pageview&_s=1&dl=https%3A%2F%2Fwww.amarujala.com%2F&ul=en-us&de=UTF-8&dt=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABBAQCAE~&jid=745026066&gjid=2024372340&cid=823376848.1634978228&tid=UA-57570453-1&_gid=26088047.1634978228&cd3=Free&z=1683143390

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 14:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
22ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1313219581&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.amarujala.com%2F&ul=en-us&de=UTF-8&dt=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Amarujala-banner-ad&ea=loaded&el=t20-worldcup-sky247&_u=YGDAgEABBAQCAE~&jid=&gjid=&cid=823376848.1634978228&tid=UA-28612117-1&_gid=26088047.1634978228&cd3=Free&z=411288058

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 14:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
23ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1313219581&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.amarujala.com%2F&ul=en-us&de=UTF-8&dt=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Amarujala-banner-ad&ea=loaded&el=t20-worldcup-sky247&_u=YGDAgEABBAQCAE~&jid=&gjid=&cid=823376848.1634978228&tid=UA-57570453-1&_gid=26088047.1634978228&cd3=Free&z=37491707

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 14:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
23ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1313219581&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.amarujala.com%2F&ul=en-us&de=UTF-8&dt=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Amarujala-banner-ad&ea=loaded&el=t20-worldcup-sky247&_u=YGDAgEABBAQCAE~&jid=&gjid=&cid=823376848.1634978228&tid=UA-28612117-1&_gid=26088047.1634978228&cd3=Free&z=429769039

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 14:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 50ms
23ms Image
image/gif 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j94&a=1313219581&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.amarujala.com%2F&ul=en-us&de=UTF-8&dt=Hindi%20News%20(%E0%A4%B9%E0%A4%BF%E0%A4%A8%E0%A5%8D%E0%A4%A6%E0%A5%80%20%E0%A4%A8%E0%A5%8D%E0%A4%AF%E0%A5%82%E0%A4%9C%E0%A4%BC)%3A%20Latest%20News%20In%20Hindi%2C%20Breaking%20News%20Headlines%20Today%20(%E0%A4%B9%E0%A4%BF%E0%A4%82%E0%A4%A6%E0%A5%80%20%E0%A4%B8%E0%A4%AE%E0%A4%BE%E0%A4%9A%E0%A4%BE%E0%A4%B0)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Amarujala-banner-ad&ea=loaded&el=t20-worldcup-sky247&_u=YGDAgEABBAQCAE~&jid=&gjid=&cid=823376848.1634978228&tid=UA-57570453-1&_gid=26088047.1634978228&cd3=Free&z=852711362

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Oct 2021 14:36:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64837
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 98ms
47ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-28612117-1&cid=823376848.1634978228&jid=449000100&_u=YGBAgEABBAQCAE~&z=1889401304

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
472 B 103ms
46ms Image
image/gif 142.250.179.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-28612117-1&cid=823376848.1634978228&jid=449000100&_u=YGBAgEABBAQCAE~&z=1889401304

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams17s10-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 517 KB
70 KB 1134ms
1134ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2834336860190299&correlator=184017715905822&output=ldjh&impl=fifs&eid=31060438%2C31063236%2C31062524&vrg=2021101401&ptt=17&sc=1&sfv=1-0-38&ecs=20211023&iu_parts=188001951%2CAmarujala-Desktop-Homepage-300x250-1%2CAmarujala-Desktop-Homepage-728x90-1%2CAmarujala-Desktop-Homepage-160x600-RHS%2CAmarujala-Desktop-Homepage-160x600-LHS%2CAmarujala-Desktop-Homepage-970x250-Top%2CAmarujala_Homepage_desktop_300x250_New_2%2CHP_72890_slot2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%2C728x90%2C160x600%2C160x600%2C970x250%2C300x250%2C728x90&cust_params=template%3Dpage%26page%3Dhome%26request_client%3Dweb%26logged_in%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1634978227&dt=1634978227894&dlt=1634978227416&idt=458&frm=20&biw=1600&bih=1200&oid=2&adxs=991%2C569%2C1310%2C130%2C315%2C991%2C436&adys=587%2C10%2C178%2C178%2C193%2C1462%2C2076&adks=1127726341%2C3512711815%2C1456524117%2C574595809%2C3653573332%2C4292368032%2C739662393&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.amarujala.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x272%7C994x110%7C160x600%7C160x600%7C1600x2914%7C300x272%7C728x110&msz=300x0%7C728x0%7C160x-1%7C160x-1%7C1600x250%7C300x0%7C728x0&ga_vid=823376848.1634978228&ga_sid=1634978228&ga_hid=1313219581&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d8befc63ffef4fd192ef1b18655c48970daf3637b4dd6b89f35cafb66f60cfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 71588
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.amarujala.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B59B 6 KB
4 KB 114ms
30ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C536 6 KB
3 KB 58ms
24ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74AA 6 KB
3 KB 56ms
27ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B0F 6 KB
3 KB 52ms
28ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDAB 6 KB
3 KB 44ms
29ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 08CB 6 KB
3 KB 43ms
32ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2259 6 KB
3 KB 39ms
33ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 container.html Show response
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F3E 6 KB
3 KB 36ms
35ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 23 Oct 2021 08:37:08 GMT
expires: Sun, 23 Oct 2022 08:37:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 94ms
39ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

cbd54c46b7ffa57972f5348c70f1cbdd95fde744c8a2ac36253a0bd25c428f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8588
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame C536 18 KB
8 KB 79ms
23ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C536 8 KB
1 KB 86ms
30ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 07:44:19 GMT
server: ESF
date: Sat, 23 Oct 2021 08:37:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame C536 14 KB
3 KB 74ms
21ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 23:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 21 Oct 2022 23:15:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame C536 353 KB
122 KB 77ms
24ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125199
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 21 Oct 2022 09:19:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame C536 14 KB
6 KB 81ms
26ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C536 0
0 77ms
30ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKnzXs0gd9sC8vudFAf7IBwIcVd7EP8beX1NSG4MPVRdlqsqNUe5Nl13Awg3yJYa8ugnWO
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6A56 0
654 B 90ms
36ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJKm1AIQlZHVAhik0bW3ATAB&v=APEucNU91WCSiegdvfkOr0P21uW9BCEfdxByGvUQqDbDQU2ncfhVhYX_Iyk915VJvLihfrjJ-Zz0EbI6kQbDmKzeDBaR8PTkmQ

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJKm1AIQlZHVAhik0bW3ATAB&v=APEucNU91WCSiegdvfkOr0P21uW9BCEfdxByGvUQqDbDQU2ncfhVhYX_Iyk915VJvLihfrjJ-Zz0EbI6kQbDmKzeDBaR8PTkmQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 23 Oct 2021 08:37:09 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUnjS14mJV3VTjpt6u1iVbNJpP5FD1jeFJgA4yUsqx_HUFkhTtmOmVJZtIF3; expires=Thu, 17-Nov-2022 08:37:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
expires: Sat, 23 Oct 2021 08:37:09 GMT
cache-control: private

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 74AA 18 KB
8 KB 54ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:18:01 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 74AA 6 KB
3 KB 51ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 06:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2631
x-xss-protection: 0
server: cafe
etag: 10983085961369067521
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 06:15:16 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 74AA 0
542 B 149ms
69ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZ7RGOm87_KB5vbuIGfxoAIAZLirsVEFmwOx-dAr_a38S08C3S1Uc6m71eRbYyrfSd_XaHs1QRloWsQ0PRwLQeovUueb67snYmlEbmL5uJej19mdsO86u8tXMd0Fpd3QIe8062NJKb5xYPtVXJ-uhFuUv08KdhjHlL5aTJCLBwm0b_8LeXM8gHQgbhsF0RBhfD6iwgSnW1DnTKMhJv9NdCimhe71fFhRHaqONA_kNYk83Yr0yhLwGr6CKtqAcUSU7weUTjxKk-rRXHuprPbXrUggWCjQxJnMyJa15Pj7nuiLx69MkKecuFFduu9uh3cI0N5a3ke_fo76p0N9o81cmbHH9qewweLc9MkrNkHC3Y8EE3VCHamGVeTNvQGJSgS039X3o3wjQuVcPtPbaoOR6wqBptKzu7xGgv7XgIFrqNDewqpl7tN4xmPjkN35D9uHAzojFh0epvz3jvc0bo_u0CFip7zoN7dz1gETAAXkjRRLW6u9s_TrcvamCGKztkIzXvp9f5LQ0-ANYUJckMZ-KKfOqwXhrChRQds_0zyp53MHgK8AdwxlT5i5uquKtgm_bW5sj_Kk1duANmt3pGDtE06D2Sf__k1pTj5DxWO9faWfF7vgpkG0Ne35Ac2lqdg2xZtc31bPHPLBxJ2BixJ3H-5dsqU0KOZThxXJdsP-BF9R6QFZxbh5jz0qpeJ2S4uCdM-_G_zlJ7BBzCvabhz-InEWTU6FTnea-VdI24Tj2DzOuK7UCvAhDLaA3exYt468sb74IpM4FGF3boKVVk0dVY5zmsGBx5SRGxusjSjs4TqINIDzHMGSeC9QXPnoQJlsI8c3bQHXUiJiT5aFJ5HyOqMpY31lNW67TNBCBQVcpzU9DQaP0Sx5D-sVxqs0tLOeq44XbJuWOJhMqX16X7iTRZQc7lRsBcKOED1ziSsaHLuNe0sLB-qZUoZYskTwUgqVlXScCRUnGVCSmfWAfhz7r41plzOuUxvqyAFTW0Wjr8mu4Dpdzz4EPpdbjp6mj406t7OTrFrtAfxLxi6a0Bkv6tqlogGNaNctxNdwURzXhVS_kCevND_RJ-MdA9oion3T8QmmkB3Fos5-ExLPUptTz8FzyJbL9yiHAOBGjdZlk9rzJmCFEvCaHH17M1dQeiHeQl6jxtxtxQvqm49Ef2MYGxU9-ptg&sai=AMfl-YTQJhWLdBRnLhsmBDllI91-YMh1opPIc12jmF7NU-64H2f7OuqizIybXc7yScehEevR8VRhqV80qZPytqkeH8vQwBB6ydmg39smFL1VQvYlTwUisLnq-zzUKzRn1-utMeAdCbabrSF1qPJ9IxhfyPjfd0RFKAkJVSdweAaQhlh1e9oRnPKQ6eKs43civ7wXtwOd0DPgLq6X6KPuMpAVCS4Sl2i8wXEdYI5gCeQ7yG3G0trEjEFsupszV2liXyRGLw-lYsfDl-WVZp8iesKXhuLOTYtqUPBtmACuxJXmZXOsxK4iWnCSSzH7EDQGgIVjXz7chyrE_duMnQQ55VJWlfoceXiFKjXg2vTm68rg7iwnZ_JNEUDk6hznsW6TQWfw1WuNiG5js4aEJ9hlB0EDIQ&sig=Cg0ArKJSzPvYyJ7G7YYWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211020.92861&adurl=

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 23 Oct 2021 08:37:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 74AA 41 KB
15 KB 118ms
74ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 13:42:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 74AA 42 B
63 B 81ms
55ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfVtXUUqASCbzYh1R8g_rs2YigSJAoFpCEQXFTTJ62Wl-9ey1ce7o6MNHNg5AVVu_3lo1V2-pEyWWH-Rf71TFVCKEHaXXYYWOB8IXgT64I7Mv-ZMg

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 74AA 3 KB
1 KB 121ms
80ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:34:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 74AA 120 KB
37 KB 66ms
27ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 74AA 14 KB
6 KB 78ms
38ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H2 200 10179969219254374141
s0.2mdn.net/simgad/ Frame 74AA 70 KB
70 KB 56ms
15ms Image
image/jpeg 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10179969219254374141

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f6.1e100.net

Software

sffe /

Resource Hash

a2a5a99d8f8ef56def811b8adad5c86d6d309a093a1c79370bd5ede23bb2cc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:24:48 GMT
x-content-type-options: nosniff
age: 306741
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 71424
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 15:49:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Oct 2022 19:24:48 GMT

GET
H2 200 c1f2f0fd7b288136cd686041e8761b93.js Show response
www.gstatic.com/mysidia/ Frame 2B0F 11 KB
5 KB 74ms
23ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c1f2f0fd7b288136cd686041e8761b93.js?tag=pingback

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

e9ce77ca8907b7d7057eb4ab9a0a9ffdac3e33b1f8131902f5eac1affda9025f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4785
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 04:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 03:42:30 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 2B0F 2 KB
990 B 119ms
80ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 2B0F 18 KB
8 KB 83ms
44ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 2B0F 3 KB
1 KB 56ms
23ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:34:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B0F 120 KB
37 KB 101ms
64ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 2B0F 14 KB
6 KB 89ms
51ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2B0F 0
0 30ms
30ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvw5DNnK0xCy6IkuzICjnfC1okn9BIWoTyqbzEhVptl-Q6VhhYoZABu8b9oRuIg_oHbir0
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame 2B0F 27 KB
11 KB 60ms
28ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 20 Jan 2022 11:45:58 GMT

GET
H2 200 c1f2f0fd7b288136cd686041e8761b93.js Show response
www.gstatic.com/mysidia/ Frame CDAB 11 KB
5 KB 71ms
24ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c1f2f0fd7b288136cd686041e8761b93.js?tag=pingback

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

e9ce77ca8907b7d7057eb4ab9a0a9ffdac3e33b1f8131902f5eac1affda9025f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4785
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 04:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 03:42:30 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CDAB 2 KB
946 B 118ms
81ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame CDAB 18 KB
8 KB 91ms
55ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CDAB 3 KB
1 KB 53ms
24ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:34:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDAB 120 KB
37 KB 104ms
70ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CDAB 14 KB
6 KB 101ms
65ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CDAB 0
0 30ms
29ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJFb2j7is3J-UHdyxGa3i-L2CPI1WJOaglf7iZo__VGeg1sP_oQgCTWCoubDOLjOL-7-cM
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame CDAB 27 KB
11 KB 52ms
23ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 20 Jan 2022 11:45:58 GMT

GET
H2 200 c1f2f0fd7b288136cd686041e8761b93.js Show response
www.gstatic.com/mysidia/ Frame 08CB 11 KB
5 KB 70ms
26ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c1f2f0fd7b288136cd686041e8761b93.js?tag=pingback

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

e9ce77ca8907b7d7057eb4ab9a0a9ffdac3e33b1f8131902f5eac1affda9025f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4785
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 04:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 03:42:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 08CB 2 KB
606 B 66ms
32ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 07:46:22 GMT
server: ESF
date: Sat, 23 Oct 2021 08:37:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 08CB 2 KB
912 B 25ms
23ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 08CB 18 KB
8 KB 92ms
59ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 08CB 3 KB
1 KB 23ms
23ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:34:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08CB 120 KB
37 KB 88ms
58ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 08CB 14 KB
6 KB 101ms
69ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 08CB 0
0 29ms
29ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQZMg0GY7zzJW9kxhHz7eZnYmHE4GidJ-wteoEMF4oOqZcR_PFvghsOAOSfoBH5alTGNqTC
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame 08CB 27 KB
11 KB 23ms
23ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 20 Jan 2022 11:45:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 2259 18 KB
8 KB 101ms
71ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2259 8 KB
788 B 61ms
31ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 07:16:33 GMT
server: ESF
date: Sat, 23 Oct 2021 08:37:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame 2259 14 KB
3 KB 49ms
22ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 23:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 21 Oct 2022 23:15:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame 2259 353 KB
122 KB 80ms
53ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125199
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 21 Oct 2022 09:19:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 2259 14 KB
6 KB 77ms
48ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2259 0
0 50ms
29ms Image
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRg1CzVA4XyzbmyCS8Q2YM9HBcATnavs8ARhT-nAeUQ-yIFoNiTYsktYZ8CbvYRa-zvkrF
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 c1f2f0fd7b288136cd686041e8761b93.js Show response
www.gstatic.com/mysidia/ Frame 5F3E 11 KB
5 KB 77ms
40ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c1f2f0fd7b288136cd686041e8761b93.js?tag=pingback

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

e9ce77ca8907b7d7057eb4ab9a0a9ffdac3e33b1f8131902f5eac1affda9025f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4785
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 04:56:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 03:42:30 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5F3E 2 KB
946 B 106ms
81ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:20 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 5F3E 18 KB
8 KB 88ms
62ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:33:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:33:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5F3E 3 KB
1 KB 25ms
25ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:34:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F3E 120 KB
37 KB 70ms
46ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1634750403498492"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 5F3E 14 KB
6 KB 92ms
67ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 08:32:12 GMT

GET
H3 200 fc4a425cba241d0dce431f7f76e62919.js Show response
www.gstatic.com/mysidia/ Frame 5F3E 27 KB
11 KB 24ms
23ms Script
text/javascript 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc4a425cba241d0dce431f7f76e62919.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11259
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 09:43:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 20 Jan 2022 11:45:58 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 102ms
81ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101401.js?31063236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 23 Oct 2021 08:37:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2B0F 0
0 66ms
65ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cu3F1s8lzYcDpOoLQ3gOV_aWgA-nc7fxl8qGRjI0Onsm1gcQpEAEgx-nTHWCV4pCCoAegAYyhifECyAEJqQKjFKHM--97PuACAKgDAcgDmwSqBO0BT9Dqn4Ktv8tCReOealHLY7klcZmdmdoOF-WDGEOXTiI3xdK_3Cd4q7xyVPD_yEz1iGHS2nsc6od_-UR73R-ekzd4KcC_nF3YDOJWAibRn_TBvvVOuKiyylIa6gjjdugRzvZFc9_1XGw3j0G_KaiMjuKtidqB104OJ5kMXdWUQ5E2mXJpDZIaLMTFxhPMYsWgUmV1aU_S7OitKXUDZjwVRXNfLUrCrL9ZRes4UPakPSzAIybrdKMDt5cxXmK9IpVOaKlLBuQsjt4loYS1XFlyjS2XJW6YD4HizJDfS7giOgL2ER1tKcyrF2gvQSOvwASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDVowzSCAkIiOGAcBABGB2ACgHICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjkwNTI1NDUzMDY3NjgyOBjnpxM&sigh=PhCgFPg6Hk0&uach_m=[UACH]&template_id=494
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CDAB 0
0 65ms
64ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4kq7s8lzYeHqOoLQ3gOV_aWgA-nc7fxl8qGRjI0Onsm1gcQpEAEgx-nTHWCV4pCCoAegAYyhifECyAEJqQKjFKHM--97PuACAKgDAcgDmwSqBO0BT9BoqO2NcL0ufzQ_AuNSRFEANPsnxoXlsJrbARADnkNKprTR1h9rbirFI_zfiYBSngdWYFMN1BrCxOhVvAl_QNyFVIb_kGaYsYyxgozsYcUVCFDSmnshaLTxfKFv1AceYrtrDroVpJ7F0h6racmMPSZ4PziuWMqp46M8Hm5dMb8BZ9TTlaprRACPR3l6TeLSn1ltOlKbQdYD2OHvBZq0MdSuH0FJQbuDhYZK29qpxKwnIimSWZcNbV3xB-938UPF10NxWglrVmmT-4SntAwaBXaVxemi_1uAPDirZAZZzQGOY3V7aWTD-y8iIQRowASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDo8AzSCAkIiOGAcBABGB2ACgHICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjkwNTI1NDUzMDY3NjgyOBjnpxM&sigh=PfgkGFblD_w&uach_m=[UACH]&template_id=494
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 74AA 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1feb44d5ad2317d9342523c4563c64678570cde7d8dc8adb8645490b6a8967c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 74AA 0
60 B 64ms
63ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.amarujala.com
URL: https://www.amarujala.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 204 csi
csi.gstatic.com/ Frame C536 0
289 B 359ms
112ms Ping
image/gif 108.177.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kv3jtns0&c=2248598285938&slotId=1124299142969&qqid=CIyM-cOQ4PMCFQKodwodlX4JNA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ym-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C536 15 KB
16 KB 73ms
24ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 140452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C536 15 KB
15 KB 91ms
44ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 400172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C536 0
20 B 54ms
54ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C5l5ks8lzYczmOoLQ3gOV_aWgA_yh2tFkrpXS5ZcOr9uivcABEAEgx-nTHWCV4pCCoAegAaH1-ZkByAEFqQLc2A5wtYmzPqgDAcgDmwSqBPQBT9C_q-obqR1cTkJ_ivbDLf4yClx2i8XfVrS9nSxoPR88wjYlswuRGRgoXJyEjA48Dng8DT_YHISZ8VCn3EdQeG-xc18OuXf-CC1OmZ_o-9v5CnjWiMSeFkwGTtklNA9L0Av1OzNCfvykPavHSgKWi2mB70PZOgWWOuWU2qfCMet5Mu_ay9pHyB3L0bOMGeNqhpQ10IXggtko3t3aur6aQ4l7d_6XLTaDeep1pQh7h8VADwkl87tpcwdK2ZM94XkqpPtSAVUBPTDSlhayz0SuGWwwWyPqFlq4ufgP9_56_QF2XZ0VqQEohRQwU8HmUmMMHhwuE8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoByAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUqQ7YFAHQFQGAFwE&eventType=clickstring&clientTime=1634978229414&ai=C5l5ks8lzYczmOoLQ3gOV_aWgA_yh2tFkrpXS5ZcOr9uivcABEAEgx-nTHWCV4pCCoAegAaH1-ZkByAEFqQLc2A5wtYmzPqgDAcgDmwSqBPQBT9C_q-obqR1cTkJ_ivbDLf4yClx2i8XfVrS9nSxoPR88wjYlswuRGRgoXJyEjA48Dng8DT_YHISZ8VCn3EdQeG-xc18OuXf-CC1OmZ_o-9v5CnjWiMSeFkwGTtklNA9L0Av1OzNCfvykPavHSgKWi2mB70PZOgWWOuWU2qfCMet5Mu_ay9pHyB3L0bOMGeNqhpQ10IXggtko3t3aur6aQ4l7d_6XLTaDeep1pQh7h8VADwkl87tpcwdK2ZM94XkqpPtSAVUBPTDSlhayz0SuGWwwWyPqFlq4ufgP9_56_QF2XZ0VqQEohRQwU8HmUmMMHhwuE8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoByAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUqQ7YFAHQFQGAFwE

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C536 29 KB
14 KB 51ms
49ms XHR
text/xml 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A2BVFBK4-DipreFzZBDvg0XPtO6fWiryE490meZlqtFRQ5RtJhXbM1tVuwySce5szR7Lk-eBzvLHpzqjlwDdoCBAW45w&cry=1&dbm_d=AKAmf-Alnp1xz7XaQlhU0YPCqviUQSBIwYaKlvzfBkNKNFhr9rt2WbS9jONv0Edk3ElefyXlPsSmkUYtVaRDsnLxBigaWKVBs4gWWEgnlDmo_r6clOhCH9oyPjm99pmeU21JC0bmt9yAh2OfEW4Rq1kkXMo6H5kJ4aHijSVFEAE6v8rS5xpNZ_m7nBjodJcsYT8-An0e5GFW-U3wI8rbd92Mn3bcDb8PICsMJpoW5MQKtKFkZriCgD4jy61GqaJxYiSxCNVTD3_J-DnLQBcqoufShLVEAuQbwL8iwHE8KnByDjPx2yUc--bqREWfraNqBh3PoaHV_7YVV74ju8Nodpxj7Gld9XH3YKG4QkKyaCoKlQCnhRTeu5VKODDzwLz6lDdMNRn7gFjkOx4QnAj7YGzfuY-aeMGTs7mSw86YRneZ-hq9PiL8vRN_ciDsuW0cJ0uA6CpANh6XVkT_3Sj8VXds9hD5QFMyWEA7RppkyrLqEyVivm0uOJMbhefY_GSunzclOCnEFoZAAJJRWGbxymjMC9FBy2hWXI-JA_ZEltZoUJSnlzWnuzVwB5dRATxxIugdPLqLdftAKiWySh3_N2goLIEwo2wEvDwlM8ZKRmt7RuBtH3qVzYXTSl4LkQ3-SqeaxoA532zAsIYzrb-0E9RMlcUaY9mkWO7IklpwmD0nN_GO6rpfOxhVf-GUKLccfrzzkz-2spncezKZDOWnQT0rrZYfFbnVnEMW4kUPo7tk4_Y6bnS0X_9t4-WdEOwiAY-p8ZCoqM-OV8B9zQ2j1RpXODIpqR7HunjCrwXJ6R4WzeAy2PS1KaVRXN7UAoNs-WYMQzN1Sj-4SSEQV2f6Ly5KF85Ij2rgwE8W46MALZ9_tEblNWPCX2HMZ-OPJgh-Z2lyxlbz0EiEXZU6ITeVaDSzYdpQcd-ARmaPEW-0_Mxy_nuCLevNkWQocyFh89k-zcU7QwaAoTWuDQxTf3YzCFEpjOXLTBBXzFx7lTURjTB-3fObFqhj919vMnkyBS8Akwb5qmq9wCedYgIOckhj0RIQrp-FsBoJiMUXRMvCZnOIKZ5xHaRfbHniqaaw9el09LYJqq4pRjOETBiXej9zrCjIBOVXV2GhhSvT9D66EUFQq6mLP3U7-oWf7D_LaToEbbh5H6cGdg8vNQFtqoZ6WalmL5iw2C3dpUJdmpdTkn9ymHnVfhzNC_geREg1VhQtCOpVN2iQ8Ib1VRnRXESciZjiTBdZFChr02dQhTBV_eKnYmbufInlNt_PfH1_y1WCn8N1gTXDWYrCR-UXz8UasbMCRzgVG-92QIjdti78Tz3H4ZYX0Ytsy4Jfw0P4cv-6MlbEg-2d0GSLeW6YGvsdJE_ju313o5DaGXAdQiQOCX-fatDMdnUNm_DP8OCte7EjCQOVSUZTvONsY7ijTzEV-vnv96MuQa0MIgySR_MZvdDAZV9CLOLe7rllCbCVOEl_A810xnBRIA6EEX81TnKok8b5t2-evBOLJyg_KJaYMVIG8rH3c0sx7w1brbrdCmH0sRwVh_S5iN5z-MujV7CEsmsfCdmyKlhQcDT4BAD4PzcIcXQa341C9np4EhURQXtCRVdIBxjUEjnAqaaUi976mOZaTSo3pWnOXjvIPnh0gsRibs-VWlZNNLuSaT4Su-8xfwtOKAM2G5z2aaWbGfZoVyxOkQjusJHQbfB9HKNvBPFiDM8VqE3YFXlpoZwHXHhBE7t_kWa0TMcHKs6lJoIaAWepCpzZS-MS4ZQAgUUWuXKNTyVRqzyLgQhBoEjIdPZs8fQGNVq9WMfgbLLU297ZZ35FogbslPZhNvUjDFQXnVvOYdCScCWLIchNrTm6g2HXujU7JsIs56649F6IOaw8LxPyexQEmFdydBOirnX8a77mRlomZ-0-tH6YcObtYgxPI0Ap0ZvAeJiMw7y6OuwxaaCoUN_DU-fNwC_E8F2EmjOmXdZrDFqoSEt5i-oZCVd7isXUK_K9TWIRtkbKAXfYhpP1JxRVlCKhmBNAi7z_BVNMJQTbpWhM-Ap-P73qNG37T882xpuRT1f_ZpN5DBfHY8ODV91XZ-RINLPPJfh4kFwDGGUkkHs61Xuu7kcBtCBIdqbcao9mmpuEspJt_YctzumAeSA6a9vEmAuRxDYPXCupAzv0mH36jiExs03TetexrKrceH1ZJal34a12HDtZQBSeGm02mUQUA9PZ68UTcZQMmkEUFA3dimDQstZaUEOuo2lNFQ3-saMfVTnSvcbkMFZ4gBQUzZIZ6LJ7ARzmuMEqOuk-n265n0Z7_3AdAR9xHxTlizvxqBdmGvCgSEmln_0ihOYunqO5PqxIDXHlF0CGWqzmf2YygctgmJkD--G0gSjV_bp1RVBopRuX5nyN99nzKvz-QF8M1vsV34TnboBauLI3hyPVEYNXlYYHYOYitwuxyfmfzwoSTsvo1m36sZsHnZEhyJCl4_RjSUJ5ReU0RtJVzOfN25EzKU4ue3eTJvmT4ovysV5uI2WUPljQHPHI20I0-MuLoqFrNglBDnCiICsurpJUJ_G01SeoItpXdHdsFpu8La0TcjoyxmIsmi_-8AzGqHb6xWxou6a8U7OJk0Hhis9mg3eiYRhm1lWG7tHI41ZHqgcm5FFt7agE8H7FBPdl1yI81aCqzcqQVL9DwV9SplTjy0DE2EgYBIqs_f4r605veqyf7nSjSx-iyh8-0gRoXNp1TrfHi7BHfpYtOAR5z89PB9MY2h0dzLG7A_lKaiRNi-Dvw0nzGEzcV9LjvPbUOgabt-mlNMHhPgsKxvZne7jB_PAlGzSFcvwGIrmcNKMsHG3RS-5s1AdUMuIDHcR2RxhgBB1SrmW7qJsKk7FVDDQ18PKHqf-6VmVfB1CD0dBZrR2mNDG7VTASglduc5iWqhGfgOOJkm-FjZbHEo2_K7vGUpddDZlazHLsO_xlfwv_z1QhBN80d1SslwoyT-TY_jApfSLU9IsI8PwqhBh8Che4yxuGXHHlMu_6-ZyW65uIcqF_Hk_2lVE5e0fWiY8sgOpptHb2NXNzCzTTRaBYG3uvxgW41pSYMJlyVSP2mn-ED3hVt8O2qecFBSFhNiZvxLG96kh4Pwf-J_2-SuML5FWDPZ1X_5dwnJyi0DF232nIfn_6A42aL7kjgX0Cu3UWum7iSdXPTxGgX0pgXLiPyskrMJcNwBYFqRjUQ6--ggcUsTNPvfwkUa-XKrQ7q8Nvl38sIm3Ut65jLxbf-ooeauoUaZVmKBEmbENCg_Rlc1_5spnuCPmobQxiG147-zTdZapr6vlx487-BD_AY2R0V2oKf4YbYcPX4BXJBvvtjKVKiHMCIu8GseRCAVCtFm6k7iv6LVS-0laN67jTSgMOiLRJgRC-vt0IhL_chSmdxYteyk0p9T2PPKBPsmwj2ZLp70HCBGrYu5oh4UGLCAuxVtLrlfBJNr5FmkWjnDPy2O_Ju9CZrd6-LTfnbvJjBPVQATUaAj7hjOopf4FSwlCEqjEtKFLVvdz8p6N3DYYM7gMwPXyfbaFeGSqI8vDOOzmtdEA9JHPNiRIs5je8cvBc1V4osfi4rqAoXeneFtbDP4bu20Tpr06ucGzZtvk5S7d_f_lG_h3nvsr68KcGnSsR-QW1OpQ8Tdm-D6CUX1aBlOMPVaET2qwNr7KeDPgPz9kcsGSJdfw1UrAoETNnAqSx5ET7pXyiJh7-SPxHPSW9CsnGE4qCWGrsDucsRcnenrzt7E1oTYb_3YugHj8Zjq8B_D3PSqkNh9H_lWKbAYf1LcVe4-XaXiraPLb3RhE7t6ydpGoDMZKirpSwFg18MxAJZ52c0xI0mYkJlPP5FXZ2vimSVEjNmwLRUEx_F9gH_Q_GEJ_XdVZ9km7aPs-b_JTMELRcIUM4fK_m8L_T2t63RqP8iapR3hYcgCe8OR0ODao7WUSNb_FMovfCsvdfBXU6ouHgxnhM-Gm7-oDBcBSy5E1e6ZzG&cid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

cafe /

Resource Hash

626fbd1a10123dd6932fbdbc78374d3bf3957388fe5ac823dc74615ea7a240e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13942
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C536 0
0 60ms
60ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CH0evs8lzYczmOoLQ3gOV_aWgA_yh2tFkrpXS5ZcOr9uivcABEAEgx-nTHWCV4pCCoAegAaH1-ZkByAEFqQLc2A5wtYmzPqgDAaoE8QFP0L-r6hupHVxOQn-K9sMt_jIKXHaLxd9WtL2dLGg9HzzCNiWzC5EZGChcnISMDjwOeDwNP9gchJnxUKfcR1B4b7FzXw65d_4ILU6Zn-j72_kKeNaIxJ4WTAZO2SU0D0vQC_U7M0J-_KQ9q8dKApaLaYHvQ9k6BZY65ZTap8Ix63ky79rL2kfIHcvRs4wZ42qGlDXQheCC2Sje3dq6vppDiXt3_pctNoN56nWlCHuHxUAPCSXzu2krBrh3AMf864FgH27tsSeNo9QmhYM9kZ_rkSZCKUkcc6AKUITxTstIElhFGfhkMNpyoSN_2U-jnzDywASWiJiu0QPgBAOIBazYtLc1kgUGCAMQARgBkgUGCBsQAhgBkgULCCIQAxgDSL6LkwGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB8eKhuYCqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHChCQhkgYm_3YsgHSCAkIiOGAcBABGB2ACgHICwGwE5ubsgzIE4GLgN4D0BMA2BMKiBSpDtgUAdAVAYAXAbIXHgocCAASFHB1Yi0yOTA1MjU0NTMwNjc2ODI4GOenEw&sigh=lJALiU-xFVk&uach_m=[UACH]&cid=CAQSPwCNIrLMG9DT8s5OlUFsLNg83pqRw8oomSe2ofFBzm5zDXf-xQhuEvvva9aFtHiEJjutQ9v2vsITwuFdjeKXvg&vt=10
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C536 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43a387a097d89fdda88447705991069437c05bf539b9285a2ca38df1d75009cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2B0F 43 KB
44 KB 90ms
24ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTudqje9qLp_-_mNvX1wpkTlLNyewHq3j6fm6k0-d2zMm3XWFpqMxRydHiLmQ&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

76a1ead3c3573a043a3f576c622471b1095d9b1bf0e1d3dd00efa3722cf5c583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:23:00 GMT
x-content-type-options: nosniff
age: 76449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44099
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 04:48:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Oct 2022 11:23:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2B0F 12 KB
13 KB 87ms
21ms Image
image/jpeg 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSahayJhUlKcp0dVM9rciZDvto1VEeeL_iKwFYqi9D_ulolI0jEJWwW8AsVM2U&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

a2303eff77a74f6944f4bce575e32104cad14c9df50d29d5fb1f6b537bf12a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:30:20 GMT
x-content-type-options: nosniff
age: 126409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12362
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 02:21:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 21:30:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2B0F 28 KB
29 KB 135ms
69ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSq31_oOF6ksbCnBDMWkMULo25HVrTTjKpLNjzhPzA49XKLjHk&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

1fa70c799f01374fba0e3d1f5c94f88f204cbc00ee399f027723ce8b5bbfd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 00:02:22 GMT
x-content-type-options: nosniff
age: 376487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29097
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 02:59:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Oct 2022 00:02:22 GMT

GET
H3

200

9074747796639100022
tpc.googlesyndication.com/simgad/ Frame 2B0F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi
https://tpc.googlesyndication.com/simgad/9074747796639100022

16 KB
16 KB

24ms
23ms

Image
image/png

142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9074747796639100022

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 15:15:25 GMT
x-content-type-options: nosniff
age: 148904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16716
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 08:56:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Oct 2022 15:15:25 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 01:56:01 GMT
x-content-type-options: nosniff
server: cafe
age: 24068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9074747796639100022
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Nov 2021 01:56:01 GMT

GET
DATA 200
OK truncated
/ Frame 2B0F 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcf1f438d5358f6d97751996474496c351a98f2cb0d9ddd0b063e77d08175a95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CDAB 43 KB
43 KB 101ms
52ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTudqje9qLp_-_mNvX1wpkTlLNyewHq3j6fm6k0-d2zMm3XWFpqMxRydHiLmQ&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

76a1ead3c3573a043a3f576c622471b1095d9b1bf0e1d3dd00efa3722cf5c583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:23:00 GMT
x-content-type-options: nosniff
age: 76449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44099
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 04:48:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Oct 2022 11:23:00 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame CDAB 12 KB
12 KB 76ms
27ms Image
image/jpeg 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSahayJhUlKcp0dVM9rciZDvto1VEeeL_iKwFYqi9D_ulolI0jEJWwW8AsVM2U&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

a2303eff77a74f6944f4bce575e32104cad14c9df50d29d5fb1f6b537bf12a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:30:20 GMT
x-content-type-options: nosniff
age: 126409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12362
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 02:21:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 21:30:20 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CDAB 28 KB
28 KB 135ms
87ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSq31_oOF6ksbCnBDMWkMULo25HVrTTjKpLNjzhPzA49XKLjHk&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

1fa70c799f01374fba0e3d1f5c94f88f204cbc00ee399f027723ce8b5bbfd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 00:02:22 GMT
x-content-type-options: nosniff
age: 376487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29097
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 02:59:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Oct 2022 00:02:22 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame CDAB 27 KB
28 KB 106ms
27ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRATyqrOPAtRFPpijdDjQQyWJnaO93_aVocCMjczjYn66DD0ijR8UB9g9icoA&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

0535625923378b8b2b5139f35fb8fd9c2b3e559ed8de22636200b5d18020c564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 12:30:30 GMT
x-content-type-options: nosniff
age: 158799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27630
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 19:47:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 12:30:30 GMT

GET
H3

200

9074747796639100022
tpc.googlesyndication.com/simgad/ Frame CDAB
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2uqP8AEQsAkYrAIyCAFSrTQHlPPi
https://tpc.googlesyndication.com/simgad/9074747796639100022

16 KB
16 KB

23ms
22ms

Image
image/png

142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9074747796639100022

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 15:15:25 GMT
x-content-type-options: nosniff
age: 148904
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 16716
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 08:56:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 21 Oct 2022 15:15:25 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 23 Oct 2021 01:56:01 GMT
x-content-type-options: nosniff
server: cafe
age: 24068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9074747796639100022
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Nov 2021 01:56:01 GMT

GET
DATA 200
OK truncated
/ Frame CDAB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efcdc642daa0ad6a1f8cf64e6cfa7a9e5639dd7fe0e1056d8df270b7bb39ec3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 08CB 0
0 64ms
63ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrwaJs8lzYY3sOoLQ3gOV_aWgA-nc7fxl8qGRjI0Onsm1gcQpEAEgx-nTHWCV4pCCoAegAYyhifECyAEJqQKjFKHM--97PuACAKgDAcgDmwSqBO0BT9DY_XrhGw1m_Y6AiiCHXZfeHjjFyOC9xrSRwO75osLQVfKRCgjRYpWw4dCUpV-w_VxyfgHyJk6DvjjMrm4iQe2x6raOMx-et-n5OpJs9NiiKAqzp4mJSpYMPqSbFp3UyreGUDXDiRFJ2iEUsm_YDo2A8408HfZ6bDbh3tTdHZxqkhFiw-2oXbDA2f6IV4LVSYFE0BS0qgqS-0iX3uL6F0kuvyLLXKlhSJhxFu1-9kgMSYQgG4uggDp3_22asAjbE3xeilujYaPq_pRxAZ9pC0aNmBmAv4iOZCBATgI8dn19ojkuY4CBxUfnnvbzwASQv9Wx7wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHq5ThpQKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCJzxnSCAkIiOGAcBABGB2ACgHICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMjkwNTI1NDUzMDY3NjgyOBjnpxM&sigh=kQ3wiB4xpOw&uach_m=[UACH]&template_id=494
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D6E1 22 KB
8 KB 23ms
23ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 22 Oct 2021 10:57:28 GMT
expires: Sat, 22 Oct 2022 10:57:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 77981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D9F4 12 KB
5 KB 24ms
24ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 23 Oct 2021 01:01:47 GMT
expires: Sun, 23 Oct 2022 01:01:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 162F 783 B
534 B 32ms
32ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

6f027aafbf526e260c9d5700bc8c0e05fb49d3ae19b23f907180dfb46322c0d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dgfH72JianX3LS7b5/k2Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.amarujala.com/
accept-encoding: gzip, deflate, br
cookie: NID=511=hPSfprC3sgDaiyPkwvSFaSrbMFtD3_jD5aVIyT6TmlJh4jfUNjOQTGBfGMIBaGYmtdWwfYIZ13PwD7M3PoKuLt9wR5A4zuyUje0zPcEYVd3_bI6quvTxSRs_QvN8bgVDmF4MW2vLmPw4xj8-3qhXbcb6T0ZkGMWnW-f4m7BAPMI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 23 Oct 2021 08:37:09 GMT
date: Sat, 23 Oct 2021 08:37:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dgfH72JianX3LS7b5/k2Tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H2 204 csi
csi.gstatic.com/ Frame 2259 0
54 B 251ms
113ms Ping
image/gif 108.177.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kv3jtnv4&c=204229148574&slotId=102114574287&qqid=CO2S-cOQ4PMCFQKodwodlX4JNA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ym-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2259 15 KB
15 KB 53ms
24ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 140452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2259 15 KB
15 KB 54ms
26ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 400172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2259 0
20 B 54ms
53ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CjGMms8lzYa3tOoLQ3gOV_aWgA_eD7bxlxvr5h7UO19aivcABEAEg79jpIWCV4pCCoAfIAQWpAtzYDnC1ibM-qAMByAObBKoE-AFP0Dsf1z9hgiHNQvr-7jLx1KuMQ3IBhLF8OIIPwGOTbG3K74yp7lFwZwKTp9iQN30gJ6jYnMDDYqvuY8tmgkv4y0yCqWp_GPo_huIvBx9_J1BCigwHUj3HmG_I8UlH3nLnPcZbBcfdZ9bhps9OTW9qXrjrUppF8oRg_KrW6rW_LR5Ts2htXKuNZeYTTs1ef1a7tFb4tUDTSjU7n4XdM1qYOmE7bb6eHfb9BxEq8r2_PnmrnvRZRk3bME4Xe92Qw8rnAJgoNh6qIAW2r-cP-Z2yCFJLE_Ca87vWrtKXZdAWDPGVq9inHz6n2Q_YAIlpFv_4qQmSyzwcE8AEwKzRvOUD4AQDkAYBoAZOgAef2trnAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBOyzd0MyBOi8sPeA9ATANgTCogUAdgUAdAVAYAXAQ&eventType=clickstring&clientTime=1634978229524&ai=CjGMms8lzYa3tOoLQ3gOV_aWgA_eD7bxlxvr5h7UO19aivcABEAEg79jpIWCV4pCCoAfIAQWpAtzYDnC1ibM-qAMByAObBKoE-AFP0Dsf1z9hgiHNQvr-7jLx1KuMQ3IBhLF8OIIPwGOTbG3K74yp7lFwZwKTp9iQN30gJ6jYnMDDYqvuY8tmgkv4y0yCqWp_GPo_huIvBx9_J1BCigwHUj3HmG_I8UlH3nLnPcZbBcfdZ9bhps9OTW9qXrjrUppF8oRg_KrW6rW_LR5Ts2htXKuNZeYTTs1ef1a7tFb4tUDTSjU7n4XdM1qYOmE7bb6eHfb9BxEq8r2_PnmrnvRZRk3bME4Xe92Qw8rnAJgoNh6qIAW2r-cP-Z2yCFJLE_Ca87vWrtKXZdAWDPGVq9inHz6n2Q_YAIlpFv_4qQmSyzwcE8AEwKzRvOUD4AQDkAYBoAZOgAef2trnAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoDmAsByAsBgAwBsBOyzd0MyBOi8sPeA9ATANgTCogUAdgUAdAVAYAXAQ

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 2259 30 KB
14 KB 76ms
49ms XHR
text/xml 74.125.140.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AFxZrg76Czgcgi6gcpXX6HXBgAaCN7lQBSq1-7N3nfBkJg5MXrWTFn-GzD9UlV6MQYy7iP-LaHu-MiJHjSwdsZiJNexQ&dbm_d=AKAmf-BFIJOtgG27K_jRnHPeA8sPb90yq8dapWcLlMoK7ngRnqZ2ELUfKzxWQtWFy0vkZw-stFoW6c3F65x8iXpFYfJtugHUWpbTlsNxINLkPUx2h0n8eSb94pFpXpfWlulPZcWq_OsXxnACgH_JKJt7QAMqfmBdHxlKBRLgQmmTTad0MUHoGzyVwHrc4-XFKIhvEsDRTfDsLeOeCrjeJATkxLzZm-q9nbBoLxaenbpJknqoRJiA0d0FV_Q5_MsWyDpxDBFie5BnhJmpkOBihAf8sVmCN1gcIe2pB1QXeL6sAm4uqd98ja74qn2EIezGMdTYJaE33Fb0TYv6aaq9xDGccodTjyz-4UxbkkehiYbOaatRG4G0F05qcCydK2fvJ0KDBi8YwGvwLOgsI23azZwRNUUEHWP4SLg3QNXpDS0XG667vKZmR0Oe8ioIODumMC5DPZNOT5LTlGH77utRcsKgnUor7M4_6ea_-wA4LcczEUzPTzEn9g4w0jVT7K8xAKqgqOD1wPA2luoc29Dt7BTEIN26DukOcHdBrpV_m6Q4JTI_HQhoN_KuDXMFy5PUjr9-k2jiddDsT4GPtJjKDTk77_8oUkyMjPiiD66fvEc6fk0SLk2CVbW8OkVO6Sz2U9vjTSsfKoeQ3-AXQNBMy68BZTj3r0kmWDj6ovm7GTwpMeVI5HFhU3vhmtV-1MVXVOcr6Pi0jOJdleIfQvMHPBCz6Obm87QRTgxnKVpwClRVKrcnjqTXBaLsV6ZRVM9jhkJ43ptPB-ok3SQuZk2lxOedPDonNmSb4c_4UCA4x5g9ojiaFrVEnD4xybhsrmpomZFG33uY8dmf3lZ6UmGfz6id4zUyLK4fCr1rpFMwcucSZSaFmhYZbWOk2x3TWzL-SL8hHFWVpRwPKcrQCsJcOTnKfBiW5_8SBx7iwrRdw196Q39JgaCFahIKlB2ysrqVftBlRYmxTCbq9n-ciGzNVAfmTVTOkUXg8yctq4GrXz-wPv5QbxSjE0ZUC9sE8nAFZkV1Fkz0Pyfc_ojcDaISlNGIvx5O0E8Pcj9Taj1MPhd43SO2wMoLccriqnJRWYs9VjtlRYOmd8YE3FEQDjsTNJL2mdeFhhhUOUPVs7ixLXfX7Ekye86qoS4Q-8owPpdS8QHVOGts5RQiIFs7v-0TSeF8w3hV4sOU6uwZAF5xQ1KYXksHbDGXdDMO0FlemUFXiSY-i9mCWxzeMk_yLw4rQYlHWtCaTdavaXjGZ1IhJRDRVV6m4xN2JNWMmQr4F1pP4qH7s3YJI_grZSB5CyNzqR5lTz_5hXSOZIYF63xTxYgrz3PHAsqHu4ok9DvsTxEbKBMWchrID5EWdjY_QDm0YW7k8ROUc5ix8U3Djbj_JPz5CWUS0mdMzz_N8ndCuoAMTPX5QXXnxSc47xHcCmwwWAgoB5ZzjbHoeoNfv-coxMP56nYw96pf5h8LCA1w6czRTYoDQbcWtnqq8hHxic2L2gvbipa3jIJaaqjC-irMcU7Vjnejvd1srtsjGZlAhwxgFnoiGrdFuR2-1fcWUFFLJPXLHfZpvFHknKGzO9f7pHUSPpeXzycEnMWq-ZSy4vzU7_1u2vUN-lP6dsvI2N9wJUN2_UheWoqKJ3vwQfQHg8-Mu-_qQSWLvpnil31SmTQyYlNEtXSL6Q0nbmPvZYSEV5Jss7EWOhlPpeL3hZSmVLeurLjTZvLFC2vjenWWsmz3_D_qRzJbuomZB9beLpBFpvGp3ZkS7UUZuHmFLKyye0ktJK0M5wIHhpYR25YXVsOJqN51uFLulwXdqzOLMPI8T_ReFOoNE3yeMW7NqR04WGUBHRj5xvwoqISSzAvrV4Dt4tnDL7U5MKE5smlYNyQeFqaDG4tesN10tJnLtYAC5UVxrsJQ6hGH3S556-WFXqwNwYCySPMdgi4-j8-FLiaasu-M5akSh25AVd7LuUnMGqC1Z8X0IpkxA6zrNYzER2C1apq6PmExF6yxUg8kHu-sExmQDfqGWIr-yU8Dka6THh9hZHlg1rbfsT0CP-F73_1_rhNnXOSa1ChyCCWYoy5414NxwoaAKM6-sSW_hnhFt8bWjfWCbi-HFokQNJATwPOYJEYhjtX_93n1gxUx2hbEuAyGZJmJpe6SIBEzrx2zExmjSV7ZhuLxy-cPqJWefyGFRHe7P359F7dWC5nVyV-lYS_ltjbAbYIJjnZkuNarQpaT6Tv5JkEuylKNw6YgIH1-yY1t8GqhcThvld34hamZ_24IkWCjuEk2qe_RMQui0tURkcTQfq8zxe_TfF-ffHATG66HYtK6LC8MnNWaCibjkTWNh-QfYRlcSOf-9WijyL0zvpG7FqjO2AH8j5BtWJYVZbxm3GTAc7N7UcLhC0qjyw2uinu1ULAy6kEEcpbtoLOkyFeQOEHmvMONnoA1uW80EZpS5TQyH1Ax21e3fd1RJz5AIk0fwL0ZJPkUaPNwL8QWT88HMIRBML7Vxlp0wQdYjlcsaxrmYhzoXptIosxi1NMFXz4NG-gdYI76idLA-mJ7tLvL-fylm5lSrZVz6oY34k0HwNknWBDxFNkR9er4y4k-HWYztX8YsbtM1oNRi1S0aj-kl0p3fpxE4Oln37w8SP7dVTc0j7beFKcONGcUwnmViyMIZjigndfGK0rTwxb6ZuXfIuQuJkbJUXbqijy2MD1gCErVEHfjeouVReCXXbsRMncZv2fxWCzLXpffIkW7q1-WPTw-WW8n4fpbQ7CT1KBhA0JiP8NiaEVadpKDRADYyT5pLixSU5uVyEFohoHQ1yxUe9_P1b8UB9vJwAm7qL0M21JVv6kPr2f4RjrOIXQMWg7gTXs-YXX1E6iq4FBg6CP-_jcD6ZD0f8giTgXzavf9bsEJRAgFJSNpter3rNBEhOQ77D1bH9gHa9JQTUJ6dgEq-Z2027ds700lBO7ZkvvTUL_SUSiQsMJvU6GM6iG0u_MUQptQaFutlsVuKC2qSYMU6Vnb3guT7orjFOUfsJ92JCLsCtqV-cUOFQWjDegfnfuBCCw4IarE2s41rbetGm9ZrU4SYEIMHikW8y3Tuw0UPRxNPWO5Crz31r3l86FWiFp2toDhUrxmxH9fb5poCcfYwy92hrd7RD997gFyP-rViIROfBv8aMkWIJzQ_YNlOfOk0Qpw2x8pj93_VgYKlezaFcoltL6rus3BDp6VbGH0VupzyRPKH8VTBA2BbYf6ljSd9LiGKn5sfg1QL49dUJxBsPHo-ewhz-XG_fZK3QtfOOp68QlsEMijeXuDFZbWv29gTF0S2q0SzLehelAPycAVEro8en3Ke36bCUaqkw2HHfd1ZsN6wYrkzZRa4XbajP2cykdwkWuZ5bgZ927fBel5tyIJ6w1cff6Z90TzwH7goxmIU7JGxBP--FzQHMo2EgyoRRqpcv0oLb1zRKWrrgfoKbT_ygvNePaa5ACTw406gZBLLoDFwr62G_j7VKZ01B1TAQL5nHZCRizHywaxt7M6V_UDut3vKgDHGmJtgiV5KNheX9wXF8j9odLLV0ZWZBc9AjLTaWq6plkMzpFPafCu0iCiTbZdmyAJXV_Rtpq2VtBjmTh9XPypF8cAndzUixOU7E3xmw&cid=CAASPeRoyZebjgZCCn3PXjvnwsvv3w2ywBXJHMESxxnkwRI0nMvUHbi62cNlPmgEggcYkEvfyD_e-Yl398T7Zgk&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.140.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f155.1e100.net

Software

cafe /

Resource Hash

21c311ba748e6359f17eff71cc273f227316a9eb15ecafb402d854bdf5fea504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14022
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2259 0
0 59ms
59ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZ8Pgs8lzYa3tOoLQ3gOV_aWgA_eD7bxlxvr5h7UO19aivcABEAEg79jpIWCV4pCCoAfIAQWpAtzYDnC1ibM-qAMBqgT1AU_QOx_XP2GCIc1C-v7uMvHUq4xDcgGEsXw4gg_AY5NsbcrvjKnuUXBnApOn2JA3fSAnqNicwMNiq-5jy2aCS_jLTIKpan8Y-j-G4i8HH38nUEKKDAdSPceYb8jxSUfecuc9xlsFx91n1uGmz05Nb2peuOtSmkXyhGD8qtbqtb8tHlOzaG1cq41l5hNOzV5_Vru0Vvi1QNNKNTufhd0zWpg6YTttvp4d9v0HESryvb8-eaue9FlGTdswTk96b_rL4AcyCoad_qej5fQkNB5yTuKe_RqFd8rqsXWk-4-GQ90demRZy4kHnC5uXk6Neno651Q38Z9IwATArNG85QPgBAOIBdqK9pc3kgUGCAMQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAef2trnAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwoQhLUPGM-P67UB0ggJCIjhgHAQARgdgAoDyAsBsBOyzd0MyBOi8sPeA9ATANgTCogUAdgUAdAVAYAXAbIXHgocCAASFHB1Yi01MzM5MDgxMzAyMTkxNDMwGOenEw&sigh=e0uCXHQOacI&uach_m=[UACH]&cid=CAQSPwCNIrLMG9DT8s5OlUFsLNg83pqRw8oomSe2ofFBzm5zDXf-xQhuEvvva9aFtHiEJjutQ9v2vsITwuFdjeKXvg&vt=10
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 2259 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 091e11d6b9e5cba38e0d184ca5a7bf07e708c8f0d7c9fb76e8e9182ed93fe3e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C536 41 KB
15 KB 24ms
23ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 09:19:08 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C536
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,ita...
https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

43ms
14ms

Fetch
video/mp4

172.217.130.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/404C10230AE86F556631092A1E2511B71FD37264.48E45B439F52B56127AB444C009AD21D185746EA/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634977946/mv/m/mvi/1/pl/24/ir/1/rr/12/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.217.130.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 08:37:09 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 890172
Last-Modified: Fri, 20 Aug 2021 15:16:32 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 23 Oct 2021 08:37:09 GMT

Redirect headers

Date: Sat, 23 Oct 2021 08:37:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Location: https://r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/404C10230AE86F556631092A1E2511B71FD37264.48E45B439F52B56127AB444C009AD21D185746EA/key/cms1/cms_redirect/yes/mh/ZC/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7r/ms/onc/mt/1634977946/mv/m/mvi/1/pl/24/ir/1/rr/12/file/file.mp4
Vary: Origin
Content-Type: text/html
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Connection: close
Timing-Allow-Origin: null
Content-Length: 0
Expires: Sat, 23 Oct 2021 08:37:09 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C536 0
54 B 223ms
113ms Ping
image/gif 108.177.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kv3jtns8&c=2248598285938&slotId=1124299142969&qqid=CIyM-cOQ4PMCFQKodwodlX4JNA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=17&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C37%2C43%2C44%2C45%2C46%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.1a2
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ym-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 08CB 43 KB
43 KB 58ms
27ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTudqje9qLp_-_mNvX1wpkTlLNyewHq3j6fm6k0-d2zMm3XWFpqMxRydHiLmQ&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

76a1ead3c3573a043a3f576c622471b1095d9b1bf0e1d3dd00efa3722cf5c583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:23:00 GMT
x-content-type-options: nosniff
age: 76449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44099
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 04:48:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Oct 2022 11:23:00 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 08CB 12 KB
12 KB 51ms
23ms Image
image/jpeg 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSahayJhUlKcp0dVM9rciZDvto1VEeeL_iKwFYqi9D_ulolI0jEJWwW8AsVM2U&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

a2303eff77a74f6944f4bce575e32104cad14c9df50d29d5fb1f6b537bf12a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:30:20 GMT
x-content-type-options: nosniff
age: 126409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12362
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 02:21:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 21:30:20 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 08CB 28 KB
28 KB 56ms
26ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSq31_oOF6ksbCnBDMWkMULo25HVrTTjKpLNjzhPzA49XKLjHk&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

1fa70c799f01374fba0e3d1f5c94f88f204cbc00ee399f027723ce8b5bbfd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 00:02:22 GMT
x-content-type-options: nosniff
age: 376487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29097
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 02:59:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Oct 2022 00:02:22 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 08CB 27 KB
27 KB 35ms
34ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRATyqrOPAtRFPpijdDjQQyWJnaO93_aVocCMjczjYn66DD0ijR8UB9g9icoA&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

0535625923378b8b2b5139f35fb8fd9c2b3e559ed8de22636200b5d18020c564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 12:30:30 GMT
x-content-type-options: nosniff
age: 158799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27630
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 19:47:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 12:30:30 GMT

GET
H3

200

14978601946328591918
tpc.googlesyndication.com/simgad/ Frame 08CB
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
https://tpc.googlesyndication.com/simgad/14978601946328591918

9 KB
9 KB

47ms
46ms

Image
image/png

142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14978601946328591918

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 05:08:22 GMT
x-content-type-options: nosniff
age: 98927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9527
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 08:51:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 05:08:22 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 22 Oct 2021 18:12:10 GMT
x-content-type-options: nosniff
server: cafe
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Nov 2021 18:12:10 GMT

GET
DATA 200
OK truncated
/ Frame 08CB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e8bc245f59dac7a047659ed7bbcbac7e3423ba4e32e210f61a5448b0796bd7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5F3E 0
0 85ms
84ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoyIFs8lzYbfuOoLQ3gOV_aWgA-nc7fxl8qGRjI0Onsm1gcQpEAEgx-nTHWCV4pCCoAegAYyhifECyAEJqQKjFKHM--97PuACAKgDAcgDmwSqBOwBT9BMCSPyljvvcE1UO6sA9zPa862SQzYGGmw4_yWlhq_pxMvfacQ9UiQQaU2D3pcH0cJ-7AZBTeYEjpBgsfJNOYP7FWBUw6olnwriEbrhywf6ZVpdJMPzGsvdHloNXfcRldzmD3hkZbBWD0MbBkZ3tBQ0nTdldS4pnzy0PbKk5jwckmPizIbbbnqEIM5Qane44nwt2yUQNA-NLpulwhgXoh1Opqim33IMB1o4iqO-srlaXnrcW84Kg79DzSqcWjJIGOQjgA6ZLlPQOEoPN-krcxmS7yBsFaULpG82TTBLMaq2-0pybW3yw6YZ13jABJC_1bHvA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAerlOGlAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEENeSBNIICQiI4YBwEAEYHYAKAcgLAdgTDdAVAYAXAbIXHgocCAASFHB1Yi0yOTA1MjU0NTMwNjc2ODI4GOenEw&sigh=ZCFK89_2pqg&uach_m=[UACH]&template_id=494
Requested by: Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5F3E 43 KB
43 KB 67ms
67ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTudqje9qLp_-_mNvX1wpkTlLNyewHq3j6fm6k0-d2zMm3XWFpqMxRydHiLmQ&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

76a1ead3c3573a043a3f576c622471b1095d9b1bf0e1d3dd00efa3722cf5c583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:23:00 GMT
x-content-type-options: nosniff
age: 76449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44099
x-xss-protection: 0
last-modified: Fri, 22 Oct 2021 04:48:05 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Oct 2022 11:23:00 GMT

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 5F3E 12 KB
12 KB 40ms
39ms Image
image/jpeg 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSahayJhUlKcp0dVM9rciZDvto1VEeeL_iKwFYqi9D_ulolI0jEJWwW8AsVM2U&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

sffe /

Resource Hash

a2303eff77a74f6944f4bce575e32104cad14c9df50d29d5fb1f6b537bf12a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 21:30:20 GMT
x-content-type-options: nosniff
age: 126409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12362
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 02:21:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 21:30:20 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 5F3E 28 KB
28 KB 67ms
66ms Image
image/jpeg 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSq31_oOF6ksbCnBDMWkMULo25HVrTTjKpLNjzhPzA49XKLjHk&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

1fa70c799f01374fba0e3d1f5c94f88f204cbc00ee399f027723ce8b5bbfd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 00:02:22 GMT
x-content-type-options: nosniff
age: 376487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29097
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 02:59:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 19 Oct 2022 00:02:22 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5F3E 27 KB
27 KB 68ms
28ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRATyqrOPAtRFPpijdDjQQyWJnaO93_aVocCMjczjYn66DD0ijR8UB9g9icoA&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

0535625923378b8b2b5139f35fb8fd9c2b3e559ed8de22636200b5d18020c564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 12:30:30 GMT
x-content-type-options: nosniff
age: 158799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27630
x-xss-protection: 0
last-modified: Thu, 29 Oct 2020 19:47:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 12:30:30 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 5F3E 21 KB
21 KB 111ms
22ms Image
image/jpeg 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRpZ4AH-jx7O2GACJlayis9kPKsjv_YkzeLIhaI3hh1ChdrQw_6&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

sffe /

Resource Hash

90e91ad8961421265b8039112da5b2c156300455139c667a368ffc12f48f3902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 11:33:01 GMT
x-content-type-options: nosniff
age: 75848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21413
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 01:43:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Oct 2022 11:33:01 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5F3E 17 KB
17 KB 67ms
27ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTPtVLkUx_QqohYJpS1dTcIf_Nm2fjcHSbQYIgbzHLq4vBytE00s7mAkq1p0A&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

a6da80c97c3a0c54cf458ea743a69df78709225f1b20f19e2006c1db59cc6b15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:00:46 GMT
x-content-type-options: nosniff
age: 110183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17355
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 00:43:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Oct 2022 02:00:46 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 5F3E 12 KB
12 KB 79ms
40ms Image
image/jpeg 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRqEhFH1WZJIKEWxgUXnGy9DQmbVpel0zWEmVOK0_RXa0FXwTp4Lji9q4dHc9o&usqp=CAI

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

36f1ba6e9c1be46b724006ce5395fd0be93161c1d6dcfcee70397714ed59b515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 03:31:06 GMT
x-content-type-options: nosniff
age: 191163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12368
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 02:56:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 21 Oct 2022 03:31:06 GMT

GET
H3

200

14978601946328591918
tpc.googlesyndication.com/simgad/ Frame 5F3E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_2qqtJRCgBhigBjIIVp3wEEOa4yw
https://tpc.googlesyndication.com/simgad/14978601946328591918

9 KB
9 KB

23ms
23ms

Image
image/png

142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14978601946328591918

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 05:08:22 GMT
x-content-type-options: nosniff
age: 98927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9527
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 08:51:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 05:08:22 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 22 Oct 2021 18:12:10 GMT
x-content-type-options: nosniff
server: cafe
age: 51899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14978601946328591918
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Nov 2021 18:12:10 GMT

GET
DATA 200
OK truncated
/ Frame 5F3E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aff8355ef27279106f7b862998772566440640087abc0a9ef3928ad5ec9d598

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 08CB 20 KB
20 KB 33ms
31ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 00:10:26 GMT
x-content-type-options: nosniff
age: 116803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 00:10:26 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 2259 41 KB
15 KB 36ms
35ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 09:19:08 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 2259
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r5---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/acao,ctier,expire,id,ip,ipbits,i...

0
0

92ms
16ms

Fetch
video/mp4

74.125.104.107
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59823B75A703BCB03A590B9BDA1162B9E62BAE60.5A1589B90B64B1447BCC57E660A41BCB2C8F5FB7/key/cms1/cms_redirect/yes/mh/-z/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1634977946/mv/m/mvi/5/pl/24/file/file.mp4

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.104.107 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f11.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 23 Oct 2021 08:37:09 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4460250
Last-Modified: Mon, 27 Sep 2021 17:20:44 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 23 Oct 2021 08:37:09 GMT

Redirect headers

date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 646
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/59823B75A703BCB03A590B9BDA1162B9E62BAE60.5A1589B90B64B1447BCC57E660A41BCB2C8F5FB7/key/cms1/cms_redirect/yes/mh/-z/mip/216.131.111.39/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1634977946/mv/m/mvi/5/pl/24/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 4E83 23 KB
9 KB 25ms
24ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 21 Oct 2021 23:51:44 GMT
expires: Fri, 21 Oct 2022 23:51:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 117925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 162F 0
0 66ms
66ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101401&jk=2834336860190299&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame D6E1 35 KB
35 KB 21ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 29122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame FD7D 23 KB
9 KB 28ms
28ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 21 Oct 2021 23:51:44 GMT
expires: Fri, 21 Oct 2022 23:51:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 117925
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame D9F4 35 KB
35 KB 21ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 29122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E83 35 KB
35 KB 31ms
31ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 29122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H3 206 file.mp4
r5---sn-2gb7sn7r.c.2mdn.net/videoplayback/id/59fb236b121f21b7/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666514229/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C536 869 KB
869 KB 30ms
14ms Media
video/mp4 172.217.130.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.130.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s08-in-f10.1e100.net

Software

gvs 1.0 /

Resource Hash

8222c0abfdeba53481fa3b2d61887bd1bfee871ba0deb41482d48f78bfe1cdea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-890171/890172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 890172
expires: Sat, 23 Oct 2021 08:37:09 GMT
last-modified: Fri, 20 Aug 2021 15:16:32 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame C536 0
17 B 225ms
112ms Ping
image/gif 108.177.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~kv3jtnw0&c=2248598285938&slotId=1124299142969&qqid=CIyM-cOQ4PMCFQKodwodlX4JNA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F59fb236b121f21b7%252Fitag%252F343%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F1666514229%252Fsparams%252Fip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Cctier%252Cacao%252Fsignature%252F05D4D507B8316E13BDB7A382B0BDFE467FA02FB3.421C12774506CA24C25AFE121FC6A5E5787CCE46%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.177.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ym-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r5---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/eb58406021f035a1/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3777211246/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame 2259 195 KB
0 34ms
16ms Media
video/mp4 74.125.104.107
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
URL: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.107 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f11.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 23 Oct 2021 08:37:09 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4460249/4460250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4460250
expires: Sat, 23 Oct 2021 08:37:09 GMT
last-modified: Mon, 27 Sep 2021 17:20:44 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame FD7D 35 KB
35 KB 21ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 23 Oct 2021 00:31:47 GMT
x-content-type-options: nosniff
age: 29122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35616
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 23 Oct 2022 00:31:47 GMT

GET
H2 200 dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2...
ade.googlesyndication.com/ddm/activity/ Frame C536 42 B
107 B 128ms
59ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D6016%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634978229961;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C536 42 B
64 B 154ms
34ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5l5ks8lzYczmOoLQ3gOV_aWgA_yh2tFkrpXS5ZcOr9uivcABEAEgx-nTHWCV4pCCoAegAaH1-ZkByAEFqQLc2A5wtYmzPqgDAcgDmwSqBPQBT9C_q-obqR1cTkJ_ivbDLf4yClx2i8XfVrS9nSxoPR88wjYlswuRGRgoXJyEjA48Dng8DT_YHISZ8VCn3EdQeG-xc18OuXf-CC1OmZ_o-9v5CnjWiMSeFkwGTtklNA9L0Av1OzNCfvykPavHSgKWi2mB70PZOgWWOuWU2qfCMet5Mu_ay9pHyB3L0bOMGeNqhpQ10IXggtko3t3aur6aQ4l7d_6XLTaDeep1pQh7h8VADwkl87tpcwdK2ZM94XkqpPtSAVUBPTDSlhayz0SuGWwwWyPqFlq4ufgP9_56_QF2XZ0VqQEohRQwU8HmUmMMHhwuE8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoByAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUqQ7YFAHQFQGAFwE&sigh=C5s4ucnieAo&label=part2viewed&ad_mt=13&acvw=sv%3D20211013%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D6016%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634978229961

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C536 0
24 B 180ms
65ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwnQEyexzRo-reACzZ14oMIQW24OQzMEj79WUucyFu2vkuTl7-lLiCNHlUKr3hNu0r-cwjeh_rfCvPL3sZXBCFE3kzHtdvOEl6c7dNNBtHvq-jpjqJ3TD1Y0xLdaaTDmEei6w5Vz5gLY6SZSmK0TJ0myZDvz4dFHV-fpcLKyNaIJj37ZRG-Ku8VSNO7PNLRjwc4eDl1QmJ2pStZ1x2oMoXVYokXYq9biO_rceIu4JUmF3XJud2QSXikbAvmdTgrt2klVFWo7YCfS37Exfk7dKMfoeRlzRVn0QFVWuwSBQRKJDe4LrERaM1uCvnwiR_fewD8xflFoP31A5uqDaYPgZA1bwQ-Lgkky0O_mxF1xm7Vnnqmkk2oFn_cG_ReQyjp58kDHnV0i93T4ubrFXxGpnOLNCO05j4ZxCKeOSO31rhkh_H3RLHEQM95ROL2GxPW0Ev8Mq2Zr5vtCq3ERuFGxedIJPdb2LIT3uUFswk90ouHI50kyh2kuqIOoc9h8TyP6cgKCf5np7XueGt516Y1mO2CHovIXVzUFe6kCw5LLGVM7K2gCW_CQtQD65SNb2a4zo6u5umxLyxFgVAWA-3Yw-scCluZqYP8yVhJtZx-Sb6ODhM64UJB49g5bsymIDN0_c4rPNis7l6RByQrbsxXouDt1NMAQ-mhixkNvNAIHMBlMmb5fid1PHWySFJshFSeXHJLXhDDK2x6HuJwxN_j1ydGTXLPk6y9hBGQj_T-EV-84-kD5y2LFKn-SwgK9jt0CVjYdB43eDO7SlSXyrQQX0k6KGaxC6T4r4-OzFmFYLqNUOMpfRBdeFnYlqncCEJWysAs8bV8KC58UKj4Ct-1wsYo353CfEWhWtIHNVsEy6Jd04xkgCYnq8zrCKH7C1MSeKmyZc0Ugl2lB3IF34Wy9ReZDsNw2RH5sAHqOBb9TnRBT8WAlPdpHh0vxwoBKccuUC3Gjpigiy1N43YP7V3D9DU7zDfjdOiKqMMOSFZkoAlJ7UiVDNMHXJD5LV2TugPrKbhi8k14gfJvnXsD-TUz1F-RlSaNSOsau3KQnsPvuL7o-W5jBOJLPM-4c4xkMBlCcElclmBYV1ggPodr7MmDYosxeO8fZ0yD8wxDKJ7ZMNy6LYzPDodKiEX4togsRfiLHMPHCNZyT38RSTyqKA762l2N-b40ZHgfkQuND3Ewemk-4ZJ&sai=AMfl-YTgcl8IDKo5AAWYL2PNpkprZTqt_Vg7uJPdDLykGCL7PSoJCk5LmsleuLmMeyktT--0sJQv1DdJpmYKJ2McsymrkvlBEpwH3f6-K-kaNpsNsR0A7I7aZcII3bNC5k4uKCYrnvCg8Mg_7JsgkAFA5X3fcXG0wgI8SuGCkBWI6PKA6D4Whs_AYuro4CLNJEh-tDUp-j3pw2rRmrl2LiG9IDN3Oz9spxe-f791ukOIng&sig=Cg0ArKJSzOAbKKEmAJjMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 23 Oct 2021 08:37:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame C536 0
0 152ms
33ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGJv92LIBIAEwAQ&v=APEucNUlCALIRwBlUk3-rr2YmpDSBrUVVrwui58Iap_kqKb9L_cVKxtw21LgkTvAuu1kLF9KkMLCrq-gjcncHIlL4uqKrFiIZQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C536 0
20 B 56ms
53ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2...
ade.googlesyndication.com/ddm/activity/ Frame C536 42 B
465 B 125ms
59ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D6016%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634978229961;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C536 42 B
64 B 59ms
57ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNoiNMDGQViWosqD5jhavy-pFJ216605NWkTTnZBE4krY7td5d6EhEtR9hA0I-NN6wXQMqKJvrrpcCa7cwEjtIa8Fjy5oHnZFUoHl5YXXa3NuU5zhcBQ&sai=AMfl-YSnISwQ6qRR7G7469-i9Izhwx-apyQ3f0Lu34RkQZ4SxtZRzR66p7lUBM5ie5TVJjS-3G_CkQmdHWJT-vWKnBbfjXkHvR90qMugtiKRQbQ-S3nu_8F856uN7AgvwJZj&sig=Cg0ArKJSzN7dyNv9H08HEAE&cid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI&id=lidarv&acvw=sv%3D20211013%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D6016%26vmtime%3D13%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1634978229961&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C536 42 B
64 B 152ms
35ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5l5ks8lzYczmOoLQ3gOV_aWgA_yh2tFkrpXS5ZcOr9uivcABEAEgx-nTHWCV4pCCoAegAaH1-ZkByAEFqQLc2A5wtYmzPqgDAcgDmwSqBPQBT9C_q-obqR1cTkJ_ivbDLf4yClx2i8XfVrS9nSxoPR88wjYlswuRGRgoXJyEjA48Dng8DT_YHISZ8VCn3EdQeG-xc18OuXf-CC1OmZ_o-9v5CnjWiMSeFkwGTtklNA9L0Av1OzNCfvykPavHSgKWi2mB70PZOgWWOuWU2qfCMet5Mu_ay9pHyB3L0bOMGeNqhpQ10IXggtko3t3aur6aQ4l7d_6XLTaDeep1pQh7h8VADwkl87tpcwdK2ZM94XkqpPtSAVUBPTDSlhayz0SuGWwwWyPqFlq4ufgP9_56_QF2XZ0VqQEohRQwU8HmUmMMHhwuE8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoByAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUqQ7YFAHQFQGAFwE&sigh=C5s4ucnieAo&label=vast_creativeview&ad_mt=13&acvw=sv%3D20211013%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D0%26dur%3D6016%26vmtime%3D13%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1634978229961

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame C536 0
17 B 113ms
112ms Ping
image/gif 108.177.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~kv3jto4a&c=2248598285938&slotId=1124299142969&qqid=CIyM-cOQ4PMCFQKodwodlX4JNA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=983&mt=video%2Fmp4&vs=640x360&dm=6000&event_name=first_play&asset_bytes=215261&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1m0~videopreviewstarted.1m1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.177.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ym-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6E1 0
20 B 57ms
56ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCA_As8lzYYboOoLQ3gOV_aWgAwAAAAA4AeAEAg&bg=!f3ylfDjNAAbUs_yW1LM7ACkAdvg8WrV6gGq82C84JH87dDn5H2aGWAIMFWKJDUiHLXtZ1LgPBqmgPwIAAAFnUgAAABVoAQeZAwgrierkGddT7uI47ydiVMHbRQbwSM6yPzouYeRfZPmqFQZC63xMhl5ugLwtP5GGCgO2LCgBOIEKNgNPdheEIwe0F2MdUiIDNl5puuMxaUsWWbjqiYsmVynOVA7hwxr1Vd28Ly4eB-ZefKbEZ3Roh0nKBKhoh5gGVtVfT604bL8FoG9I9A3924-wNXVY58uRvgNKffBStOJWnu8xBW585fbu0EWDSLPlXP9H6ZVLWNGiUlDUuXJnP-y-y6Jf-wadFiV9k0vf5gGsgvttoaPn0vcW962wNffcIKoeyCl-ROIvfn3pvCZV9l9vFF_zbi7uhdGNQxLJ55L9UkMJmaaAfQ3Fy7nMwXely4u8GltRDZi6bYh57f8AuYfI-bVgEqQMvk5uaUEsVFbuXzXTal1OgmL-TIDQNGvNx0NBLKslRTT-yGgQ0wIUZThgWeyR_9TxA5HX_Xhv64SDHyR5OaK-C9TPnJdn3EjhgMMmW_Kh1M8QZl-HOLa1hULDsZZFLCSXZT1IfPMUjk_1C_UDdytAe7ytFTW40-G4X1xPrsAinv1hH_iWNRy76UdVXnIKTzniEud7eNHxbAsnaugu8pMilPmhzIVQf-O4t5FiCA-wmJvwijn-jATjkuAsEzqKTMWVYs0E7ZYxUX9IKD-QR-eCww7CR6XCopADzJdXI48D8RNcIndBmfxYrYjLjXMTUu13_XvxiWnrU_YOxKNvcY-lQ5JA3LzldrB7Z0-n5-wxDYmrQbPEPtEoSHH8J2gAjDMI9_PgsTTxu8fdimEpb142_vVENDrf0X8tewnN0Qt_jlM6O1HZ8TaaBagWL90HAmxds-vK9t5PSuBqC_RDs7WqwKDSqW2tvw2yOcOVskHo85aW3IO2W2Q_gP1UbrYra-zaI9yudctdvs5dfQR-wmxmYHWb3S486LuAmomBNacLwPwHeJDp3pIBDIIyz28WrJhYcp6mcT52N0hWSrbP8nO30sFYYLgrHnaHk8n7rXNmK8sjTEyeGi_z1KgBoC-pwwTqS3h4lMtPurmWUw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E83 0
20 B 56ms
55ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BPoO5tclzYYPCG43YzQbV4YnQAQAAAAA4AeAEAg&bg=!VFelVxPNAAbUs_yW1LM7ACkAdvg8WnozNLHAx3x0lN6ltyyjZkFPHn1786tXbBlamxnQBejYXg5deQIAAAEqUgAAABVoAQeZAwh684ZIkZ27sN2qjr7mCShkktMF4WGwM047nb9oC5fqCphuSC8EI2mvC1uj3OSERbnfqnCpf2f801cEiBDZO-Kgi0kYrREqkA2a9j5RMXZVBUEGZUPiFKgC4pzdUyT0A6i_ZHJcklGe1hPul3W3pHax0BTeqTCT-iTyhkzz08F2PoXo3K5JBKXGEYywvgMlFGLAFLYdoZXRBqCvaGE8QCsBQuE-fsF9c1_XOqbGdf88jHMDkDkU5ToGVw8A3ca-9gM_ZMERNazOUe9XjVO_kyijDCJZ8OIlEmi3pzl5vObYkOMvMlGyEKUIkXfl8H-Av_snpKKCJAoz5ss9vmFsj2J2T1ks4et5xalGFTrhmlDZ3KZ04tzeBx3wgIf2xSKal2PCSDTmVJsV8nKTQRtR4UXi_VFDyK7-3rBG2sJDN48TkSV-YyGQln8D-Jhy1pGTqXuT9sDPFgdSfhZWXsPue1TYTQYryIm3DNh6AZwWvrKKeMil6h2b_k9DYd5JNHbLLTdm4Gym0eYMV6g_y85pS5x8eoJdP4gOmqRfqsb6TJ411pEK5MSTMTj6B8xGM77E4u45Tg7qQPWI4RwkuIIrXIu2Hwr-O3SorZP15_Jrb0Di6gNFEss9D7_uIhat86xGiMLMr4rRA7dnOQ2bCwj7kpRi2WRx82UBX7--vxTcvZZ2QAKiar_gqkyRLwTOPrrw7Ji-5zVqGuLUmoNXv8N0kGwf66TOMgtYZeeZJkR3PWJ_qXvPurA__WaTpU46DOcSvwzuOVWRCXf41QTWZDqycxnXc2wPcvpRfzjlDS6BiahWMOxMlT0o3FevLpjtWykcpA4F8eErJa3BY796BNCaZmYbm0aD2plnvQ35Mlb5zAdMJM2jw4HPLJ6IzRkNVlgX8AyfnJW_wIHsxWGIhoUiUy0Bvl5xQaeFPqR_V1ye79hLIetadUg-0uEjdm3J44Y2Fs97DUUTYL3d3k0hmBTTSLs0Gv9xfgxlabdMWp9Dino5EaXG2Mun4zKqjGFRyWFkb07y-z9ipUHp8Q

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101401&jk=2834336860190299&bg=!FRalFlLNAAbUs_yW1LM7ACkAdvg8Wr3j0Ss_KRUVoG-j724FkyrCYz9_LDDD3AB3WX9pyX4mJgLIOgIAAAFFUgAAABVoAQeZAtLDKUrJzgb7Z0eLUBwQeBc9uGBgNQ9-b0D-u9CSX3oK6cxYpaEUPs0uGA-XaWTRq1FC-iKsHUqa9Hzc7oOn_fhiCt0rhvoEgw7GRLLeuJjk8KWxiOlWg104Vl4_G8GQwCiv0lw7xzp2G_IF3KDcB_pToO96d_ufuzkkEaamf9g9_h1f7G6JrtsVzijRd5cGA9OKJFxdcnobh9b-zDXPnW-Y3BKaRctmSWWlJDvcKSAlxOttrjkQUkNK0F3k1BjbisAGq2K-YsHGDfXm_7mgzYHt5SdX8n0mY57MiB8755fgQhDhbusuL8gzdjJBB3UufarVUIFaNSP7oa1u3ujqSG88w18BfG7vy7GDNtUOPIjGf2Z3LNsp_7SBomOeVjCLsaREgn3CnBBKKvfGf_OgKQUgB65mxCo_qTxa1NMy4IkMRTtAQltWAI1kBgHp1pdRUkxqnw0VnAGpFdEsCj8EkfGiOrZrnJQ_FYl8iqGSNgu2MvNRZLDBllMqHrjUTXfx-HBPNOM_aacc3ZSHforLkP5CpcDVKNXekunNy4DrGrCXi1tC2gLW6BfSn2GU6Hxte-uxFwPP4vQxPBsVeE7LAY391VNXcn8OktqkGBHjn07ZZ_Ww3iuEOnyYgl0DbBvIXbJOJ1ppor7UbO5njT_DLe33Ql4-T9btOxsBVo84wQa6dkK_jiaOND22p80X0g4IwkFOvpE27SWKCMlc5nxz5km9xHM-zw3eLSFEectSKDy675kTCWrVq9IMKdNaBql0jndqZk5wDEOpVqHmh0SUB3LSJckcCbuiouTXe9-U-QwRtR-zpaBfndw5xofPud0pDxpwx3txYFsLX0NluNzTSMj0pMktsgDWbYjr7bV7sB-FoKgHT4yB7Ov9OGZJ-X2FX6zaYodBx5YQ5ORvZzNR__vDP7x6lDNz-yU-enpIOihZaJjMmKuyKqwwJ68Y1JzGgC-05Q

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.amarujala.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD7D 0
20 B 56ms
55ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BMejFtclzYfX3IpyxzAbdoYKwDAAAAAA4AeAEAg&bg=!bm2lbSnNAAbUs_yW1LM7ACkAdvg8Wvl9mpCY9xrLMEr2mdHl2h2oGZMFvqlg5o5VAVoYWfl2kx0dWQIAAAC6UgAAAAtoAQcKAHuH09xI4PpvsJTS-3TsGAKhZ2BXKJltG2RCDbFwea_-6O8XHqjvtvs0ceMDqC-R9vR06PdcV3soJ16ouZLPKdoEe1-ZzLKboCtKs3vyQPpAni1LkI3rxIwfJ9EdAncZcABi2HIm3MChbaORN0Xm86tszwhIcWrHHr4vzlOZAxfH2NRnmrZlFm5iC5FlW4t4LFJdnyTPlUwJfP4awspGNb1oSgWG2MkCUZNLynOQXNYT989dvN0eKnHogLs5MfMctprtsv3GucXVpBMfGzh9aBP3Dzz8Ej4Z6HcLr3imTy2aduItwMIFn0eCPNio_mRft-sxmT_8sxAA5pZo7qC2NqrUdEYDHIh179Jw5DyWnBygBOCDS2p1bkK_qW4SNXOQmF5w7itYqNvikAPFX7S26ICb-KTYixOIrHTkk_tTF4qOYxX5l_snjfZq08vGttJBg5kaFSTPaI-qF8DfXmNqUZFfJCWXsbtWVV-eiVluNsvFhMsp4Kg786ykIj7HhNBxVm1b83JIV9-GtECSCoi7JPjavTGKZsFDGtW0d3QABDxQbGWgF6ib-w_zRhMl1K27rd2JzwCln1G6_yd88bYY-iC3rLRHeDyz45YO0oeJnXiwpmwQZND5qybSqcpWkKe3Hp88q7IXMq6acKbop5bBJuzRHeGYMnZYV7P0T0dwXIdQjqLpDyEWoiP-RwNW9RDGmqdoBzKYCPLneE6IiB-x6rihLitITzyaXXwmWq_jhuSXsJTIJkBNGJ8ANBV13J_7GC7K2U_y-HDBS9saq6Ag6R7T-esPehaP16y1yhC76M7bAF-CkH0nJ1jVWdQJm5N_llFWlf6-F7hRDJD_CsullMuztfxtKay7u90RpqUZ9TCo0-_ggqK7shkMFl0p43LzSHGXu6r3Xcf7WaSoracWDn1CZNaEq1geqiP4_QoDzt2_Qmxlj3_aXtpga7TSf7e-GiQV0VG9DrqxD_ssZKB-sHPP50VvVRexXq_srYzOhA9WS11Z__xhIipUzfg4y9DZ18bOxgeuwlQC59_jseelJxkh3qcN7dv3aFCzLwDQQSGDG4fv-XFghHTzWTTH7aLiU3uxyAa00AXOfFv0dz5AEpoLj1bPR_WLIvpWEZzbBSV29kOiHMwURiRRO0v6QvHFVHgn3oNEYpcYD9E9tWF9g7JzZQWQISBzkPfHWAHpaaot-_afpgSEU6SghkTMtMb4a3OMqm0Dcg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74AA 42 B
64 B 87ms
56ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxQaIrYgOKI7Svh1qX0f2z_rZbiCw9GfXme6RxxiiicvLJW_rmDWolpYdgGPfYVgTaQ_cOAC9JAGomEhZ09YSlHW53H1Ad3t9sfvNl9E-6NXOf-FDU1Q&sai=AMfl-YRHkZxy-nsMTsJEmxOs7sxZsmdL9iAv3UQesx_Q0wiQfOnknuYCZDLYx3WipPuQlglXNu_Dm3trMZI-LY88En3lcma0FfL_RVdxcGuU0a1NotspuB8o-g2zBJ-GW2Lz&sig=Cg0ArKJSzGPCqq1cYLhgEAE&cid=CAASPeRoj-vsilyPlT2P4KMu-bXy4m8XQAm6wDztUEs-lSi3nj1tTvrASlF6u_ENDf5as1UogKiNDVEzyXRauYo&id=lidar2&mcvt=1000&p=10,569,104,1297&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3512711815&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634978229086&rpt=273&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CDAB 42 B
64 B 55ms
55ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaKg09LnXGfkxu765jMP4AC6aGylya1zpfY2w3ss6NteOAG7FaSg8JlFE_-OCKjVuC3tN98EsH7HIcjqBsqfnwxaB1gIzhjSYjuzturYhlBQuOovlYUg&sai=AMfl-YRFK6uhd94Ar9nQQFvmhlj668c5r6qpK_QfZR2LGauYezEzo2LtwEq3Yydxx-2q9gcK1S8i2ZlJPP3sUmkdoSJmgUdRukI0lhYG0TGWww17D1GSNKTHS-cJ1NM6rhUn&sig=Cg0ArKJSzC-i8IfSAoCrEAE&cid=CAASPeRorfYwJGFXREe7smQqJR9ypF3KbSeF7e61v1dr17UOuaf-9Ql5-Pp9G3-6kEoLjRdNlxCjAXbTY3X3ZWM&id=lidar2&mcvt=1000&p=178,130,778,290&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=574595809&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634978229097&rpt=547&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B0F 42 B
64 B 55ms
55ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZpqimqvLO03I78IUNBDXiCU0zt7uq8jIdGNp-SXPdPY23mA4kzIXyEDVWx7nGH1kCUBec-aojUtZC3cWYS8NDZMucv7VgnwpBWRtfyiLHQWvAO8W-8w&sai=AMfl-YS-PB2-lr0UWwEBrZCSD9vTTPuubqNXjQQ6fdcjlianGfiWCrdQeW8v14LUmYOmHnJ5Ceb_UqVyvEaY5uOplDf4kEdd-aMNbOVRf4_cmTb4QAyEHmaZ6If8JTFy-yzN&sig=Cg0ArKJSzOROQqEaM8gZEAE&cid=CAASPeRo-b_453fcswjpsPIg6cnY-tttepgGkjMBhTbrJDKbBFK-j6YXD1qPrRqm6L5wR1Jkpvg9Q2g6_8pTSUQ&id=lidar2&mcvt=1002&p=178,1310,778,1470&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1456524117&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634978229091&rpt=542&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 08CB 42 B
64 B 56ms
56ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstwYZ33RcS8966_jtD1elIcrfqWknvf-sZ4B0GeLWO4kfG_JcjtSIF3BSITT4-xKfHkOKGHhtoKlIR6X9C-Gx9CO97NK7R_nrnQ_RcvhIMR8nn_lbb8nw&sai=AMfl-YQg3UGJRxbn4pbsh68wTYmeHg9PThUCXNowJ__QizqeaYkxm1905AbrYNS-JOG-MVSS3n-jCQUmfjUmgLuQE8LKPW5NQgIc9NjPz6AQXfaRFY1tu3XTPJ9re8mYIWO-&sig=Cg0ArKJSzNg3e6BZhIQaEAE&cid=CAASPeRohVG2sL-AQl9X3hlAG_9nGcK10C1iyNM1PLIURBtaYNblxLeaUihKGGIn-l2lcOOS67jH6r-FoDcv6lU&id=lidar2&mcvt=1000&p=193,315,443,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211020&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3653573332&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634978229104&rpt=593&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 2259 0
17 B 114ms
113ms Ping
image/gif 108.177.122.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kv3jtnv8&c=204229148574&slotId=102114574287&qqid=CO2S-cOQ4PMCFQKodwodlX4JNA&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=993&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=18&vhc=0&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C692%2C43%2C44%2C45%2C46%2C0&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.177.122.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ym-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:11 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2...
ade.googlesyndication.com/ddm/activity/ Frame C536 42 B
63 B 88ms
59ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D1527,0,0,0,0%26mtos%3D1527,1527,1527,1527,1527%26amtos%3D0,0,0,0,0%26mcvt%3D1527%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1694%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D0%26dur%3D6016%26vmtime%3D1708%26dvs%3D1527%26dfvs%3D1527%26dvpt%3D1694%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D256%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1527,1527,1527,1527,1527%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,1527;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1634978229961;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame C536 42 B
64 B 35ms
35ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C5l5ks8lzYczmOoLQ3gOV_aWgA_yh2tFkrpXS5ZcOr9uivcABEAEgx-nTHWCV4pCCoAegAaH1-ZkByAEFqQLc2A5wtYmzPqgDAcgDmwSqBPQBT9C_q-obqR1cTkJ_ivbDLf4yClx2i8XfVrS9nSxoPR88wjYlswuRGRgoXJyEjA48Dng8DT_YHISZ8VCn3EdQeG-xc18OuXf-CC1OmZ_o-9v5CnjWiMSeFkwGTtklNA9L0Av1OzNCfvykPavHSgKWi2mB70PZOgWWOuWU2qfCMet5Mu_ay9pHyB3L0bOMGeNqhpQ10IXggtko3t3aur6aQ4l7d_6XLTaDeep1pQh7h8VADwkl87tpcwdK2ZM94XkqpPtSAVUBPTDSlhayz0SuGWwwWyPqFlq4ufgP9_56_QF2XZ0VqQEohRQwU8HmUmMMHhwuE8AEloiYrtED4AQDkAYBoAZ2gAfHiobmAqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgHAQARgdgAoByAsB4AsBgAwBsBObm7IMyBOBi4DeA9ATANgTCogUqQ7YFAHQFQGAFwE&sigh=C5s4ucnieAo&label=videoplaytime25&ad_mt=1708&acvw=sv%3D20211013%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D1527,0,0,0,0%26mtos%3D1527,1527,1527,1527,1527%26amtos%3D0,0,0,0,0%26mcvt%3D1527%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1694%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D0%26dur%3D6016%26vmtime%3D1708%26dvs%3D1527%26dfvs%3D1527%26dvpt%3D1694%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D256%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1527,1527,1527,1527,1527%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,1527&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1634978229961

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIw_DTxJDg8wIVDWzTCh3VcAIaEAAYACCC8sZKOhoI6ZeP5wIQloiYrtEDGIGLgN4DIK6V0uWXDkITCIyM-cOQ4PMCFQKodwodlX4JNA;dc_rmcid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI;eps=CIjhgHAQARgd;met=1;acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2129,0,0,0,0%26mtos%3D2129,2129,2129,2129,2129%26amtos%3D0,0,0,0,0%26mcvt%3D2129%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2296%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D0%26dur%3D6016%26vmtime%3D2310%26dtos%3D2129%26dtoss%3D1%26dvs%3D602%26dfvs%3D602%26dvpt%3D602%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2129;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1634978229961;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C536 42 B
64 B 56ms
56ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNoiNMDGQViWosqD5jhavy-pFJ216605NWkTTnZBE4krY7td5d6EhEtR9hA0I-NN6wXQMqKJvrrpcCa7cwEjtIa8Fjy5oHnZFUoHl5YXXa3NuU5zhcBQ&sai=AMfl-YSnISwQ6qRR7G7469-i9Izhwx-apyQ3f0Lu34RkQZ4SxtZRzR66p7lUBM5ie5TVJjS-3G_CkQmdHWJT-vWKnBbfjXkHvR90qMugtiKRQbQ-S3nu_8F856uN7AgvwJZj&sig=Cg0ArKJSzN7dyNv9H08HEAE&cid=CAASPeRoo5RPzj4qN19elDm99Nr4Cry_uVr7VPsMtF_1gQjepJsZv1bn0jal_deNcdN_U_FnPt2HrAa0V_XGtlI&id=lidarv&acvw=sv%3D20211013%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D1,1,169,299%26tos%3D2129,0,0,0,0%26mtos%3D2129,2129,2129,2129,2129%26amtos%3D0,0,0,0,0%26mcvt%3D2129%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2296%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D0%26dur%3D6016%26vmtime%3D2310%26dtos%3D2129%26dtoss%3D1%26dvs%3D602%26dfvs%3D602%26dvpt%3D602%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D690081790%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2129&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1634978229961

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Oct 2021 08:37:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: spidercss1.itstrendingnow.com
URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.woff2

Domain: spidercss1.itstrendingnow.com
URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.woff

Domain: spidercss1.itstrendingnow.com
URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.ttf

Domain: spidercss1.itstrendingnow.com
URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.otf

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
handler.amarujala.com/	1970-01-20 06:55:14	Name: auw_guest_id Value: Df2lV4itRHXambIW1d3nP8Cps
.google.com/	1970-01-20 02:33:09	Name: NID Value: 511=hPSfprC3sgDaiyPkwvSFaSrbMFtD3_jD5aVIyT6TmlJh4jfUNjOQTGBfGMIBaGYmtdWwfYIZ13PwD7M3PoKuLt9wR5A4zuyUje0zPcEYVd3_bI6quvTxSRs_QvN8bgVDmF4MW2vLmPw4xj8-3qhXbcb6T0ZkGMWnW-f4m7BAPMI
.scorecardresearch.com/	1970-01-20 15:26:26	Name: UID Value: 1GOLAWZPNFDS1QXMFGD6HVg1634978228
www.amarujala.com/	1969-12-31 23:59:59	Name: auw_initialTime Value: 1634978227738
.amarujala.com/	1970-01-19 22:09:41	Name: AMP_TOKEN Value: %24NOT_FOUND
.amarujala.com/	1970-01-20 15:40:50	Name: _ga Value: GA1.2.823376848.1634978228
.amarujala.com/	1970-01-19 22:11:04	Name: _gid Value: GA1.2.26088047.1634978228
.amarujala.com/	1970-01-19 22:09:38	Name: _gat_main_id Value: 1
.amarujala.com/	1970-01-19 22:09:38	Name: _gat_global_id Value: 1
www.amarujala.com/	1969-12-31 23:59:59	Name: auw_parent_id Value: 55bd8873-6081-4254-beb0-b77a30e75ad2
.amarujala.com/	1970-01-20 07:31:14	Name: __gads Value: ID=d04e09fd061cfae7-22a4b9b8feca0056:T=1634978227:S=ALNI_MbAtjkJQiK9cze6WSOS98gzY3Eo_A
.doubleclick.net/	1970-01-20 07:31:14	Name: IDE Value: AHWqTUnjS14mJV3VTjpt6u1iVbNJpP5FD1jeFJgA4yUsqx_HUFkhTtmOmVJZtIF3

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.amarujala.com/ Message: Access to font at 'https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.woff2' from origin 'https://www.amarujala.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.amarujala.com/ Message: Access to font at 'https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.woff' from origin 'https://www.amarujala.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://spiderjs1.itstrendingnow.com/assets/js/jquery-1.11.3.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/sw-register.js?v=m8juy87o0jrogrffgrddi Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/build/v1/js/widget.min-0a09a0aabd.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/build/v1/js/main-8757d45ce2.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://static.cloudflareinsights.com/beacon.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/assets/v1/js/jquery.jscroll.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/assets/v1/js/jquery.bxslider.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/build/v1/js/jquery.inview.min-0d4f4c2c6a.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://spiderjs1.itstrendingnow.com/assets/v1/js/jinqjs.min.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.amarujala.com/ Message: Access to font at 'https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.ttf' from origin 'https://www.amarujala.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://static.cloudflareinsights.com/beacon.min.js Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.amarujala.com/ Message: Access to font at 'https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.otf' from origin 'https://www.amarujala.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://spidercss1.itstrendingnow.com/assets/v1/fonts/NotoSansDevanagariUI-Medium.otf Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js(Line 345) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js(Line 345) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ade.googlesyndication.com
ampcid.google.com
ampcid.google.de
bid.g.doubleclick.net
csi.gstatic.com
dc01a7836af1b20748ec72bc7e8d753a.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
handler.amarujala.com
imasdk.googleapis.com
pagead2.googlesyndication.com
r1---sn-2gb7sn7r.c.2mdn.net
r5---sn-2gb7sn7k.c.2mdn.net
r5---sn-2gb7sn7r.c.2mdn.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
spidercss1.itstrendingnow.com
spiderimg.amarujala.com
spiderjs1.itstrendingnow.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.amarujala.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
spidercss1.itstrendingnow.com
104.16.205.36
104.16.95.65
108.177.122.120
13.225.82.45
142.250.179.131
142.250.184.194
142.250.184.226
142.250.184.234
142.250.184.238
142.250.185.110
142.250.185.129
142.250.185.142
142.250.185.194
142.250.185.66
142.250.185.99
142.250.186.130
142.250.186.142
142.250.186.173
142.250.186.42
142.250.186.78
142.250.186.97
142.250.186.99
142.250.74.196
142.250.74.206
172.217.130.70
172.217.130.74
172.217.18.98
172.64.138.23
216.58.212.166
74.125.104.107
74.125.140.154
74.125.140.155
0535625923378b8b2b5139f35fb8fd9c2b3e559ed8de22636200b5d18020c564
058c62b6fd1dfbccc354319f1ad531e81c2542d3a3cfd3ad1f7d198cd9d26bb2
091e11d6b9e5cba38e0d184ca5a7bf07e708c8f0d7c9fb76e8e9182ed93fe3e4
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14865326c754c2b464ef40da661fc012463e36f0b3f91729f720b4d0184629cb
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fa70c799f01374fba0e3d1f5c94f88f204cbc00ee399f027723ce8b5bbfd810
1feb44d5ad2317d9342523c4563c64678570cde7d8dc8adb8645490b6a8967c8
21c311ba748e6359f17eff71cc273f227316a9eb15ecafb402d854bdf5fea504
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
36f1ba6e9c1be46b724006ce5395fd0be93161c1d6dcfcee70397714ed59b515
3b2462fbd30325750a93ec59f2cf04c3dfb0a4d37485344560350034cd710b1f
43a387a097d89fdda88447705991069437c05bf539b9285a2ca38df1d75009cc
465e9a6e1125152c73b5675302434378e37e4c8f0f76c2c58497ca136bddd14e
470566b14c91d85922fa9db4a10b0fc81ef80daa6890b06f3cb399c143ec561a
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4aff8355ef27279106f7b862998772566440640087abc0a9ef3928ad5ec9d598
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f06fa6a4a36d9702745dec58ef82ea73b36cc8e2636504a85f65207904322d
55f5b87b898e81bab8afdf327b6648eea9a87b2ecf9d60cd537ec7873db89a93
582f5961c0eca0d23d36dcfbf9b22ebaf6cf91f69f8d69f9fe07f0487c6ffea7
5e8bc245f59dac7a047659ed7bbcbac7e3423ba4e32e210f61a5448b0796bd7f
626fbd1a10123dd6932fbdbc78374d3bf3957388fe5ac823dc74615ea7a240e2
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f027aafbf526e260c9d5700bc8c0e05fb49d3ae19b23f907180dfb46322c0d9
76a1ead3c3573a043a3f576c622471b1095d9b1bf0e1d3dd00efa3722cf5c583
8222c0abfdeba53481fa3b2d61887bd1bfee871ba0deb41482d48f78bfe1cdea
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
869ace4624ebda5612a7f696ec880c3ccb0d9bc4407d860fb77939bef2c60858
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88dd40d571c3010ff3bf878bc9980a9af8b5dd61baa07e433167d6254ff49a5b
8ade00ef9b3c7f137dfe82dd11ed970b47ece19df2e6014b9abce76bc91a1b3f
90e91ad8961421265b8039112da5b2c156300455139c667a368ffc12f48f3902
9755bca214ccf97ddda5a4fd04f3e36ebd9e04ae8e0c9775a26182ecfe83c3e6
98b1022a207e7a6ef700f81ec57473bc28967565907c7bf2b4f5cd307f442584
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9eefb74cc5ac64da8206bbf5f929ee9c260d7d6162ec2a799e1fdb6190429bf5
a09febbdd8c58b1303649fa21430da0d55623ab2d1cb51ab37b714de10d7a845
a2303eff77a74f6944f4bce575e32104cad14c9df50d29d5fb1f6b537bf12a2e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2a5a99d8f8ef56def811b8adad5c86d6d309a093a1c79370bd5ede23bb2cc4b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6da80c97c3a0c54cf458ea743a69df78709225f1b20f19e2006c1db59cc6b15
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b29cd9baf558e8dae93501711ae1718524ad59a9b07a9a76b0bb3d8e92ef0336
bcf1f438d5358f6d97751996474496c351a98f2cb0d9ddd0b063e77d08175a95
c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21
c5da424ecbf338a9e617d4892f4d3a94d971ce4162fabb6469391684aad95a81
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbce3cee70669afcbc3dba769e5ef013a791e15509d0a2f1223a0ec1e00efe41
cbd54c46b7ffa57972f5348c70f1cbdd95fde744c8a2ac36253a0bd25c428f69
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfc261f3b35fe71463e97b5da5a95048fee8f904308a4cd6194c669ac0619ce4
d8befc63ffef4fd192ef1b18655c48970daf3637b4dd6b89f35cafb66f60cfd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e444df21d53a9e6d8c4248f8416fae87073b1dab5b6db095bf36b96d5622aee6
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e9ce77ca8907b7d7057eb4ab9a0a9ffdac3e33b1f8131902f5eac1affda9025f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcdc642daa0ad6a1f8cf64e6cfa7a9e5639dd7fe0e1056d8df270b7bb39ec3d
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
fc9fc1139b95456b8d7d3eea1986793a3a55df913bc5b587805c132cab22c89d

www.amarujala.com Open in urlscan Pro 104.16.205.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

98 %HTTPS

0 %IPv6

13 Domains

37 Subdomains

32 IPs

1 Countries

3070 kBTransfer

5964 kBSize

12 Cookies

27 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.amarujala.com Open in urlscan Pro
104.16.205.36 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

98 %
HTTPS

0 %
IPv6

13
Domains

37
Subdomains

32
IPs

1
Countries

3070 kB
Transfer

5964 kB
Size

12
Cookies

187 HTTP transactions
14 data transactions