paspor.siap-online.com Open in urlscan Pro
158.178.225.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://padamu.siap.web.id/91000069120678
Effective URL:
https://paspor.siap-online.com/cas/login
Submission: On June 30 via api (June 30th 2023, 9:43:48 am UTC) from US — Scanned from DE

Summary HTTP 184 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 50 IPs in 9 countries across 33 domains to perform 184 HTTP transactions. The main IP is 158.178.225.114, located in Singapore and belongs to ORACLE-BMC-31898, US. The main domain is paspor.siap-online.com. The Cisco Umbrella rank of the primary domain is 546339.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on April 14th 2023. Valid for: a year.

This is the only time paspor.siap-online.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	36.89.160.232 36.89.160.232	7713 (TELKOMNET...) (TELKOMNET-AS-AP PT Telekomunikasi Indonesia)
6 15	158.178.225.114 158.178.225.114	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	36.92.173.206 36.92.173.206	7713 (TELKOMNET...) (TELKOMNET-AS-AP PT Telekomunikasi Indonesia)
5	52.219.133.39 52.219.133.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:4200:a:e047:753:be1	() ()
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	52.48.64.133 52.48.64.133	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
34	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
9 12	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
6 12	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
6 9	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	34.250.56.160 34.250.56.160	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	88.99.219.174 88.99.219.174	24940 (HETZNER-AS) (HETZNER-AS)
4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 5	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
4	2600:9000:223... 2600:9000:223f:1200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2600:1f13:800... 2600:1f13:800:7781:1172:d4f8:179f:23b5	16509 (AMAZON-02) (AMAZON-02)
3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	35.178.131.157 35.178.131.157	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	13.224.189.92 13.224.189.92	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.36 99.86.4.36	16509 (AMAZON-02) (AMAZON-02)
2	18.168.234.149 18.168.234.149	16509 (AMAZON-02) (AMAZON-02)
184	50

2 36.89.160.232 (Tanjung Barat, Indonesia) 2 redirects

ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID)

padamu.siap.web.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 158.178.225.114 (Singapore) 6 redirects

ASN31898 (ORACLE-BMC-31898, US)

paspor.siap-online.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 36.92.173.206 (Indonesia)

ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID)

files.wacana.siap.web.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.219.133.39 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

siap-sekolah.s3-ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:4200:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.64.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-64-133.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.98 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.80.39.216 (Canada) 6 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.89.210.141 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.250.56.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-56-160.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.219.174 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.157 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:1200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:1f13:800:7781:1172:d4f8:179f:23b5 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.131.157 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-131-157.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impfr.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-92.fra2.r.cloudfront.net

img.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-36.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.168.234.149 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-234-149.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	299 KB
26	doubleclick.net 10 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 254 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 346 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 258300	240 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 325	251 KB
19	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 951 static.adsafeprotected.com — Cisco Umbrella Rank: 624 dt.adsafeprotected.com — Cisco Umbrella Rank: 542	198 KB
15	siap-online.com 6 redirects paspor.siap-online.com — Cisco Umbrella Rank: 546339	95 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 635	9 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38273 hal90007.redintelligence.net — Cisco Umbrella Rank: 339412	58 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	10 KB
5	amazonaws.com siap-sekolah.s3-ap-southeast-1.amazonaws.com	165 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	194 KB
4	google.com www.google.com — Cisco Umbrella Rank: 10 adservice.google.com — Cisco Umbrella Rank: 113	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20510 api.webgains.io — Cisco Umbrella Rank: 51644	31 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 49812	1 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1385 google-bidout-d.openx.net — Cisco Umbrella Rank: 1388	689 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	204 KB
3	siap.web.id 2 redirects padamu.siap.web.id files.wacana.siap.web.id	732 B
2	tradedoubler.com 1 redirects impfr.tradedoubler.com — Cisco Umbrella Rank: 108264 img.tradedoubler.com — Cisco Umbrella Rank: 81856	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	133 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 1531	335 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	25 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 483	17 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433 fonts.googleapis.com — Cisco Umbrella Rank: 88	32 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 59854	437 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39920	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 208307	933 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 568	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1568	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032	20 KB
184	33

	Domain	Requested by
34	pagead2.googlesyndication.com	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com paspor.siap-online.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
23	s0.2mdn.net	paspor.siap-online.com s0.2mdn.net 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
15	tpc.googlesyndication.com	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com paspor.siap-online.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
15	paspor.siap-online.com	6 redirects paspor.siap-online.com
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
11	dt.adsafeprotected.com	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com paspor.siap-online.com pagead2.googlesyndication.com
5	hal90007.redintelligence.net	1 redirects 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com hal90007.redintelligence.net
5	siap-sekolah.s3-ap-southeast-1.amazonaws.com	paspor.siap-online.com
4	static.adsafeprotected.com	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	paspor.siap-online.com
4	hal9000.redintelligence.net	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com hal90007.redintelligence.net
4	fw.adsafeprotected.com	2 redirects paspor.siap-online.com
4	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	paspor.siap-online.com 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
3	pv.medialead.de	hal90007.redintelligence.net
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	5994599.fls.doubleclick.net	1 redirects 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
2	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects paspor.siap-online.com
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	ssl.google-analytics.com	paspor.siap-online.com
2	www.google.com	paspor.siap-online.com tpc.googlesyndication.com
2	padamu.siap.web.id	2 redirects
1	cdn.track.production.webgains.team	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal90007.redintelligence.net
1	img.tradedoubler.com	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
1	impfr.tradedoubler.com	1 redirects
1	track.webgains.com	36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
1	adv.office-partner.de	hal90007.redintelligence.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	paspor.siap-online.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	www.gstatic.com	www.google.com
1	ajax.googleapis.com	paspor.siap-online.com
1	files.wacana.siap.web.id	paspor.siap-online.com
1	maxcdn.bootstrapcdn.com	paspor.siap-online.com
184	52

This site contains links to these domains. Also see Links.

Domain
wacana.siap.web.id
siap-sekolah.com
30303089.siap-sekolah.com
20530032.siap-sekolah.com
blog.siap-online.com
produk.siap-online.com
www.youtube.com
peta.siap-online.com
wacana.siap-online.com
bantuan.siap-online.com
www.telkom.co.id

Subject Issuer	Validity	Valid
*.siap-online.com AlphaSSL CA - SHA256 - G4	`2023-04-14` - `2024-05-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.siap.web.id AlphaSSL CA - SHA256 - G4	`2023-04-14` - `2024-05-15`	a year	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-03-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-06-27` - `2023-09-25`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
pv.medialead.de R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M02	`2023-03-02` - `2023-09-21`	7 months	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh

This page contains 24 frames:

Primary Page: https://paspor.siap-online.com/cas/login
Frame ID: 4410A661565D424AD3DE366F2386B30B
Requests: 39 HTTP requests in this frame

Frame: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7110A9C2ED78B27E22EB4161015D8F7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paspor.siap-online.com
Frame ID: 4E11D75B94C20D0B6169ACDE6EDBD436
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7A34A823E36F114A6A1E3BC5102C425B
Requests: 1 HTTP requests in this frame

Frame: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 154260D0AEF5E2E25DEA3D24EA0B3BAF
Requests: 23 HTTP requests in this frame

Frame: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EEE0AF40CE72D72D02FB58327ACF17A
Requests: 1 HTTP requests in this frame

Frame: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B571D4421CD73D92225DB75C5C305827
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXCd57q9IadY13w_t1B5UX-TlC9pgqWk6GcIy4Ur7tlsNPm0lLf7xqHXF9gSzcw4oftbsZBKiPlZ9ufHrgpVQGdy_AeKigaYtmqJiBLSgon9a_wezW3f5NMayBWieSm8AdkDiueRwGyvTf-ZcMeglgIlftSJUPf1BgdhyVvtDUUFnEpWm8
Frame ID: 8CB978C458E6804CCF2C61D49676F428
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNW4bnXGMvo-ISaniKu8N9byhPlvDEnUZtSCFFYSCCcXMgkeycBYDn3QoS1Z6TC7fN-KKibWTrT6pVVPvErFWFjzU0ypJcgnbbnT-XtoLLjk30c7QESkZRG3gHbCQVpurz5hgAQCRpF8nh1ditpee5WfF426rq3Brpm5zg53j5kuWnXT4C8
Frame ID: 088632FF7F514291EEAA08225F50D4F8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 966648B05628BBE39149424C4AF87BB0
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYloLl7gEwAQ&v=APEucNXpKWNkQSCwQdtfBy5nvheWVJe7lEXIxc0_-u6K9u839yBA7ShoHPG281wAv4npPHqBezgOXk_ob4boZhwCo12teZxGHa_iWmR7iCb7chRKSXHvgrB82sjcFFPb08BsP0qjSEn2maNwNCm66PR4BsEwaOiOlg8AKElmNSf-6Lh2GkFNmjE
Frame ID: BD9390A935C2BB94996BF4C0D36137D0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED7CA3C87A29092BCC145AFB199F7D10
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4B2B74EAFA2EB3E6C8096E4E2E05705
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
Frame ID: 7544DAF34DDAB4A0848FF501743F2D4C
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EBDF7F0C305F8659762965495FF524BA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
Frame ID: A7EBC821AFB1962015B26902E8D6517D
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 499736E7F5004AD56E02F59167406671
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 459ECF76B20692819EAC0B895A6BA365
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=63405700042710504444994012371007&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: FE4A0AB7ADEB39E07290E48C3D40C32B
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: C6F195B9C5FE21B7560775E395F01676
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879
Frame ID: 9C1AF8A2E0176E11FB71540D57CBA42A
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Frame ID: B3E941D9745AAD5EA7A95271A1634025
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 76FC78492B8A9A3F47523C07C344CC3D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 810100F3152B4BA2D1264B4026844E64
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gerbang Komunitas SIAP Online...

Page URL History Show full URLs

https://padamu.siap.web.id/91000069120678 HTTP 302
https://padamu.siap.web.id/logout HTTP 302
https://paspor.siap-online.com/cas/logout?&service=https://padamu.siap.web.id/logout&url=https://paspor.sia... HTTP 302
https://paspor.siap-online.com/ HTTP 302
https://paspor.siap-online.com/cas HTTP 302
http://paspor.siap-online.com/cas/ HTTP 301
https://paspor.siap-online.com/cas/ HTTP 302
http://paspor.siap-online.com/cas/login HTTP 301
https://paspor.siap-online.com/cas/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

184
Requests

90 %
HTTPS

45 %
IPv6

33
Domains

52
Subdomains

50
IPs

9
Countries

2019 kB
Transfer

5291 kB
Size

24
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: http://wacana.siap.web.id/
Title: wacana lain

Search URL Search Domain Scan URL

URL: http://wacana.siap.web.id/2020/01/keren-dan-canggih-pemilihan-ketua-osis-mts-yaspi-al-falah-cibeber-gunakan-e-voting.html

Search URL Search Domain Scan URL

URL: http://wacana.siap.web.id/2018/11/contemporary-art-gallery-yang-terdapat-di-indonesia.html
Title: Contemporary Art Gallery yang Terdapat Di Indonesia

Search URL Search Domain Scan URL

URL: http://wacana.siap.web.id/2018/04/pendaftaran-cpns-lewat-sekolah-dinas-mulai-dibuka.html
Title: Pendaftaran CPNS Lewat Sekolah Dinas Mulai Dibuka

Search URL Search Domain Scan URL

URL: http://wacana.siap.web.id/2018/02/kemenag-tingkatkan-kualitas-tata-kelola-data-guru-melalui-simpatika-yang-terintegrasi.html
Title: Kemenag Tingkatkan Kualitas Tata Kelola Data Guru Melalui SIMPATIKA Yang Terintegrasi

Search URL Search Domain Scan URL

URL: http://siap-sekolah.com/
Title: berita lain

Search URL Search Domain Scan URL

URL: http://30303089.siap-sekolah.com/2020/02/22/dukung-pendataan-madrasah-yang-baik-min-4-tabalong-pasang-indihome/

Search URL Search Domain Scan URL

URL: http://30303089.siap-sekolah.com/2020/02/22/persiapan-uambk-2020-siswa-min-4-tabalong-lakukan-penilaian-harian-dengan-android-2/

Search URL Search Domain Scan URL

URL: http://30303089.siap-sekolah.com/2020/02/22/tim-pengawas-kemenag-tabalong-lakukan-penilaian-kinerja-kepala-madrasah-di-min-4-tabalong/

Search URL Search Domain Scan URL

URL: http://30303089.siap-sekolah.com/2020/02/22/senam-bersama-guru-dan-murid-min-4-tabalong/

Search URL Search Domain Scan URL

URL: http://20530032.siap-sekolah.com/2020/02/17/bentuk-apresiasi-sekolah-sdn-paberasan-i-kepada-siswa-siswi-berprestasi/

Search URL Search Domain Scan URL

URL: http://blog.siap-online.com/
Title: berita lain

Search URL Search Domain Scan URL

URL: http://blog.siap-online.com/2019/11/infografis-siap-ppdb-online-2018.html
Title: Infografis SIAP PPDB Online 2018

Search URL Search Domain Scan URL

URL: http://blog.siap-online.com/2018/12/ppdb-online-2019-kabupaten-bojonegoro-lanjut.html
Title: PPDB Online 2019 Kabupaten Bojonegoro Lanjut!

Search URL Search Domain Scan URL

URL: http://blog.siap-online.com/2016/11/ppdb-online-kabupaten-jombang-2016.html
Title: Pelatihan PPDB Online di Kabupaten Jombang

Search URL Search Domain Scan URL

URL: http://blog.siap-online.com/2016/11/ppdb-online-kab-jayapura-2016.html
Title: Tahun 2016 Ini, Kab. Jayapura SIAP PPDB Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/alasan-itu-siap-online/
Title: Apakah itu SIAP Online ?

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/7-alasan-utama-menggunakan-layanan-siap-online/
Title: Alasan Menggunakan SIAP Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/arsitektur-koneksi-siap-online/
Title: Arsitektur & Koneksi SIAP Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/cara-berlangganan-siap-online/
Title: Cara Berlangganan SIAP Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/perbandingan-dengan-produk-lain/
Title: Perbandingan dengan Produk Lain

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/pertanyaan-umum/
Title: Pertanyaan Umum (FAQ)

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/Siaponline
Title: Video SIAP Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/sekilas-siapku/
Title: SIAPKu (komunitas)

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/sekilas-siap-ppdb/
Title: SIAP PPDB Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/siap-sekolah/
Title: SIAP PADAMU NEGERI

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/sekilas-siap-web-sekolah/
Title: SIAP Web Sekolah

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/sekilas-siap-web-dinas/
Title: SIAP Web Dinas Pendidikan

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/bos/
Title: SIAP BOS

Search URL Search Domain Scan URL

URL: http://peta.siap-online.com/
Title: SIAP Peta

Search URL Search Domain Scan URL

URL: http://wacana.siap-online.com/
Title: SIAP Wacana

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/siap-mobile/
Title: SIAP Mobile

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/banksoal/
Title: SIAP Bank Soal

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/internet-pendidikan-nasional/
Title: SIAP Internet Pendidikan Nasional

Search URL Search Domain Scan URL

URL: http://bantuan.siap-online.com/
Title: Bantuan SIAP Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/ketentuan-layanan-siap-online/
Title: Ketentuan & Prasyarat Layanan

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/unduhan/
Title: Formulir Pendaftaran

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/biaya-layanan/
Title: Biaya Layanan

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/sitemap/
Title: Sitemap

Search URL Search Domain Scan URL

URL: http://www.telkom.co.id/

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/
Title: SIAP Online

Search URL Search Domain Scan URL

URL: http://produk.siap-online.com/produk/siap-online/ketentuan-layanan-siap-online/
Title: Ketentuan layanan

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://padamu.siap.web.id/91000069120678 HTTP 302
https://padamu.siap.web.id/logout HTTP 302
https://paspor.siap-online.com/cas/logout?&service=https://padamu.siap.web.id/logout&url=https://paspor.siap-online.com HTTP 302
https://paspor.siap-online.com/ HTTP 302
https://paspor.siap-online.com/cas HTTP 302
http://paspor.siap-online.com/cas/ HTTP 301
https://paspor.siap-online.com/cas/ HTTP 302
http://paspor.siap-online.com/cas/login HTTP 301
https://paspor.siap-online.com/cas/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://oajs.openx.net/esp?url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&rid=esp&cc=1

Request Chain 38

https://gum.criteo.com/sid/json?origin=publishertagids&domain=siap-online.com&sn=ChromeSyncframe&so=0&topUrl=paspor.siap-online.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=lAXEg3x4dnZWcFF4K2t1U2VVU2ZXV3Q3b2Naa1g4RGUyWWYvQXloeE1STFZ0UXZCakxIbExmUStBVmNWSlM2WFp2QitTcTgvUTFjSmlYOWJ0WnhmOXVhTFJxSmZKeklVd2VhQVBxaXJ2cnZqWUlCbk5ObEN3VVVGaWxBMjZzM20wa3ljMkJuZkRFM3M2RVBmZkUwNGZWVTlwWmRMVWlPdVgrYmhhWUo2V01IcmJLTk5qTFNKdjBnM040Nis0VTgxcjBsb2l4KzF1WTVCVXlXN1lJTDEzcGlGRzJvanlmN25KTzdsV3ZtbU9IdVV0LzEzZnhlRVJheWZKV09mUjJKZk4yMGlJbHVUTXc0NllnS1pOTHdEWEkrbGFWQ0RPTml4SVRLZC9XTVQ5OCtOVVR0az18&cppv=2

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJP6u2ouMJ5774NnT5yX5hM&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ6jztlvb-D2lgWjwTDK8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC7NdAo-4k6P0scryA7T_38&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

Request Chain 69

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ6jztlvb-D2lgWjwTDK8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1

Request Chain 71

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

Request Chain 72

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

Request Chain 73

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ6jztlvb-D2lgWjwTDK8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1

Request Chain 75

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

Request Chain 106

https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D&documentReferer=https%3A%2F%2Fpaspor.siap-online.com%2F&ancestorOrigins=https%3A%2F%2Fpaspor.siap-online.com&random=7580958202597&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D&documentReferer=https%3A%2F%2Fpaspor.siap-online.com%2F&ancestorOrigins=https%3A%2F%2Fpaspor.siap-online.com&random=7580958202597&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 112

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-5068597661936667&ias_chanId=1&ias_placementId=19422215943&bidurl=https://paspor.siap-online.com/cas/login&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0he2bvpUesPOJvIjYljE7mH&adContainerId=brand_safety_zqOeZLiyKeixx_APk5a_eA&cbFunctionName=goog_wrapCb_zqOeZLiyKeixx_APk5a_eA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpaspor.siap-online.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fpaspor.siap-online.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:5fec913e-2fe8-9e82-9970-64ab76a6acfd,c:h0RyKn,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-576fbdf94b-jtcs5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C161%7C162%7C163,idMap:151*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:23,oid:99a9043b-172a-11ee-b264-1a29e9154b36,v:19.8.422,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_zqOeZLiyKeixx_APk5a_eA&cbFunctionName=goog_wrapCb_zqOeZLiyKeixx_APk5a_eA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js

Request Chain 114

https://fw.adsafeprotected.com/rfw/st/1484042/72188329/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-5068597661936667&ias_chanId=1&ias_placementId=20254536615&bidurl=https://paspor.siap-online.com/cas/login&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ha364nLJz1d5Okuqobj-Jc&adContainerId=brand_safety_zqOeZLvAJ_3Cx_APvfqloAE&cbFunctionName=goog_wrapCb_zqOeZLvAJ_3Cx_APvfqloAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpaspor.siap-online.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpaspor.siap-online.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:568c34a1-c3fb-726b-e9a6-9d0fc0eada8f,c:h0RyL3,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-576fbdf94b-ngkt5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tIEI1Kb+11%7C12%7C13%7C141%7C142%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:99a904db-172a-11ee-9545-6a05466c167c,v:19.8.422,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_zqOeZLvAJ_3Cx_APvfqloAE&cbFunctionName=goog_wrapCb_zqOeZLvAJ_3Cx_APvfqloAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

Request Chain 150

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(63405700042710504444994012371007)830393302 HTTP 302
https://img.tradedoubler.com/images/inv.gif

Request Chain 151

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879

184 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
paspor.siap-online.com/cas/
Redirect Chain

https://padamu.siap.web.id/91000069120678
https://padamu.siap.web.id/logout
https://paspor.siap-online.com/cas/logout?&service=https://padamu.siap.web.id/logout&url=https://paspor.siap-online.com
https://paspor.siap-online.com/
https://paspor.siap-online.com/cas
http://paspor.siap-online.com/cas/
https://paspor.siap-online.com/cas/
http://paspor.siap-online.com/cas/login
https://paspor.siap-online.com/cas/login

26 KB
7 KB

265ms
265ms

Document
text/html

158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e5a524384b73d1fb8099fd189ee5f3511584bd4ba372fe99c6a1b9f7f062d41

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 30 Jun 2023 09:43:40 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 30 Jun 2023 09:43:40 GMT
Location: https://paspor.siap-online.com/cas/login
Server: nginx

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 435ms
415ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paspor.siap-online.com/
Origin: https://paspor.siap-online.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1082
cdn-cachedat: 01/05/2023 13:19:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: f64c38216e283ea1761622008a07ef07
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7df5775ffdde91fc-FRA
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 432ms
409ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Fri, 30 Jun 2023 09:43:40 GMT

GET
H/1.1 200
OK font-awesome.min.css
paspor.siap-online.com/cas/asset/css/ 23 KB
6 KB 439ms
439ms Stylesheet
text/css 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://paspor.siap-online.com/cas/asset/css/font-awesome.min.css
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"23739-1660007202000"
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200
OK media-res.css
paspor.siap-online.com/cas/asset/css/ 2 KB
952 B 438ms
437ms Stylesheet
text/css 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://paspor.siap-online.com/cas/asset/css/media-res.css
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: aa3196c4857cdd7a30e6b0b5459a909d7900b1e411fbedf0aacf107854793e17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"2284-1660007202000"
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Connection: keep-alive

GET
H/1.1 200
OK signin.css
paspor.siap-online.com/cas/themes/theme3/css/ 5 KB
2 KB 690ms
249ms Stylesheet
text/css 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://paspor.siap-online.com/cas/themes/theme3/css/signin.css
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: ce6b58e0cf16b89d3f9071f1af334add08d5e15962e5fbc78aee5f49f77722cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"5261-1660007202000"
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8
Connection: keep-alive

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
26 KB 130ms
92ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7f5f15481f2cf35cac0ddde3e3b8186ddc40ad8135d8df3656f0c04a4a25e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26195
x-xss-protection: 0
server: cafe
etag: 147 / 19538 / 31075743 / config-hash: 327100832698525116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:41 GMT

GET
H/1.1 200
OK illust-anggota.png
paspor.siap-online.com/cas/asset/img/ 13 KB
13 KB 266ms
265ms Image
image/png 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paspor.siap-online.com/cas/asset/img/illust-anggota.png
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 750327caf85d3922012f1855d227538cb4ddf4cb2f382510e36b562d848e3330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:41 GMT
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"13366-1660007202000"
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13366

GET
H/1.1 404
Not Found WhatsApp-Image-2020-01-18-at-23.13.26-e1579367220850.jpeg
files.wacana.siap.web.id/content/uploads/2020/01/ 0
0 2491ms
206ms Image
text/html 36.92.173.206
TELKOMNET-AS-AP P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.wacana.siap.web.id/content/uploads/2020/01/WhatsApp-Image-2020-01-18-at-23.13.26-e1579367220850.jpeg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 36.92.173.206 , Indonesia, ASN7713 (TELKOMNET-AS-AP PT Telekomunikasi Indonesia, ID),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK min4_indihome-2-300x169.jpeg
siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/ 15 KB
15 KB 622ms
212ms Image
image/jpeg 52.219.133.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/min4_indihome-2-300x169.jpeg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.133.39 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae7959f94301a10a4f9e2badc8af0dc38d6f625a820c5dd48e28de69e7b63704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:42 GMT
Last-Modified: Sat, 22 Feb 2020 02:36:33 GMT
Server: AmazonS3
x-amz-request-id: MP3P5X0R28HSRG1J
ETag: "8a7bc5405623696fa3dbfe311f7688a0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 15081
x-amz-id-2: 5M4ZZGPnX35ucG8FMYGX4d/Nmkbbe2MKg4oMkYAx9NKPBwIDFkxNV9NR7Obub/JkbY1/HDWNbYo=
Expires: Tue, 19 Feb 2030 02:36:32 GMT

GET
H/1.1 200
OK CBT3-300x169.jpeg
siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/ 9 KB
9 KB 631ms
216ms Image
image/jpeg 52.219.133.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/CBT3-300x169.jpeg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.133.39 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 06c1bb59625a7d88baf1946f3dea8fc47fc8488d559d160a7f71a33094c127f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Last-Modified: Sat, 22 Feb 2020 02:32:14 GMT
Server: AmazonS3
x-amz-request-id: TJATDSPZZHS5P942
ETag: "f60608da8c99cd5185e4d3567f3a7bcb"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8757
x-amz-id-2: 1mGBqf0vlgPTr+Sw+AYcrWPdXpxihf916dUOHklOicCBmLTpF1ODSNpsw7OmNUEfCJsitZlWpJA=
Expires: Tue, 19 Feb 2030 02:32:13 GMT

GET
H/1.1 200
OK pkkm_min4-1-300x139.jpeg
siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/ 12 KB
13 KB 652ms
222ms Image
image/jpeg 52.219.133.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/pkkm_min4-1-300x139.jpeg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.133.39 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f9be8fdd0f7842db504a80dda172e253f353ceb9fb1df1f3998ee281239c91de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Last-Modified: Sat, 22 Feb 2020 02:28:43 GMT
Server: AmazonS3
x-amz-request-id: TJAP9XYPC29C1GNE
ETag: "3866e26a1346c34593ecdaec1719bb30"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 12670
x-amz-id-2: YKsohRoA5+94W4qqVrYCIQn9ijqM4wygp5ZAh2GCfh0ZAcQ5zs/0PlE10gwNunEjI+fPjq2cWxo=
Expires: Tue, 19 Feb 2030 02:28:42 GMT

GET
H/1.1 200
OK Senam-Bersama-2-300x169.jpg
siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/ 19 KB
20 KB 660ms
223ms Image
image/jpeg 52.219.133.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siap-sekolah.s3-ap-southeast-1.amazonaws.com/69623/files/2020/02/Senam-Bersama-2-300x169.jpg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.133.39 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 11bf63090379bf8e5bffb600ff56bde5f834fe39bebb155ee888f30e121b4dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Last-Modified: Sat, 22 Feb 2020 02:26:15 GMT
Server: AmazonS3
x-amz-request-id: TJAYNWR3S4PHVYEX
ETag: "0b3694a8b81c5729e45742f449506c84"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 19609
x-amz-id-2: e91E+jGit80CbPrNLIt6F8koapq+UR30tGTI/gjZoioZBCX4beEpuvLa72xiI9rKu/CWsOA+88s=
Expires: Tue, 19 Feb 2030 02:26:13 GMT

GET
H/1.1 200
OK WhatsApp-Image-2020-02-17-at-08.08.47.jpeg
siap-sekolah.s3-ap-southeast-1.amazonaws.com/5195/files/2020/02/ 108 KB
109 KB 665ms
228ms Image
image/jpeg 52.219.133.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siap-sekolah.s3-ap-southeast-1.amazonaws.com/5195/files/2020/02/WhatsApp-Image-2020-02-17-at-08.08.47.jpeg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.133.39 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 15f3234ad446286076db5eb09790fc77556c885552df2fc4e1f44b0fb928c169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Last-Modified: Mon, 17 Feb 2020 02:29:58 GMT
Server: AmazonS3
x-amz-request-id: TJAZNB4TV79PEZAJ
ETag: "7dd14896ab9a56863f6a8de98d91e5a6"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 110947
x-amz-id-2: nDxLCV+CUlNpVvZmhSmU1kUThPqW4VsPTZEJQhkJdW4WZaQczDDTcVj0ex6nfEXFNFaJzflQvF4=
Expires: Thu, 14 Feb 2030 02:29:57 GMT

GET
H/1.1 200
OK by_telkom_footer_red.png
paspor.siap-online.com/cas/asset/img/ 1 KB
1 KB 251ms
249ms Image
image/png 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paspor.siap-online.com/cas/asset/img/by_telkom_footer_red.png
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: ba44447a78ecff290cafed5af0b860b48974ee09ce4677c29625ae7b560ec619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:41 GMT
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"1166-1660007202000"
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1166

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 21:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2024 21:34:21 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 431 KB
174 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paspor.siap-online.com/
Origin: https://paspor.siap-online.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:27:27 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 38ms
8ms Script
text/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 30 Jun 2023 08:51:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3102
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Fri, 30 Jun 2023 10:51:59 GMT

GET
H/1.1 200
OK illust-awan.jpg
paspor.siap-online.com/cas/themes/theme3/img/ 5 KB
5 KB 446ms
263ms Image
image/jpeg 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paspor.siap-online.com/cas/themes/theme3/img/illust-awan.jpg
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/themes/theme3/css/signin.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: 66ea546da1dad6411e89740f7c61ca450849045d436b42423e2c162b54622727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/themes/theme3/css/signin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:41 GMT
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"5291-1660007202000"
Content-Type: image/jpeg;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5291

GET
H/1.1 200
OK siap-sml.png
paspor.siap-online.com/cas/themes/theme3/img/ 733 B
985 B 464ms
248ms Image
image/png 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paspor.siap-online.com/cas/themes/theme3/img/siap-sml.png
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/themes/theme3/css/signin.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: cec4bb9b95bf32c6b48cc3b74276f22284c9be2bb12c0753f10f23e02e23dac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/cas/themes/theme3/css/signin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:41 GMT
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
ETag: W/"733-1660007202000"
Content-Type: image/png;charset=UTF-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 733

GET
H/1.1 200
OK fontawesome-webfont.woff2
paspor.siap-online.com/cas/asset/fonts/ 55 KB
56 KB 497ms
497ms Font
application/octet-stream 158.178.225.114
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://paspor.siap-online.com/cas/asset/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/asset/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.178.225.114 , Singapore, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer: https://paspor.siap-online.com/cas/asset/css/font-awesome.min.css
Origin: https://paspor.siap-online.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:41 GMT
Last-Modified: Tue, 09 Aug 2022 01:06:42 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
ETag: W/"56780-1660007202000"
Content-Length: 56780

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 37ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 13:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72437
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Jun 2024 13:36:24 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 15ms
15ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1302486585&utmhn=paspor.siap-online.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Gerbang%20Komunitas%20SIAP%20Online...&utmhid=772094860&utmr=-&utmp=%2Fcas%2Flogin&utmht=1688118221541&utmac=UA-5189762-38&utmcc=__utma%3D80962070.486454162.1688118222.1688118222.1688118222.1%3B%2B__utmz%3D80962070.1688118222.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2132605574&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 46ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paspor.siap-online.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 29ms
9ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 30 Jun 2023 09:43:41 GMT
x-content-type-options: nosniff
content-encoding: br
age: 37434
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230078-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 37ms
18ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 1WTS3PXJ3PW0DRYQ
age: 2991
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7df577653e1430d2-FRA
x-amz-id-2: b6msF3rN/zhF2drF/ZyVJ/eaOX6n6q7WjUHiW7fgtpM7i2lpEc/zln9UFz7xrVPSz52wpUIlNcU=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 2 KB
2 KB 55ms
16ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:42:25 GMT
via: 1.1 google
age: 76
x-guploader-uploadid: ADPycdtngN7AfiUdUNiWsskIT-j742jyHTVKuIcwyRc2ZtdPcpW7nKyN-f2TFymZ7mNbOQ-kUGvDjcuzyxRDaGwKHrJo6y6IFDbj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1938
last-modified: Thu, 27 Apr 2023 19:53:17 GMT
server: UploadServer
etag: "0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation: 1682625197861193
x-goog-hash: crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1938
accept-ranges: bytes
expires: Fri, 30 Jun 2023 10:42:25 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 38ms
9ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 05:20:10 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 15812
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: M1OdmswI5OminBkR6L_mbI7AZ5KoBWlSDMxegSxa5Q_YQzSTk3OLPg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 33ms
7ms Script
text/javascript 2600:9000:2250:4200:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:4200:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Fri, 30 Jun 2023 05:58:56 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 13486
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: jBS-xypYM-8AEouKhDEvrGwvOli5xZVlW-Mammq0UW8RiQCsHfINNw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 51ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 16:21:58 GMT
content-encoding: gzip
age: 926503
x-guploader-uploadid: ADPycdu0ofEeAAYzdW5Z96wZyLXgm23ax7D6-P-kRrnYYyzN40_lI7nGf6iRwNhdTCtUf4jMUk4Ic8OfTq9SQAz3Ia2XKw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 18 Jun 2024 16:21:58 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 58ms
27ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 01 Jul 2023 09:43:41 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 69 KB
22 KB 610ms
609ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=723760536486786&correlator=3609196941381893&eid=31075484%2C31075743%2C21065724&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=23169694%2Cpaspor_336x280_bottom%2CPaspor_336x280%2Cpaspor_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=336x280%2C336x280%2C728x90%7C468x60&ifi=1&adks=3987401759%2C1469940459%2C3644920350&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1688118221616&lmt=1688118221&dlt=1688118220778&idt=811&adxs=896%2C815%2C315&adys=167%2C1372%2C687&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&frm=20&vis=1&psz=970x489%7C485x655%7C970x30&msz=404x1%7C455x0%7C970x0&fws=0%2C0%2C0&ohw=0%2C0%2C0&ga_vid=486454162.1688118222&ga_sid=1688118222&ga_hid=772094860&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYqra_3ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiqtr_dkDFIAFICCGQSGQoKcHViY2lkLm9yZxiqtr_dkDFIAFICCGQSFwoIcnRiaG91c2UYqra_3ZAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKq2v92QMUgAUgIIZBIZCgp1aWRhcGkuY29tGKq2v92QMUgAUgIIZBIUCgVvcGVueBiqtr_dkDFIAFICCGQ.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45226a2bb1a55ea4984366e1e2af87ef8c7c56b381e9e72f5e5d5785e169c2bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: true
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22189
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://paspor.siap-online.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F711 6 KB
3 KB 66ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:41 GMT
expires: Sat, 29 Jun 2024 09:43:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
338 B 107ms
32ms XHR
application/json 52.48.64.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.64.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-64-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a571c41963587015cc65ac30871f03643f6b2b7baf760a6dcec49c6c3ab0fc78

Request headers

Referer: https://paspor.siap-online.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:41 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://paspor.siap-online.com
cache-control: no-cache
x-server: 10.45.21.52
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
331 B 58ms
16ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://paspor.siap-online.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://paspor.siap-online.com
date: Fri, 30 Jun 2023 09:43:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 46ms
22ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://paspor.siap-online.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://paspor.siap-online.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 30 Jun 2023 09:43:41 GMT
server: Google Frontend
vary: Origin
via: 1.1 google, 1.1 google
x-cloud-trace-context: c2d67e5485f31951833ffbe0e835cfe5

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 241 B
335 B 27ms
26ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 355cf3b8525dd8b18e615de71ee9226e347bd4975d9b76778ffaf2a43d5b8e08

Request headers

Referer: https://paspor.siap-online.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 09:43:41 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 03bd55f1c8b820161c72a0b5d2711784
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&rid=esp&cc=1

85 B
203 B

118ms
117ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&rid=esp&cc=1
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: db18e4270aec7b2f9ac1aff626500be086a7334d48d76a8592314b25cde22503

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:41 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-rI9Q3GNFycaJqATLaYDrzwxr73Q"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paspor.siap-online.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 30 Jun 2023 09:43:41 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://paspor.siap-online.com
location: /esp?url=https%3A%2F%2Fpaspor.siap-online.com%2Fcas%2Flogin&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4E11 15 KB
6 KB 48ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paspor.siap-online.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:41 GMT
server: Kestrel
server-processing-duration-in-ticks: 286727
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4E11
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=siap-online.com&sn=ChromeSyncframe&so=0&topUrl=paspor.siap-online.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=lAXEg3x4dnZWcFF4K2t1U2VVU2ZXV3Q3b2Naa1g4RGUyWWYvQXloeE1STFZ0UXZCakxIbExmUStBVmNWSlM2WFp2QitTcTgvUTFjSmlYOWJ0WnhmOXVhTFJxSmZKeklVd2VhQVBxaXJ2cnZqWUlCbk5ObEN3VVVGaWxBMj...

433 B
653 B

66ms
19ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lAXEg3x4dnZWcFF4K2t1U2VVU2ZXV3Q3b2Naa1g4RGUyWWYvQXloeE1STFZ0UXZCakxIbExmUStBVmNWSlM2WFp2QitTcTgvUTFjSmlYOWJ0WnhmOXVhTFJxSmZKeklVd2VhQVBxaXJ2cnZqWUlCbk5ObEN3VVVGaWxBMjZzM20wa3ljMkJuZkRFM3M2RVBmZkUwNGZWVTlwWmRMVWlPdVgrYmhhWUo2V01IcmJLTk5qTFNKdjBnM040Nis0VTgxcjBsb2l4KzF1WTVCVXlXN1lJTDEzcGlGRzJvanlmN25KTzdsV3ZtbU9IdVV0LzEzZnhlRVJheWZKV09mUjJKZk4yMGlJbHVUTXc0NllnS1pOTHdEWEkrbGFWQ0RPTml4SVRLZC9XTVQ5OCtOVVR0az18&cppv=2

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f70aaeb66ac07cae5c268be03e7297870a6eeadc58d208423b686fed398cb523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1304620
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=lAXEg3x4dnZWcFF4K2t1U2VVU2ZXV3Q3b2Naa1g4RGUyWWYvQXloeE1STFZ0UXZCakxIbExmUStBVmNWSlM2WFp2QitTcTgvUTFjSmlYOWJ0WnhmOXVhTFJxSmZKeklVd2VhQVBxaXJ2cnZqWUlCbk5ObEN3VVVGaWxBMjZzM20wa3ljMkJuZkRFM3M2RVBmZkUwNGZWVTlwWmRMVWlPdVgrYmhhWUo2V01IcmJLTk5qTFNKdjBnM040Nis0VTgxcjBsb2l4KzF1WTVCVXlXN1lJTDEzcGlGRzJvanlmN25KTzdsV3ZtbU9IdVV0LzEzZnhlRVJheWZKV09mUjJKZk4yMGlJbHVUTXc0NllnS1pOTHdEWEkrbGFWQ0RPTml4SVRLZC9XTVQ5OCtOVVR0az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 251293
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 7A34 0
176 B 62ms
21ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 30 Jun 2023 09:43:42 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 container.html Show response
36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1542 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:41 GMT
expires: Sat, 29 Jun 2024 09:43:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EEE 6 KB
3 KB 10ms
10ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:41 GMT
expires: Sat, 29 Jun 2024 09:43:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B571 6 KB
3 KB 12ms
11ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:41 GMT
expires: Sat, 29 Jun 2024 09:43:41 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8CB9 624 B
556 B 55ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXCd57q9IadY13w_t1B5UX-TlC9pgqWk6GcIy4Ur7tlsNPm0lLf7xqHXF9gSzcw4oftbsZBKiPlZ9ufHrgpVQGdy_AeKigaYtmqJiBLSgon9a_wezW3f5NMayBWieSm8AdkDiueRwGyvTf-ZcMeglgIlftSJUPf1BgdhyVvtDUUFnEpWm8

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:42 GMT
expires: Fri, 30 Jun 2023 09:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1542 78 KB
28 KB 199ms
152ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:42 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1542 42 B
110 B 91ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CjUKyn8Ai6sMn4go_DMXQ60TPt4dvxrZ4Hb6f-P5EOy5jmkFeSUnRoPvC2RP1CqY52cw4XbxpNxLKp-wn0C0Xb2ja2QJ3PvshM8ENrBHBjtdlO2Rs

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1542 0
56 B 90ms
44ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3818250495698807178&x=1&ct=77

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1542 3 KB
1 KB 57ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 07:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 07:44:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1542 20 KB
9 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1542 179 KB
56 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:42 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0886 624 B
503 B 52ms
51ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNW4bnXGMvo-ISaniKu8N9byhPlvDEnUZtSCFFYSCCcXMgkeycBYDn3QoS1Z6TC7fN-KKibWTrT6pVVPvErFWFjzU0ypJcgnbbnT-XtoLLjk30c7QESkZRG3gHbCQVpurz5hgAQCRpF8nh1ditpee5WfF426rq3Brpm5zg53j5kuWnXT4C8

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:42 GMT
expires: Fri, 30 Jun 2023 09:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9666 78 KB
27 KB 302ms
263ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:42 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 9666 3 KB
1 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 07:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 07:44:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 9666 20 KB
8 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9666 179 KB
56 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:42 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9666 42 B
107 B 83ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AP2RM2qc5S37fI-PnUWCGgm6ykNMJ0CFR0WQVPDZc4_TfX_ModsDl2jKr4LcLbmmjpZ4vM2uJLj079Zzrw8ddnyoHR0xRtvoEbHwRq6JOL-4LwtE0

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9666 0
349 B 81ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=889567813279079985&x=1&ct=76

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame BD93 624 B
505 B 50ms
49ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYloLl7gEwAQ&v=APEucNXpKWNkQSCwQdtfBy5nvheWVJe7lEXIxc0_-u6K9u839yBA7ShoHPG281wAv4npPHqBezgOXk_ob4boZhwCo12teZxGHa_iWmR7iCb7chRKSXHvgrB82sjcFFPb08BsP0qjSEn2maNwNCm66PR4BsEwaOiOlg8AKElmNSf-6Lh2GkFNmjE

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:42 GMT
expires: Fri, 30 Jun 2023 09:43:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B571 78 KB
27 KB 297ms
261ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:42 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B571 42 B
107 B 81ms
45ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAOfvu2oqMG2FOZAm9WvTgGLFtsmpk3iZyUbPhDHO_FIQ3k8_21v55K-cx6FgYQuxscu7KLR7WHyY8_HxUFqh5lRmhnb2HUhsJS7U70nRxEf2oflI

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B571 0
56 B 85ms
50ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13962128101455905196&x=1&ct=76

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B571 3 KB
1 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 07:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jul 2023 07:44:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame B571 20 KB
8 KB 44ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:50:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57195
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8312
x-xss-protection: 0
server: cafe
etag: 5477749917372345267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:50:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B571 179 KB
56 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:42 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJP6u2ouMJ5774NnT5yX5hM&google_cver=1

43 B
766 B

17ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJP6u2ouMJ5774NnT5yX5hM&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXCd57q9IadY13w_t1B5UX-TlC9pgqWk6GcIy4Ur7tlsNPm0lLf7xqHXF9gSzcw4oftbsZBKiPlZ9ufHrgpVQGdy_AeKigaYtmqJiBLSgon9a_wezW3f5NMayBWieSm8AdkDiueRwGyvTf-ZcMeglgIlftSJUPf1BgdhyVvtDUUFnEpWm8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJP6u2ouMJ5774NnT5yX5hM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8CB9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ6jztlvb-D2lgWjwTDK8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

43 B
766 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXCd57q9IadY13w_t1B5UX-TlC9pgqWk6GcIy4Ur7tlsNPm0lLf7xqHXF9gSzcw4oftbsZBKiPlZ9ufHrgpVQGdy_AeKigaYtmqJiBLSgon9a_wezW3f5NMayBWieSm8AdkDiueRwGyvTf-ZcMeglgIlftSJUPf1BgdhyVvtDUUFnEpWm8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8CB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC7NdAo-4k6P0scryA7T_38&google_cver=1

43 B
1 KB

15ms
15ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC7NdAo-4k6P0scryA7T_38&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNXCd57q9IadY13w_t1B5UX-TlC9pgqWk6GcIy4Ur7tlsNPm0lLf7xqHXF9gSzcw4oftbsZBKiPlZ9ufHrgpVQGdy_AeKigaYtmqJiBLSgon9a_wezW3f5NMayBWieSm8AdkDiueRwGyvTf-ZcMeglgIlftSJUPf1BgdhyVvtDUUFnEpWm8

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
AN-X-Request-Uuid: f468b94e-4b31-454a-a7e6-cb0add613cbe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC7NdAo-4k6P0scryA7T_38&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CB9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 09:43:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 445d96fe-275f-4e24-b5a7-c945975cbb23
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0886
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

43 B
632 B

18ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNW4bnXGMvo-ISaniKu8N9byhPlvDEnUZtSCFFYSCCcXMgkeycBYDn3QoS1Z6TC7fN-KKibWTrT6pVVPvErFWFjzU0ypJcgnbbnT-XtoLLjk30c7QESkZRG3gHbCQVpurz5hgAQCRpF8nh1ditpee5WfF426rq3Brpm5zg53j5kuWnXT4C8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 0886
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ6jztlvb-D2lgWjwTDK8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

43 B
632 B

11ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNW4bnXGMvo-ISaniKu8N9byhPlvDEnUZtSCFFYSCCcXMgkeycBYDn3QoS1Z6TC7fN-KKibWTrT6pVVPvErFWFjzU0ypJcgnbbnT-XtoLLjk30c7QESkZRG3gHbCQVpurz5hgAQCRpF8nh1ditpee5WfF426rq3Brpm5zg53j5kuWnXT4C8
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0886
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1

43 B
1 KB

43ms
16ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-O_NxQEwAQ&v=APEucNW4bnXGMvo-ISaniKu8N9byhPlvDEnUZtSCFFYSCCcXMgkeycBYDn3QoS1Z6TC7fN-KKibWTrT6pVVPvErFWFjzU0ypJcgnbbnT-XtoLLjk30c7QESkZRG3gHbCQVpurz5hgAQCRpF8nh1ditpee5WfF426rq3Brpm5zg53j5kuWnXT4C8

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
AN-X-Request-Uuid: 344e756e-8fb1-4180-8f6c-0d99b822961a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0886
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

170 B
243 B

29ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 09:43:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 86e5d809-a4d1-42b4-bbb2-594c2cba4f28
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BD93
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

43 B
632 B

18ms
11ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYloLl7gEwAQ&v=APEucNXpKWNkQSCwQdtfBy5nvheWVJe7lEXIxc0_-u6K9u839yBA7ShoHPG281wAv4npPHqBezgOXk_ob4boZhwCo12teZxGHa_iWmR7iCb7chRKSXHvgrB82sjcFFPb08BsP0qjSEn2maNwNCm66PR4BsEwaOiOlg8AKElmNSf-6Lh2GkFNmjE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BD93
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZJ6jztlvb-D2lgWjwTDK8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1

43 B
632 B

9ms
9ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYloLl7gEwAQ&v=APEucNXpKWNkQSCwQdtfBy5nvheWVJe7lEXIxc0_-u6K9u839yBA7ShoHPG281wAv4npPHqBezgOXk_ob4boZhwCo12teZxGHa_iWmR7iCb7chRKSXHvgrB82sjcFFPb08BsP0qjSEn2maNwNCm66PR4BsEwaOiOlg8AKElmNSf-6Lh2GkFNmjE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKPxeG-bc-l-cjh4PuzJOks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame BD93
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1

43 B
1 KB

42ms
15ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYloLl7gEwAQ&v=APEucNXpKWNkQSCwQdtfBy5nvheWVJe7lEXIxc0_-u6K9u839yBA7ShoHPG281wAv4npPHqBezgOXk_ob4boZhwCo12teZxGHa_iWmR7iCb7chRKSXHvgrB82sjcFFPb08BsP0qjSEn2maNwNCm66PR4BsEwaOiOlg8AKElmNSf-6Lh2GkFNmjE

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:42 GMT
AN-X-Request-Uuid: 19bae7e7-deb8-4c56-bbaf-22c685e3b510
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED2gkAH0DS8wcehMyRfl11s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD93
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jun 2023 09:43:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 66d9933b-9461-4fbb-bf31-355e66a9d221
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxMzk3NDE2Mzk2NzY1MTQ5Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1542 0
56 B 43ms
43ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4771633690432&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1542 0
56 B 44ms
44ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4771633690432&version=m202301230201&ct=77&x=1&cor=3818250495698807300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1542 15 KB
11 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwvLjZb5wEblvRYk5kYxPgDKuiZXHJL-TpdWqdPLWh48I8oxG8sMLmKwEYqmIdClABMiDLZTzF7NcVO1sU5tbS0ep4TWLYUHTaRooLr4cUzg4Wig9YI2WBNwx1W6mKsD-SRATcg9d7So01rX764NrWS2NzS8Gr21sPIJ4cY4J4OObt4mI&cry=1&dbm_d=AKAmf-Br7DZQhBstqgTQJMsJaAq2R0mX_BT5ffXyIznrW-uChitEQn5Koc_yLMpMpH6Hzvc_pQ1HJZwxrOfKpEJLk74ZSnv3aSB_YgUzhT1AhEOX9A2ha22lAlN3xzWlOKfVPb0S5mGJrFuixibBXV8mazz6mbOgHGlV0_64Iy4FVt96QfKLjxSFIGRImr0IUj3AS_o8l2TcFXJT30wb1piDw2s-M9VvgFYHt640vI9I3SUwhtsqId0_Hw46T4DpSvoZbIpyZ8GdZ6qqtf9OlURVmNB_TpJqUVvjkapARUtLIZM1hamF8nZ9_y6rCeOzlIesLJLtGFw9GLpfStcJ7kgzERglm6xyt4f0soZ-3t_AQJgB92Co8J9l7bJyvJYn6vFgalwZ_5K_FLqZZtUTmnoSl80EKFbuKRtRlBNVHci02Allp4kzCy3SZnrrZ5BpY1eD27UDX-q_r-uEZ4qT9NH8BOW_8TAFzpqRMU4xgoiqVI_ZRKSpSpVltTmVCBP4zUThj9bSoE43Oj6X3JZ_FOQcqUFNqNI08RXXbth6yRlb3st47Ck2sf0vV89bQiIcs3Q5fFRavwaSGo_Juon7GLFFi4YJIQQSaw4g14chzuqdmVtAX7j6ZtzTUsU5IIAkHHJSn94vd1UlP1bVdupTDbVLQRA1p7fW8yElLqhxWgoMqA2Dt1_bt9SfH6RKdTrLUQxeSyjKjf5z-itqhJC4H8ABMvLbjuridJJc8Q7LRMWyy6XGoHmmPHSWTiDHFHJSa23tFtBtBJrvPyYyGD7ftpuPbnqjcObp8jnuio0rovu_aoIFi6dnomNYmYm2L6COVShjTtt69ldvU9nsxaJt_YWKvVGr9tzJf2dGpaEfatvWfANtERV27-ZYiOqJjMCScZrjF7fE2iKYTJNW0pPGYSPfmredvOGNQCqgPgnFF7nOlsy7AxPpnUlwY5i0uxzhKUB_bVZksaOswN9Q9sMBNDnGPbeBhmwttPUXP19shUCMughR4_HE67e4xVQ_Nrv-FRUVfBKBPB-O2y639ZksEvnF6cJPdztgp2vim0MHzuosDrUkWH99uj4p5w9lGBjd5dOzZf2piOD__UZQxncO7HTT42wdaKmKw1rM8NeGlV2PzWjUPuwHGA2kfWnOJ7lWCwXppf9OsRGhemcstUh0vGsC80scNFWfJBPrUo8ffB7-Tp1-hgntXWZuAVn5KMFCbXNF2yRz1ieaKtmVgb3_ArLzynwqHz6TbNKP83-d-M2L4DKFEHB1YHqIWFgVdl_SjU3K3rZGSJT4aFlZYie26UvLFZWi_HCtxG186P-i20qUS5EoTxsSM3PvqA11UzWd5ANJCCSy1_uBPTy2C5bcRSwQ5NrJdVTsALudeCp7CpyK7_QnLfgffqfKZfDLFy4S_vJ9et7cN5uGSmdumoxKVQ-2mb3RnXyt2rjjjizx4cEuIHhuk-7cWlqn0tcHqkpFM37DCet_muIZegK_XqCPWhxJyDCTwFogsW6VNc6IFpwM6eeNZZn2PIQpsV34zX7aNyPihF3ika3RwDRSZiCwFMnh_yiWP9FQ-VBWCwvN2CWNr0F9QxCjc1xxGetF8uCctUwgiAcqOPJybIAZ9M6X8T3l29IJXKiRn5BHYKBGdmU6TA0LsfsFLzV15b6_8LzkoOHSDV1gTCN3e3EnkNwU2ioP9o_q2bos7-x7RdD5lwf2AQBaR4bJonTPFdfmFiI46SbZcXs_dVzVq6QxtVEGPes9piyNFDLYgXuInzKI8jb1_8qEKnggjAAuER__Ykm0UyZJwkWAL081O70xtuKptz2VESqRGPZtU130FPmqdByErTesoobJ7rmDPs8A2zHSyaUn_gUF_wX39Z1wSgGHRTKx7Tic34fR8W7vefb_A7bM06hca49J5d21RxVEqjYmvbVez3PAqf8GGyGsvZ-P_uEj6058ugp6dqBZRqbKqyIbkZUuWmJL3ouuYkj38xd4stKXOagQWmC8paC6Uwn0gjROSjeZ_1PCnvKHOaCATvv_ySgQTabmAmrX9ymlTwIWvmz3ZVqeslFfD77w5D0qCQJrajlra5clQQyWNtl1bEZQDZhvHcacgY_eAbDMHbJaQtE6omsLSxVW8chBP2eIpze7rMjpOu757gLFYu6CUSXLrEetVWRs3BZSI9d3LeHi5fUj7etutMLljOFRUoQyRY9DW2CH5_S0j3Y2217l00s71y4PZssom1jRlLcr2RPq9JJ-4rv9sbPr9D1zAUOfVZcZPKBMwi6XhsVT2aPl8TgM38u2zjooyux7Z0vf-uusuYn52ZDIjfPep0NfcWwP7BuFjxyhCWgszdZEPndmjdk0wusjNKEwLxHn0JfNXtffhEjW0IzpVlqKizBTddhMYfspRKvNIB5WlTUS2XH3adxhM26WvESl7-nqIAuLmITA6J6Pdb6LseqBwxY8PPAQ9ZayK87YyKfXDdCUB5qm21u77ASZovy4mZYfranX4JcOAAAZRaQ8EmLsZp8hXAAgvivd2dHHwJvoXYAv92Dnwa03I5CKvBfyWnYSHIaDjxVo51UsbILg8bVMNqKMX3OI7Xfi48hCHKnC80qSm7ao6NsqznMqETFQENYM2vxubflj7ysH6B0XGYYvflDk5q8BCyde-MXXpVzm6Ajidkf-Ofl3xQSJf3WUtVUywMtglpgRjJzs1hTwsU7UTBatYWQIn0S5aYEl89BV2V3MnL9UoOaczTLHVFvn4Klws2GLa9q1KOfohXqsARVJMK0QEGAW9iiPtsk191XvpdPY_hXwDztDmtYyTwokqbgJg9ifpsoR1JzM6IEBlqq1WS2avR-HmTHxQmotybSNZsShyFV2UHO8TkL4jca3oyBWYuPdxf0fJgcfxHs-sz32u_QSdaiiZkpedPdG36AKZ5kJfAtEGiiT6MzVzqwqz-DEI6cspFyv1HhKv0KRVpq0upqn57O9PcRAyx00r3qYIf0fY9O-u8xperPZd_6c-g27cw7hW8UQquvgMLpVxXNMbhlLzkTKM-mDn1F5hon9FZdaAytYiRf5fZ1L4TyfoqcA5OjMewXxmyljqxQWzrriZn1lNlWaDZ86pOt5Ky9wWIODE3xtemj1SKqYD0jX4TyYPPkMebVjmlhLaTkP6iH1LDfxfjP5GtHcrROCIRW7Blp0RoPJdMaU49zIF0S7-MfoTbXk0GmrvyI6fGqf4_t8-RczAmoPZN6XV39-oUs_CVksvMBJ2rhv3KHhKRW_pDvG9UFwXAayo0Bj6BG6BJ1MZX01A2fB_Ydf-PnlVvMXQslrGD-l6o3p6NeFDRpg60OEUQhxUkrgfjnE-wRTeuNf2EefCZrI6mKR2INpnWbsm4c1K95nmVo_vlFuhf_rxc1FNY-UzHO2V-6EHzGEgzqqK4wlIhdTnWNLZrCPAPXpxOVJCB_rqYRI2WPXuvR1h2HWiWC9BIWmBtVvdk9ERNxLpAu6rlm-pvFCG2szqcw2camsB53zULlk15pl9NdoD937JPXLqkSOSWK5PdzJQssyCPE0xAUf2yrmiQlGsvKMElEwV-kXaj2TuYbZMaQiwSw4kFTDQUTn-RyKIkRFhZfIC6ZMdGYxSEYbywWdQyLO-UkG7kmxplmKJpPcz4zgh36kw9KL_gf9v1CXLB5ETgVJhYDnqHGiJdeYOT0SUTrdMJZQZv7csZ0p9EYwL9DTw3ncUEc5El36nnqrLCng93mL&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaspor.siap-online.com%2F&ds=l&xdt=1&iif=1&cor=3818250495698807300&adk=250412560&idt=208&cac=0&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca768b18dac3782735460183fd7f60e050a6dae5aa1736ac30ca4e0a27dcf175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B571 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1679797518013&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B571 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1679797518013&version=m202301230201&ct=76&x=1&cor=13962128101455905000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B571 102 KB
39 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEh-zicDpV2CrtA_7Vre_RNJZ7I4ji97nSpoepnP8lRbqWoXzcMrvN08KeyXE4lK06LgMiJj9DN-z4hgKiCugiMvMazKtJZT51I0xbojyI_bU8g1LSK7xm-TZghawDKYpai7tVqc8Fss9t6Z4pM-F8TwvtErsjh21Gwno5MotGQZGdoW8&dbm_d=AKAmf-C6iyaNARto4SXHuhsMwhGqhtjKrhzIPUjMnc0z8JZ-M2965FwJC2UVdOBmxIPEYI0f2oiunYwMol2q5qHHaimWl2-1oXZGnTV0tDGqjKsPnShLMrFViqcLH99BUkECHh6bkFp9e3Ap3FxKN4RojAZXD-p8gBIuVZWTghrm0i7uieQaY07pfokrD66dVQ8dyh3s5Q7YIIhck81x7YM-BBmA7IedHdN-m-LFOtR9y5Sa0NsW-H1HpIuD3cF1Exohmq_6zoi2CMKkK5Ng7fC64jkDTk-wVTYA7vFi3lJqgUwgeSaa8eTgmyFzC96vgl94ERdRCT02CN72GbSg2i8lCLqiUzUcCfAbIpHU15P0Ex0KiPJ4lrr-OTlsGcq8EXoCDUXFvgyqED392muXv261Ey0ScTw-APSxhIgoVVMpKJwGWYE5sxzXidOaMLD22qxBhz6EGWfl81Hbluoph9KetKMkkN8kfhC0g_2WqOA6tyVahNMKVz1Y0uuqpp70zMRJlDkyJ35TWlaa5-bNbWck69OfFNxmT0o-RTkm3y9GLgXu_hXJGeKw-3UTI52xoTa0xwE8z2zXsnq64eG2l3k-8cykSjiXKr2pDJSX6xEq2cbwTEIZkqJgqKxwUsfYvTd3W62ij2o0k4f2-6O2irIq9WDM6SWgVvuZCLadgaF-eeFnhe0EkY8LOPfa_T9gYuKQH6MzXvFKY3x1R0msgd-8GRPZLXhBceU3PRsQqb1hEHaqxTJaPt5RdPMa_Lz4E_lsr36IVkuS7b1vPHwyc77XrZ33pVJzO6rKWGYZemiR1Rev9Ti60BzqHbgw9DsQSpb-wAYewwOsAsk0VOetTcDbY8-wgFhogg6yUIiELzzECkGrY_RuMi6arUDbH1Q4HJU9NRx6DCMkWbcufbjhf4-FrtnV5Tf8mb9DZaqHKXptW5dgUzglEvv6CVleANBOVhweCbncUSmRHtPBQ_KFG31SwVK_sOhGWpflGrAvAOGKg8wkFVc9hJ6zazHSf2IFBsLNJd-JmlJIwHxLEqB__cnGp3SYNsygjKftkFr7WnGTuAJK8XTZqsasVhwhiw2_SdYPL8eXjHyAAckjU6C1iJ80Qak7h28y5rJDNaTTv5u1y7cLXdpVDgRAB988OhjsxzzXq5U6Nuht4XFYFvA5m2m01-cPaQVSD_tkf8nLjU-zqe04Tg4vSdIIwufGiv-fLU6JCwIphfWKatNR6Nl8pWhtsvXByetsKJok7cmjidwfttv16DOhTi8VVHQEUuZynT0M_FnRRhNWkYY19By5NVy9YCGe4_VTYIRvQrIyTWUwZPdZafi0gUiE7zZsgaosjChQOYrR3pYXaH3j3l9HReM3mlvPnXVCQsselcPUEkuuNUsUyY5tnQp1GbE1flGvfIGjTCPlrR431SGgPzi4arugfxbXeMvEh5KLSCdwYVdBbxERVIHLjUKBhUGyTdGPOzyj-VIKVaoh5uEZUbeCe0ihKN1Tdowrji5Hmif9VD1qdxFN8KnqDvGUTdZSMIeVwlq9EWgX1OArLS-rB9vQlyEpfsNsKi5rouJRBIEipHz48cEB-LnVrWOMwPCjBHIze9eRIBIxsCB1QqYkTXoX5FuteH5ZSwxzXWWkk4uwLo5ebZmpO_gE2qXbFJus9oGPneYL4UpGYTfdzg_8cIPvBrvNJQC5m_tgy3nCYTJ4jN3b7wrmn9Xk89eKhR8eUGDAnUQSTXo-ELl9TQhl3Cst9_6bkFNyXRVE1Ti6UofFg5JxwDsFJsoFxSZngpFlWcFq0yGHK6ZURas2YIj8LiMJhhT3HBr7Um6GnV2eArxUobmxdoImvnhYy5vq2Pn2RgGXSEZXOIgxRRdg3vKEOclrkbv0m6-7JMsh8b-lWZXwesOfzuF5RFGTX1KDpWRYggLNVTYj78WkVYI0z2oKqMrkK3qSAyFffimUlaJgohulr0yCf91AEtyl_1MjRJZyS_kAcvBTAUWzf7bsqd1xXHS0nqfihq-yeLi_T0mqDxFCzTfPtz2yX-Q0ioJ8h4LNPAfrj-5PPWt2qIsNUCVho0efk4Z4Hn_43A0OHxipQ8-43Bw9nTGqFOJ6C5qC4T8iQTS8mufClN45bMTuy8f7RgwRZyg2m4uj_-A0ZpS7O-LXK-0sz5Bl8nQlQ5BVPAtAzylTtx5Yv6hMn8D_KG1GAQi5RQwWylaZlVlMEBmCzIHiOJ8zfYz1orZ-2hq0OyUMVSOO7NEV0ek_EPhvLiaOZKQJHfkdpGKtwm_tYTzqIYUjXSY5zM9KcEsosPvt5pPXUrrFQDWSdESlO1FjcInxr4l8_HJNV-Ip1SBwTKOI341-Z2h1ujXMm_jYoDRaa0qSYAWcv5OWElXCIkDtUzundRHaqJqOpC-6JiH71ryeo_lhE6Ei9VrQYjR2_vCo7WP9k8vdNtfX9gABtIF-EHj_-b-smlykWJmfyAwwgpSBaV6GQNEXNPb-CT1ffHeOV-oTJhkJrqt8HbQVn5S97Clwn9AGex9f9zeFQPGuaN3xoGsp5NyHaoTA0vnRVAWxr5cX9aI8Jz84rcgROBa0ibF0ongVhIKlhxm2aOxvwMoPelC8ne-RnTVz1rkdwqxuZtYkHr5WNkEW5mRLda0Hz9G2kUvT6vL9KSM4qS3eqnORwb8ia6iX2hlGWjLvpneAUy_FXncdJGzEWXD7n5O2O4eWQvZ7TjMOUj4i-ZKqlBZdpdgtECytW3SP0tfVU-Fsad7qdXlCOjhH2GOsHOmkTGzZ2yJwEWF96wFGicW5N7OBA6PzHl5rSdPz6TsFTfEauLBnTPCGNIiXEnMZiIbhMJplB53XzwOMHpE3-4X-siVPV9lT9Cr3yBSnmWCZ7Q8H9IwW8fclNC9mSO-QxS6gK39u5e6F3TR0GRJvjOJMS_xWxBlKCpRtelIytj9WHxDPHNHBKnSm-HdsMxCd6Kkkv4UFL5-hlS1WdsZVhx0ysr4Bf22vZoS_wZAjQKQox6MYptk4aU34CNrkRN079F-b5W6XsqxfjbayRboNUMlhbeJ1oww8Ws_MP3ok_Lmc9nUOHrDH0YrJqMLtzkeIpamWRx3Bcbbl_i8cPIf24YhH_P4PHo-KqWGMRJ5kbevk_l_BvKRr0ZSpZX11AZ0B_2BN9ScvraP8tC-Q9EoLxxAUgq-NwNKqF4REt_LYcwlOB5lXi6iM893FJHEEVXnNod6b3C2DiNrUQB2-reqRm6aWlZNVBwIgHOr80EyMxWoW8-ih0T9TQmVoMw_XmfFZ_-kdxYlnOfsuXgAB9pRq_m3x5V3K7CQmY71_qRp5h2BybP1m8oYGUKTY4xHbDYdQRp1cyspVGRrj5Cf7cfCQgB0u9VkaxxdC-TuTSsppyWBZRB1IVUYimqUqnqmygaOqV_elT9HYdr5lBCxS0yG4lC-9oWkPeB9JWZPDTSjT4Jnbc6VHWDHiQ4OkoHvJwcUt_7KFmo7AKqNh5ehL-UKzQrvq1fl88hTw6k8PDqmPX-llX8O96y1UuLLHdATqMFiFYvvfYOnJWWanxa7q6rZ8SFJIkg&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaspor.siap-online.com%2F&ds=l&xdt=1&iif=1&cor=13962128101455905000&adk=2228999115&idt=305&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e52056417e27cda492afbc30cde6b7877e50153188bfdb20d776b033ca5cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39750
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9666 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7395034308727&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9666 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7395034308727&version=m202301230201&ct=76&x=1&cor=889567813279080000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9666 102 KB
39 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_zB7jaPQKzKNnnJgsNXh_4kndrAyMdRKxE3mj9Z5dLf-QfvMX3IDiF88G6xde30OBzL80Vk9d8UHgXrmpxZ-wqQ0D1qHE-ORTWILBXGRRbAE5_GiQVwddij0-7NpUdI4SwMA5pV1Ip7dxdGLsIZSX6AFwh4smHqcsqC0qLg7c7n3HwVE&dbm_d=AKAmf-Dimvfn-eTseuFvbQfPq9IjpPXb8WXsbOFAGNGEF9JK8sDMuABScP3L4q9eAc5rViYnWE0Ex95LE996gVDIXg_LOHutqRWuFqE_Qhq4kAPnhntCPYj8t4mHD4_Xr0ySvm82TKRfYpOhCUZ7yDwZSd2NYoCNU9zGwq-8ctmm26pXi_4PsikXH6OL7zZosYyi0Jk_BdjcGuSYSy_fGW9Erw_hbBUuM92oGSchTSB6sHc8MDYnJDwQyxvi7ss53JNmwnSZf18Fr059vmNz9DZwanhsgfdhhb261CiSn2bpVVFjuCu1qVRb2A2tMdzk3UDQ5jqp8Bi8wThbjvrIIuY0tkVyFQJMNfKDtWDiveXRZcjcMtDFlq6FPksLLGr1tIej9RoiF8StoUuWVWL5JMo5i6yMkhri1i0fr8wm4t6yFFvAo-eoa7J3eEKIfWI8Dsk-NomsxA6JT6hOvEUUw1oqgZVmq6BnZzs4cus9aJ_VxOXo1VCW2BcrXURkJtsHikwG7_C_0_X19DwgflLNM9y_nO0yErEALTp82fppJgHULSZAaqPSShmiAvh5cgMzDAqbxePMhRsIVAB0kmnFIJ5s6MUEBPDBi1SNVbERrorhAQE3XNu8x99LGi8Rk1zMCwaGc3SmnbpRB20YrqEeshjBI5Gre8X3rCYvNdQv91drEbYtA69OhXecAMr9zxx1riUCeLsSnWGxxoJ4WPOdeS6wjbA7R9T23fP3lTUf1Q5HnPDvKTqe2tw1htms5veiCUHs7dWXdWfX4rEuMJbPZUlEReo1-nv8LJM34sB7Yuf1akfdYT8z9KlatqwJcG4Fz5VBas5vXZFxpIyUhPclZFGd89vKI36eMzKms0TW3mJimbSodE0CEWUhaGQ8CdW0Ain46scelCDiude0R2Gq3WvB8h0OZUCvuZi2iZGAoYLjfuOJZga3XXMwXAAPYg7pGEwWEQqip-FrpA2TcNYZwi6ymRl-V-nbci4Zz6qArUuVJnoRbSOvk3cBJn-nEs_zDZb0p5J_YWaNL_x-NbCpbvrvIVCiGcQ2PgCVam5yxdWku_kpVl_BRNP3rypB8i8ZtJbXjPi-RRTNVwh0o2st_p-J4SDcym02lbKBA8xvKHIPd5Lje8Jcq5JmKIQX3JC2lZTWrty8bDeiGTxbzNEQvQ6t3K5jO83pV1I10sNJRQuzwyUVmhF6nnfKCod0OWpCmUDFJHP4aHIA1tyWnEfyE6-5_isiCQ-a-4RuSfobDFYAew8AICImr09rQqZAmoekcpyzqYSkSfeR7rG0SAxReP56dlH6b54DQsFQxEtPj1LkCUOxkV-rZUpsUEBdqTAbYjSff00Vmb8LUSUbvC6JaSxTWhKwEGwnzuxd7PczCMNxqaFTfRE10HHNnzdDt7_bxW-hsCubdxpLdOl3huvm5Lwlj0HXOYClIDs_vFv0gzzgkASKyyxaAn3Y8NsnnLxbz2wMk1nfxoR0D5qz3ebv3O5yp65F7u8ctzi804Av0JBlZiSJ7oSdqIxWWGQk3ZovB-ZWAXckNdaI6CPEQTRwvjkoRnw25wIvPGHWDiogkmEQWfY5ouIve5M9QUzZIS6auGV0KfZ4ndYffNG8DBQP50mjkj_8sd7c3v4UsVY_weplq_ASuB600CaCE4IeXrPerJGWDmeKJtAGhrdSzyazDDCJ0LIdtsCKF4YZ51T8lZ4Hk-mkjfbRjj-6y6HxF18xCxSy3KiV5hBolhZ-yPPPP02t5iew7i6zeFOuJJyI51EuR513SkZhf3p4DnTv2I-LZ7fwDiU8EFpeshvHxFSp6pceE2dZypD6xmPg1dnqGmtfx_IALffHVsMRlk4AmVVKo3GJ6ervlKV37l4pLu969zCsiIhnI6PFGbKIJ9SYhjFYws3cRQG2at53-yjeiDlA3TUWuFMz3TLD24DaCYF4Vmt7-KGzxkStA-AA0jmC3e6tohUzAg1bC77ssoNUY221HytCN1ENu21JxLXIudlOhfv55mEM_GMwXIfiECHwj89a1JFCn275MJouZTSM17YhTW8so-uQRODpcijvPVcutENFgm2_e2gYkiufNm-HG6CYIGg55wyIEyZ_6G155NQWja7aOLCpljs9oZ4SjHStNnn3E0RpLXfpBr_vuPoh02-r9pHUpSOa2kNne12kNb0zhkK0-qsvL6gnfR_kFW-6DyE2a4dhwwidXmgeZuSgbfuoe7JYvQyQe300k8U946ArAQ9OBTnUDSRTz1ysCyu3T8WAWA4CVlJIBAKQ27FkQAcazsWwvujUBaDwwakIyDINQ68IPBPGE6m4_umFX0L4eHhuI-YCe81a4X9hsSFRGRbtp33nrRIahHWjzDdd-s34mKupPVgp_Muso0WberXR3bCZTaxJkQ3FkFaoIbf-sag4DnI55lMGwfiEZ90CbL10PA-41UjZdxD1_rFMjbtSzoH20usXBcTjEmRsD2naLCsvNycR31aYhN6S34tfG617WTKkqP2KmMWdHUtZWRRejgwgHJIA8rTDpq9f3EmyyM6rhrXIYMT2kULrX8BGV4B1bz7Yzk_trCvBftAtiI9x-gpTvzVMujsewAyww0bfPmmDwXBpwLZQ7m4L5Wx8fjTDC-kcpQiHWvK2TvvIEfrQ2b7cjyMIsnrsZXt243Z6fz4a7qoF_Da6ZcSQEPRINdq9Otx_GcXZEcN1K2BGLtYcUaU0aVjCtZuAtbV-T_GfqWKPGzVYIl7tjSOlW5Rzij6a8_ao_EVpKZhPcvmI327B9-aGKufzfR0oOLIT1TIwu1URClP_8pAvdedniW3MvFlUSn7TYZcrv5VGb7siw8TXKNq_0NSKH_-M9NQ6seZTIyCwImzZeRnzb8DY1JYFAkbbM3LEDjDXrs0gxBwh2Lqr7oFqdg11ZQ2fo3pirbjsHvzRfsrMhn0JddMGdMWN522v8eLpQpDlZULCkXASYJwoQBrayuv2ntdpxASUEouEu4JmZB87p61gfHZ7pp3_DgrG2BKpP4U8VpiD8Z3NK3wT5avgwPDE0UEGS7yLeGFUk1uYHBzgXzfdX4Qo9RMF5TNpSpb2U5E_rlT2X32b2MjtB7aAU8wsfHOrZ2y-rlNi7BnB1zmUDR6CYh_eZ40_8vWUkXQrpkip2LEDsVETqYQ73lKqWmnIEsetPS4l3u9QDURHH69SxHoXcZOkxdDiUzHDBHdkwqmtf9kSnLSTqVs9biYm_gFu__rzWUgjr-JgFKqmkFp_Qu1cTmIcw9rw3kLsL7RcfxmiZ2yRzO9nVYLdo4Ed0nxxw9jKScQaA0XJTZzTIrJTHRHqKrg4B5JXz9iKE_P_jB9ozaQmYbhrZdkLZP9Ou3PxTZvnIe7pUoc5G8C5IchDNT6sYgk_XfiVNLSlg9ZzXa879SfqepB-T3H9TEt7KKAFRT6NbxiiCVXg1o_DbusFWeHB6GSWKGOoFB5eTm_QzBYvnpJCRHkmnyF8pTDQW3eJKHd5LiPaILyQLmtsJ5eSisV2x2p403nF0Qi8MnIZOwaSmQbS7AvNOgOglgDbHKD--261dQ&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaspor.siap-online.com%2F&ds=l&xdt=1&iif=1&cor=889567813279080000&adk=1761367587&idt=333&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35b21520d8731d44c9f6f53f5338711e8c3aff2e21250d8375531709feac83ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39921
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1542 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwvLjZb5wEblvRYk5kYxPgDKuiZXHJL-TpdWqdPLWh48I8oxG8sMLmKwEYqmIdClABMiDLZTzF7NcVO1sU5tbS0ep4TWLYUHTaRooLr4cUzg4Wig9YI2WBNwx1W6mKsD-SRATcg9d7So01rX764NrWS2NzS8Gr21sPIJ4cY4J4OObt4mI&cry=1&dbm_d=AKAmf-Br7DZQhBstqgTQJMsJaAq2R0mX_BT5ffXyIznrW-uChitEQn5Koc_yLMpMpH6Hzvc_pQ1HJZwxrOfKpEJLk74ZSnv3aSB_YgUzhT1AhEOX9A2ha22lAlN3xzWlOKfVPb0S5mGJrFuixibBXV8mazz6mbOgHGlV0_64Iy4FVt96QfKLjxSFIGRImr0IUj3AS_o8l2TcFXJT30wb1piDw2s-M9VvgFYHt640vI9I3SUwhtsqId0_Hw46T4DpSvoZbIpyZ8GdZ6qqtf9OlURVmNB_TpJqUVvjkapARUtLIZM1hamF8nZ9_y6rCeOzlIesLJLtGFw9GLpfStcJ7kgzERglm6xyt4f0soZ-3t_AQJgB92Co8J9l7bJyvJYn6vFgalwZ_5K_FLqZZtUTmnoSl80EKFbuKRtRlBNVHci02Allp4kzCy3SZnrrZ5BpY1eD27UDX-q_r-uEZ4qT9NH8BOW_8TAFzpqRMU4xgoiqVI_ZRKSpSpVltTmVCBP4zUThj9bSoE43Oj6X3JZ_FOQcqUFNqNI08RXXbth6yRlb3st47Ck2sf0vV89bQiIcs3Q5fFRavwaSGo_Juon7GLFFi4YJIQQSaw4g14chzuqdmVtAX7j6ZtzTUsU5IIAkHHJSn94vd1UlP1bVdupTDbVLQRA1p7fW8yElLqhxWgoMqA2Dt1_bt9SfH6RKdTrLUQxeSyjKjf5z-itqhJC4H8ABMvLbjuridJJc8Q7LRMWyy6XGoHmmPHSWTiDHFHJSa23tFtBtBJrvPyYyGD7ftpuPbnqjcObp8jnuio0rovu_aoIFi6dnomNYmYm2L6COVShjTtt69ldvU9nsxaJt_YWKvVGr9tzJf2dGpaEfatvWfANtERV27-ZYiOqJjMCScZrjF7fE2iKYTJNW0pPGYSPfmredvOGNQCqgPgnFF7nOlsy7AxPpnUlwY5i0uxzhKUB_bVZksaOswN9Q9sMBNDnGPbeBhmwttPUXP19shUCMughR4_HE67e4xVQ_Nrv-FRUVfBKBPB-O2y639ZksEvnF6cJPdztgp2vim0MHzuosDrUkWH99uj4p5w9lGBjd5dOzZf2piOD__UZQxncO7HTT42wdaKmKw1rM8NeGlV2PzWjUPuwHGA2kfWnOJ7lWCwXppf9OsRGhemcstUh0vGsC80scNFWfJBPrUo8ffB7-Tp1-hgntXWZuAVn5KMFCbXNF2yRz1ieaKtmVgb3_ArLzynwqHz6TbNKP83-d-M2L4DKFEHB1YHqIWFgVdl_SjU3K3rZGSJT4aFlZYie26UvLFZWi_HCtxG186P-i20qUS5EoTxsSM3PvqA11UzWd5ANJCCSy1_uBPTy2C5bcRSwQ5NrJdVTsALudeCp7CpyK7_QnLfgffqfKZfDLFy4S_vJ9et7cN5uGSmdumoxKVQ-2mb3RnXyt2rjjjizx4cEuIHhuk-7cWlqn0tcHqkpFM37DCet_muIZegK_XqCPWhxJyDCTwFogsW6VNc6IFpwM6eeNZZn2PIQpsV34zX7aNyPihF3ika3RwDRSZiCwFMnh_yiWP9FQ-VBWCwvN2CWNr0F9QxCjc1xxGetF8uCctUwgiAcqOPJybIAZ9M6X8T3l29IJXKiRn5BHYKBGdmU6TA0LsfsFLzV15b6_8LzkoOHSDV1gTCN3e3EnkNwU2ioP9o_q2bos7-x7RdD5lwf2AQBaR4bJonTPFdfmFiI46SbZcXs_dVzVq6QxtVEGPes9piyNFDLYgXuInzKI8jb1_8qEKnggjAAuER__Ykm0UyZJwkWAL081O70xtuKptz2VESqRGPZtU130FPmqdByErTesoobJ7rmDPs8A2zHSyaUn_gUF_wX39Z1wSgGHRTKx7Tic34fR8W7vefb_A7bM06hca49J5d21RxVEqjYmvbVez3PAqf8GGyGsvZ-P_uEj6058ugp6dqBZRqbKqyIbkZUuWmJL3ouuYkj38xd4stKXOagQWmC8paC6Uwn0gjROSjeZ_1PCnvKHOaCATvv_ySgQTabmAmrX9ymlTwIWvmz3ZVqeslFfD77w5D0qCQJrajlra5clQQyWNtl1bEZQDZhvHcacgY_eAbDMHbJaQtE6omsLSxVW8chBP2eIpze7rMjpOu757gLFYu6CUSXLrEetVWRs3BZSI9d3LeHi5fUj7etutMLljOFRUoQyRY9DW2CH5_S0j3Y2217l00s71y4PZssom1jRlLcr2RPq9JJ-4rv9sbPr9D1zAUOfVZcZPKBMwi6XhsVT2aPl8TgM38u2zjooyux7Z0vf-uusuYn52ZDIjfPep0NfcWwP7BuFjxyhCWgszdZEPndmjdk0wusjNKEwLxHn0JfNXtffhEjW0IzpVlqKizBTddhMYfspRKvNIB5WlTUS2XH3adxhM26WvESl7-nqIAuLmITA6J6Pdb6LseqBwxY8PPAQ9ZayK87YyKfXDdCUB5qm21u77ASZovy4mZYfranX4JcOAAAZRaQ8EmLsZp8hXAAgvivd2dHHwJvoXYAv92Dnwa03I5CKvBfyWnYSHIaDjxVo51UsbILg8bVMNqKMX3OI7Xfi48hCHKnC80qSm7ao6NsqznMqETFQENYM2vxubflj7ysH6B0XGYYvflDk5q8BCyde-MXXpVzm6Ajidkf-Ofl3xQSJf3WUtVUywMtglpgRjJzs1hTwsU7UTBatYWQIn0S5aYEl89BV2V3MnL9UoOaczTLHVFvn4Klws2GLa9q1KOfohXqsARVJMK0QEGAW9iiPtsk191XvpdPY_hXwDztDmtYyTwokqbgJg9ifpsoR1JzM6IEBlqq1WS2avR-HmTHxQmotybSNZsShyFV2UHO8TkL4jca3oyBWYuPdxf0fJgcfxHs-sz32u_QSdaiiZkpedPdG36AKZ5kJfAtEGiiT6MzVzqwqz-DEI6cspFyv1HhKv0KRVpq0upqn57O9PcRAyx00r3qYIf0fY9O-u8xperPZd_6c-g27cw7hW8UQquvgMLpVxXNMbhlLzkTKM-mDn1F5hon9FZdaAytYiRf5fZ1L4TyfoqcA5OjMewXxmyljqxQWzrriZn1lNlWaDZ86pOt5Ky9wWIODE3xtemj1SKqYD0jX4TyYPPkMebVjmlhLaTkP6iH1LDfxfjP5GtHcrROCIRW7Blp0RoPJdMaU49zIF0S7-MfoTbXk0GmrvyI6fGqf4_t8-RczAmoPZN6XV39-oUs_CVksvMBJ2rhv3KHhKRW_pDvG9UFwXAayo0Bj6BG6BJ1MZX01A2fB_Ydf-PnlVvMXQslrGD-l6o3p6NeFDRpg60OEUQhxUkrgfjnE-wRTeuNf2EefCZrI6mKR2INpnWbsm4c1K95nmVo_vlFuhf_rxc1FNY-UzHO2V-6EHzGEgzqqK4wlIhdTnWNLZrCPAPXpxOVJCB_rqYRI2WPXuvR1h2HWiWC9BIWmBtVvdk9ERNxLpAu6rlm-pvFCG2szqcw2camsB53zULlk15pl9NdoD937JPXLqkSOSWK5PdzJQssyCPE0xAUf2yrmiQlGsvKMElEwV-kXaj2TuYbZMaQiwSw4kFTDQUTn-RyKIkRFhZfIC6ZMdGYxSEYbywWdQyLO-UkG7kmxplmKJpPcz4zgh36kw9KL_gf9v1CXLB5ETgVJhYDnqHGiJdeYOT0SUTrdMJZQZv7csZ0p9EYwL9DTw3ncUEc5El36nnqrLCng93mL&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaspor.siap-online.com%2F&ds=l&xdt=1&iif=1&cor=3818250495698807300&adk=250412560&idt=208&cac=0&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1484042/72188329/ Frame B571 245 KB
74 KB 117ms
38ms Script
application/javascript 34.250.56.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1484042/72188329/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-5068597661936667&ias_chanId=1&ias_placementId=20254536615&bidurl=https://paspor.siap-online.com/cas/login&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ha364nLJz1d5Okuqobj-Jc
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.56.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-56-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 37dfe6ecdd39aeec2759c8084e6c569883a7c16abedebb680331495f2a736666

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B571 111 KB
39 KB 49ms
11ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Origin: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame B571 11 KB
4 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BEh-zicDpV2CrtA_7Vre_RNJZ7I4ji97nSpoepnP8lRbqWoXzcMrvN08KeyXE4lK06LgMiJj9DN-z4hgKiCugiMvMazKtJZT51I0xbojyI_bU8g1LSK7xm-TZghawDKYpai7tVqc8Fss9t6Z4pM-F8TwvtErsjh21Gwno5MotGQZGdoW8&dbm_d=AKAmf-C6iyaNARto4SXHuhsMwhGqhtjKrhzIPUjMnc0z8JZ-M2965FwJC2UVdOBmxIPEYI0f2oiunYwMol2q5qHHaimWl2-1oXZGnTV0tDGqjKsPnShLMrFViqcLH99BUkECHh6bkFp9e3Ap3FxKN4RojAZXD-p8gBIuVZWTghrm0i7uieQaY07pfokrD66dVQ8dyh3s5Q7YIIhck81x7YM-BBmA7IedHdN-m-LFOtR9y5Sa0NsW-H1HpIuD3cF1Exohmq_6zoi2CMKkK5Ng7fC64jkDTk-wVTYA7vFi3lJqgUwgeSaa8eTgmyFzC96vgl94ERdRCT02CN72GbSg2i8lCLqiUzUcCfAbIpHU15P0Ex0KiPJ4lrr-OTlsGcq8EXoCDUXFvgyqED392muXv261Ey0ScTw-APSxhIgoVVMpKJwGWYE5sxzXidOaMLD22qxBhz6EGWfl81Hbluoph9KetKMkkN8kfhC0g_2WqOA6tyVahNMKVz1Y0uuqpp70zMRJlDkyJ35TWlaa5-bNbWck69OfFNxmT0o-RTkm3y9GLgXu_hXJGeKw-3UTI52xoTa0xwE8z2zXsnq64eG2l3k-8cykSjiXKr2pDJSX6xEq2cbwTEIZkqJgqKxwUsfYvTd3W62ij2o0k4f2-6O2irIq9WDM6SWgVvuZCLadgaF-eeFnhe0EkY8LOPfa_T9gYuKQH6MzXvFKY3x1R0msgd-8GRPZLXhBceU3PRsQqb1hEHaqxTJaPt5RdPMa_Lz4E_lsr36IVkuS7b1vPHwyc77XrZ33pVJzO6rKWGYZemiR1Rev9Ti60BzqHbgw9DsQSpb-wAYewwOsAsk0VOetTcDbY8-wgFhogg6yUIiELzzECkGrY_RuMi6arUDbH1Q4HJU9NRx6DCMkWbcufbjhf4-FrtnV5Tf8mb9DZaqHKXptW5dgUzglEvv6CVleANBOVhweCbncUSmRHtPBQ_KFG31SwVK_sOhGWpflGrAvAOGKg8wkFVc9hJ6zazHSf2IFBsLNJd-JmlJIwHxLEqB__cnGp3SYNsygjKftkFr7WnGTuAJK8XTZqsasVhwhiw2_SdYPL8eXjHyAAckjU6C1iJ80Qak7h28y5rJDNaTTv5u1y7cLXdpVDgRAB988OhjsxzzXq5U6Nuht4XFYFvA5m2m01-cPaQVSD_tkf8nLjU-zqe04Tg4vSdIIwufGiv-fLU6JCwIphfWKatNR6Nl8pWhtsvXByetsKJok7cmjidwfttv16DOhTi8VVHQEUuZynT0M_FnRRhNWkYY19By5NVy9YCGe4_VTYIRvQrIyTWUwZPdZafi0gUiE7zZsgaosjChQOYrR3pYXaH3j3l9HReM3mlvPnXVCQsselcPUEkuuNUsUyY5tnQp1GbE1flGvfIGjTCPlrR431SGgPzi4arugfxbXeMvEh5KLSCdwYVdBbxERVIHLjUKBhUGyTdGPOzyj-VIKVaoh5uEZUbeCe0ihKN1Tdowrji5Hmif9VD1qdxFN8KnqDvGUTdZSMIeVwlq9EWgX1OArLS-rB9vQlyEpfsNsKi5rouJRBIEipHz48cEB-LnVrWOMwPCjBHIze9eRIBIxsCB1QqYkTXoX5FuteH5ZSwxzXWWkk4uwLo5ebZmpO_gE2qXbFJus9oGPneYL4UpGYTfdzg_8cIPvBrvNJQC5m_tgy3nCYTJ4jN3b7wrmn9Xk89eKhR8eUGDAnUQSTXo-ELl9TQhl3Cst9_6bkFNyXRVE1Ti6UofFg5JxwDsFJsoFxSZngpFlWcFq0yGHK6ZURas2YIj8LiMJhhT3HBr7Um6GnV2eArxUobmxdoImvnhYy5vq2Pn2RgGXSEZXOIgxRRdg3vKEOclrkbv0m6-7JMsh8b-lWZXwesOfzuF5RFGTX1KDpWRYggLNVTYj78WkVYI0z2oKqMrkK3qSAyFffimUlaJgohulr0yCf91AEtyl_1MjRJZyS_kAcvBTAUWzf7bsqd1xXHS0nqfihq-yeLi_T0mqDxFCzTfPtz2yX-Q0ioJ8h4LNPAfrj-5PPWt2qIsNUCVho0efk4Z4Hn_43A0OHxipQ8-43Bw9nTGqFOJ6C5qC4T8iQTS8mufClN45bMTuy8f7RgwRZyg2m4uj_-A0ZpS7O-LXK-0sz5Bl8nQlQ5BVPAtAzylTtx5Yv6hMn8D_KG1GAQi5RQwWylaZlVlMEBmCzIHiOJ8zfYz1orZ-2hq0OyUMVSOO7NEV0ek_EPhvLiaOZKQJHfkdpGKtwm_tYTzqIYUjXSY5zM9KcEsosPvt5pPXUrrFQDWSdESlO1FjcInxr4l8_HJNV-Ip1SBwTKOI341-Z2h1ujXMm_jYoDRaa0qSYAWcv5OWElXCIkDtUzundRHaqJqOpC-6JiH71ryeo_lhE6Ei9VrQYjR2_vCo7WP9k8vdNtfX9gABtIF-EHj_-b-smlykWJmfyAwwgpSBaV6GQNEXNPb-CT1ffHeOV-oTJhkJrqt8HbQVn5S97Clwn9AGex9f9zeFQPGuaN3xoGsp5NyHaoTA0vnRVAWxr5cX9aI8Jz84rcgROBa0ibF0ongVhIKlhxm2aOxvwMoPelC8ne-RnTVz1rkdwqxuZtYkHr5WNkEW5mRLda0Hz9G2kUvT6vL9KSM4qS3eqnORwb8ia6iX2hlGWjLvpneAUy_FXncdJGzEWXD7n5O2O4eWQvZ7TjMOUj4i-ZKqlBZdpdgtECytW3SP0tfVU-Fsad7qdXlCOjhH2GOsHOmkTGzZ2yJwEWF96wFGicW5N7OBA6PzHl5rSdPz6TsFTfEauLBnTPCGNIiXEnMZiIbhMJplB53XzwOMHpE3-4X-siVPV9lT9Cr3yBSnmWCZ7Q8H9IwW8fclNC9mSO-QxS6gK39u5e6F3TR0GRJvjOJMS_xWxBlKCpRtelIytj9WHxDPHNHBKnSm-HdsMxCd6Kkkv4UFL5-hlS1WdsZVhx0ysr4Bf22vZoS_wZAjQKQox6MYptk4aU34CNrkRN079F-b5W6XsqxfjbayRboNUMlhbeJ1oww8Ws_MP3ok_Lmc9nUOHrDH0YrJqMLtzkeIpamWRx3Bcbbl_i8cPIf24YhH_P4PHo-KqWGMRJ5kbevk_l_BvKRr0ZSpZX11AZ0B_2BN9ScvraP8tC-Q9EoLxxAUgq-NwNKqF4REt_LYcwlOB5lXi6iM893FJHEEVXnNod6b3C2DiNrUQB2-reqRm6aWlZNVBwIgHOr80EyMxWoW8-ih0T9TQmVoMw_XmfFZ_-kdxYlnOfsuXgAB9pRq_m3x5V3K7CQmY71_qRp5h2BybP1m8oYGUKTY4xHbDYdQRp1cyspVGRrj5Cf7cfCQgB0u9VkaxxdC-TuTSsppyWBZRB1IVUYimqUqnqmygaOqV_elT9HYdr5lBCxS0yG4lC-9oWkPeB9JWZPDTSjT4Jnbc6VHWDHiQ4OkoHvJwcUt_7KFmo7AKqNh5ehL-UKzQrvq1fl88hTw6k8PDqmPX-llX8O96y1UuLLHdATqMFiFYvvfYOnJWWanxa7q6rZ8SFJIkg&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaspor.siap-online.com%2F&ds=l&xdt=1&iif=1&cor=13962128101455905000&adk=2228999115&idt=305&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:56:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame B571 30 KB
11 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:56:38 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B571 41 KB
13 KB 15ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/990511/61634100/ Frame 9666 245 KB
74 KB 103ms
37ms Script
application/javascript 34.250.56.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/990511/61634100/skeleton.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-5068597661936667&ias_chanId=1&ias_placementId=19422215943&bidurl=https://paspor.siap-online.com/cas/login&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0he2bvpUesPOJvIjYljE7mH
Requested by: Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.56.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-56-160.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b127a78c7956713733ae2090fcb4974be79c1c2e33718edce5a5e1e72e011425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:42 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9666 111 KB
39 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Origin: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 13:52:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 13:52:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 9666 11 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B_zB7jaPQKzKNnnJgsNXh_4kndrAyMdRKxE3mj9Z5dLf-QfvMX3IDiF88G6xde30OBzL80Vk9d8UHgXrmpxZ-wqQ0D1qHE-ORTWILBXGRRbAE5_GiQVwddij0-7NpUdI4SwMA5pV1Ip7dxdGLsIZSX6AFwh4smHqcsqC0qLg7c7n3HwVE&dbm_d=AKAmf-Dimvfn-eTseuFvbQfPq9IjpPXb8WXsbOFAGNGEF9JK8sDMuABScP3L4q9eAc5rViYnWE0Ex95LE996gVDIXg_LOHutqRWuFqE_Qhq4kAPnhntCPYj8t4mHD4_Xr0ySvm82TKRfYpOhCUZ7yDwZSd2NYoCNU9zGwq-8ctmm26pXi_4PsikXH6OL7zZosYyi0Jk_BdjcGuSYSy_fGW9Erw_hbBUuM92oGSchTSB6sHc8MDYnJDwQyxvi7ss53JNmwnSZf18Fr059vmNz9DZwanhsgfdhhb261CiSn2bpVVFjuCu1qVRb2A2tMdzk3UDQ5jqp8Bi8wThbjvrIIuY0tkVyFQJMNfKDtWDiveXRZcjcMtDFlq6FPksLLGr1tIej9RoiF8StoUuWVWL5JMo5i6yMkhri1i0fr8wm4t6yFFvAo-eoa7J3eEKIfWI8Dsk-NomsxA6JT6hOvEUUw1oqgZVmq6BnZzs4cus9aJ_VxOXo1VCW2BcrXURkJtsHikwG7_C_0_X19DwgflLNM9y_nO0yErEALTp82fppJgHULSZAaqPSShmiAvh5cgMzDAqbxePMhRsIVAB0kmnFIJ5s6MUEBPDBi1SNVbERrorhAQE3XNu8x99LGi8Rk1zMCwaGc3SmnbpRB20YrqEeshjBI5Gre8X3rCYvNdQv91drEbYtA69OhXecAMr9zxx1riUCeLsSnWGxxoJ4WPOdeS6wjbA7R9T23fP3lTUf1Q5HnPDvKTqe2tw1htms5veiCUHs7dWXdWfX4rEuMJbPZUlEReo1-nv8LJM34sB7Yuf1akfdYT8z9KlatqwJcG4Fz5VBas5vXZFxpIyUhPclZFGd89vKI36eMzKms0TW3mJimbSodE0CEWUhaGQ8CdW0Ain46scelCDiude0R2Gq3WvB8h0OZUCvuZi2iZGAoYLjfuOJZga3XXMwXAAPYg7pGEwWEQqip-FrpA2TcNYZwi6ymRl-V-nbci4Zz6qArUuVJnoRbSOvk3cBJn-nEs_zDZb0p5J_YWaNL_x-NbCpbvrvIVCiGcQ2PgCVam5yxdWku_kpVl_BRNP3rypB8i8ZtJbXjPi-RRTNVwh0o2st_p-J4SDcym02lbKBA8xvKHIPd5Lje8Jcq5JmKIQX3JC2lZTWrty8bDeiGTxbzNEQvQ6t3K5jO83pV1I10sNJRQuzwyUVmhF6nnfKCod0OWpCmUDFJHP4aHIA1tyWnEfyE6-5_isiCQ-a-4RuSfobDFYAew8AICImr09rQqZAmoekcpyzqYSkSfeR7rG0SAxReP56dlH6b54DQsFQxEtPj1LkCUOxkV-rZUpsUEBdqTAbYjSff00Vmb8LUSUbvC6JaSxTWhKwEGwnzuxd7PczCMNxqaFTfRE10HHNnzdDt7_bxW-hsCubdxpLdOl3huvm5Lwlj0HXOYClIDs_vFv0gzzgkASKyyxaAn3Y8NsnnLxbz2wMk1nfxoR0D5qz3ebv3O5yp65F7u8ctzi804Av0JBlZiSJ7oSdqIxWWGQk3ZovB-ZWAXckNdaI6CPEQTRwvjkoRnw25wIvPGHWDiogkmEQWfY5ouIve5M9QUzZIS6auGV0KfZ4ndYffNG8DBQP50mjkj_8sd7c3v4UsVY_weplq_ASuB600CaCE4IeXrPerJGWDmeKJtAGhrdSzyazDDCJ0LIdtsCKF4YZ51T8lZ4Hk-mkjfbRjj-6y6HxF18xCxSy3KiV5hBolhZ-yPPPP02t5iew7i6zeFOuJJyI51EuR513SkZhf3p4DnTv2I-LZ7fwDiU8EFpeshvHxFSp6pceE2dZypD6xmPg1dnqGmtfx_IALffHVsMRlk4AmVVKo3GJ6ervlKV37l4pLu969zCsiIhnI6PFGbKIJ9SYhjFYws3cRQG2at53-yjeiDlA3TUWuFMz3TLD24DaCYF4Vmt7-KGzxkStA-AA0jmC3e6tohUzAg1bC77ssoNUY221HytCN1ENu21JxLXIudlOhfv55mEM_GMwXIfiECHwj89a1JFCn275MJouZTSM17YhTW8so-uQRODpcijvPVcutENFgm2_e2gYkiufNm-HG6CYIGg55wyIEyZ_6G155NQWja7aOLCpljs9oZ4SjHStNnn3E0RpLXfpBr_vuPoh02-r9pHUpSOa2kNne12kNb0zhkK0-qsvL6gnfR_kFW-6DyE2a4dhwwidXmgeZuSgbfuoe7JYvQyQe300k8U946ArAQ9OBTnUDSRTz1ysCyu3T8WAWA4CVlJIBAKQ27FkQAcazsWwvujUBaDwwakIyDINQ68IPBPGE6m4_umFX0L4eHhuI-YCe81a4X9hsSFRGRbtp33nrRIahHWjzDdd-s34mKupPVgp_Muso0WberXR3bCZTaxJkQ3FkFaoIbf-sag4DnI55lMGwfiEZ90CbL10PA-41UjZdxD1_rFMjbtSzoH20usXBcTjEmRsD2naLCsvNycR31aYhN6S34tfG617WTKkqP2KmMWdHUtZWRRejgwgHJIA8rTDpq9f3EmyyM6rhrXIYMT2kULrX8BGV4B1bz7Yzk_trCvBftAtiI9x-gpTvzVMujsewAyww0bfPmmDwXBpwLZQ7m4L5Wx8fjTDC-kcpQiHWvK2TvvIEfrQ2b7cjyMIsnrsZXt243Z6fz4a7qoF_Da6ZcSQEPRINdq9Otx_GcXZEcN1K2BGLtYcUaU0aVjCtZuAtbV-T_GfqWKPGzVYIl7tjSOlW5Rzij6a8_ao_EVpKZhPcvmI327B9-aGKufzfR0oOLIT1TIwu1URClP_8pAvdedniW3MvFlUSn7TYZcrv5VGb7siw8TXKNq_0NSKH_-M9NQ6seZTIyCwImzZeRnzb8DY1JYFAkbbM3LEDjDXrs0gxBwh2Lqr7oFqdg11ZQ2fo3pirbjsHvzRfsrMhn0JddMGdMWN522v8eLpQpDlZULCkXASYJwoQBrayuv2ntdpxASUEouEu4JmZB87p61gfHZ7pp3_DgrG2BKpP4U8VpiD8Z3NK3wT5avgwPDE0UEGS7yLeGFUk1uYHBzgXzfdX4Qo9RMF5TNpSpb2U5E_rlT2X32b2MjtB7aAU8wsfHOrZ2y-rlNi7BnB1zmUDR6CYh_eZ40_8vWUkXQrpkip2LEDsVETqYQ73lKqWmnIEsetPS4l3u9QDURHH69SxHoXcZOkxdDiUzHDBHdkwqmtf9kSnLSTqVs9biYm_gFu__rzWUgjr-JgFKqmkFp_Qu1cTmIcw9rw3kLsL7RcfxmiZ2yRzO9nVYLdo4Ed0nxxw9jKScQaA0XJTZzTIrJTHRHqKrg4B5JXz9iKE_P_jB9ozaQmYbhrZdkLZP9Ou3PxTZvnIe7pUoc5G8C5IchDNT6sYgk_XfiVNLSlg9ZzXa879SfqepB-T3H9TEt7KKAFRT6NbxiiCVXg1o_DbusFWeHB6GSWKGOoFB5eTm_QzBYvnpJCRHkmnyF8pTDQW3eJKHd5LiPaILyQLmtsJ5eSisV2x2p403nF0Qi8MnIZOwaSmQbS7AvNOgOglgDbHKD--261dQ&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fpaspor.siap-online.com%2F&ds=l&xdt=1&iif=1&cor=889567813279080000&adk=1761367587&idt=333&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 16731591232229431525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:56:38 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 9666 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:56:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56824
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11545
x-xss-protection: 0
server: cafe
etag: 12064860844701496540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jul 2023 17:56:38 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9666 41 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 13:52:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 244267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 13:52:35 GMT

GET
DATA 200
OK truncated
/ Frame 9666 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d31b6115a7f86a8b60679cd71877b535b7fa10a64a2db52402827af0768512c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 1542 11 KB
4 KB 65ms
13ms Script
text/html 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1688118221668915&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 6bbd711477df4fa201aa37e2be166eb5e4ff708467f284b074bfe39acdcdae20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:42 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4162
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame B571 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228b6f8c9656d31bc9e0e7721f53d3a7867a767540915c6aaf27bf8da7933f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ED7C 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 243961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B4B2 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 243961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12546954530650794831/ Frame 7544 196 KB
26 KB 30ms
12ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213da25a290b5e782fb6fb8e0331db8fb350341e4749662111db080e8dc002c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 330684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26228
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Jun 2023 13:52:18 GMT
expires: Tue, 25 Jun 2024 13:52:18 GMT
last-modified: Wed, 21 Jun 2023 11:47:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B571 0
0 98ms
56ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2cgB-tg6h8LPGBEH--dcK-Asufj6vsI9rmonfth0Pzho8wIfllv3EiIvCMNgEeN0i7NQ5WLvMbhApOyQU9rl5xQtw3F3YJXBZpG3fJ0Ucr_45c_B4qKkF0uhN1xr6T4HN6EGdH9BG_B4aY-EaWG6SI8Je-InA5fpL70igXSj8yui7CmK2fpvG0Sz6d2nmI63CCAaJK6_gd5Sp4G_CfoAYIHSDlu5RdRcrhpATg-ZQBKPAWCgEWGGtxX00XSUvKfLsNT2qVjZRn0gFJl9Kq60QXSV1vql4Gi5ruSh8UJhE7kjMraoyLcEHSbreyviZesJ5Gkuw2fyqJV5ZnnNKN05rwgV0eitY_VXR8buxmmEpJ_-nmtOjAcBjL-0hiDIHyhQCY57pgONjSIfBJPehq49qgQ0ulW7RTFYU3iq_cqD-JnwzKZSbopcJdvSRDEYCIinIPkVB3hhdCkzb3gNbQWMXK5J1D0cXiLG1WGGzkM3wEAKQBiISe5yVYI-mTYoTrgAos3FrfjnkhvxRwpfiyJZgf3dLGINRB_04v7zAmwY_w2aRSWyTtAIGKgTdbhq-HOqetdN8DNpHuVhihjAbcgBnydPvPpHKfguLzaQmtot_br1aI1_SgAtQqhKPKTkVUuKpNg0Rh9IZVYUR7TkQLTwSnqgleNI2fXWEIo6-ROIgWt6QAOKef0kB0tWVPYa3LRhzBzEEpgSZ0IjBnb0pyLZgudQ0rL6kkRqtChdfFwD0AgCrdu4IjsXMYgWLDhj4hArX3f9WRdUMTan79p0wUQlQFvmobSPi0DFVLICgCUjRron8FC_bu1WbfSuD7McOS5AY0brgTVBsFVgeVN7lgOUvBNIYWyveiuNxq38BLybKFd5wNeNW_9dOsswD35kQcDCxbRBc0VmcECX88CBudlKd2wF69P7vTQNGl0YdK35RN7bxq6DYiqMccim6uHWrUNAeQQwNy07DRcztmFGQjY8LXh0VXKJix-iBkDokLbDKmVsCWStqiGXzinx9FtAsKq5lxVaAbiEz9k0ro6VhPE8FyXJKN7UOzvp9Zuu5FpXGXaaItRa5ip4FGNcIivFOVaBjnVGX30tVZu32MUkZkxgfPaLEaevi87a1fN32CuN1tN6cwQx1poTLUf3Zll54tX_u1oqRam7uhv5PN-7ETzeqE5w3P-RduhsHmn-naM8HUsQTVL_bFLVZPmmXkcQzIxgHzWivrBsgNC1GNpEv-vF8zYZxCuma8gUwBXYLwORGokU6quRoZ5xnEI29SsgKaGgOEnTicnA5vl1SH2masgeKeCHzNX2VDtFwFnQkQtjXsaNWnQ&sai=AMfl-YThNIUtlqa_D8mKul2FKnODVrpAmqEnH5FTLP4vvCGFwM3hgeEkWCV6mJX5IHId_GMT5kdjgbzYSVlygiq06l7NbtzUY6yXZM85dWWW_UGSuAYV_i5yoGHPu5vAcd_P1E-bVKq7gYkU_EB7gFyxgl13zEhpEZbBAGi7lsF-PCZqIoIkjDzaLQpSco_MqiBNWyuKFhZNas-yN6a8qo1NGFgy-Pg_ZUTCQhAprYgfgKKmqG925aoaJmo-BJBFQIZVxII3lizAceyhTdKS1GmvuEDbaeLHeZ9XOfDj&sig=Cg0ArKJSzDr0AN8TCyrUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=131&cisv=r20230627.81641&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EBDF 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 243961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 13:57:41 GMT
expires: Wed, 26 Jun 2024 13:57:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8545329873006492075/ Frame A7EB 142 KB
22 KB 14ms
9ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 601941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22810
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Jun 2023 10:31:21 GMT
expires: Sat, 22 Jun 2024 10:31:21 GMT
last-modified: Wed, 09 Feb 2022 10:36:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9666 0
0 85ms
56ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvT2nFnb0zgY2LwYOh2_VKLxlsR9GdbDh5FN077Q5Rf2nlqjL5Ityy6YP75p9UYPA_pY5q98jmP8jCNlQahQjMFJfEs8DdrHYEu-U_XmSvEpXZabM2bbzjPQvAKRhjFWIF-n44q4KzMKVcjInzdi5WRUkhSCjXstu4Dtqqba_DBbm9MVFoOlfTtiEOjFymNHT7azCu9DxZQOvJOdBSYTtk2AHiMrLk-rueiGAl0j6QsLujQLazC77kHtblH7784IWUiRJHUiVm27porCR0I0HLs_BQKLimWUM1T-KPMyOXsQcS0tDaeorPDqnRwnYZ9p-5GyoHSbJmzu0s2xbxAy9WiW55KT_KHnK-7O2nMZX_5z2LXsfySXi1srEn254Nd_2VShc6D5I0zEyYQuw_qNZI2z6raEReNLoKzprTmrfBtPt8xfdJANWz_n8tihIHi3Wd9kgHdsYmTLcvOaL_sZ3a-PWT14JqHbC8SXZN42QtSHmat8xUOfQ103K-07_zM_LMP403cuImD-HGYGTCU-Y0cmRl3c9MgoMW0JN39H9mEqnOJkDyLLQYC937rLUX1PO-5tGaj7sgFZXishzxAnWUyoNJ54sSAAO8s-9duKHZRtc2Mw67K_B04Am8UCnHOtRCcBjDsb-ay-PdFiMtooSrJxOFNy8BuBltSIaMLxjmyKCd4PkthwmnogZ7lj7PCZtdGTHwkydEN-qssAOwqo_QN7hoVOdqw5kijoA9sI7Re2aIwPIxWIxwKj65zNGBRSR-sDxr-ni3jYmieN3pbKr2gH7D2NTZCwe-08xhICcEKKE-_YyI58xjnBMg9jmWMylDOuPICluXl-xMP8_gc5XJfFnrCYHcvR0pynjcQstKtFJcFQ4CYs_ZmhyGfyEUDfw8b9KqMB4n_IlNC_TiBDQCfONu13VNRP830ltE7un6hNt-6jKszmKcFj_EvPqf75Qrv6zeG_45Pb65z26ySEuNFQUD9HXEwzXmeds0xwEx8cZK8YCChWq-1-aFRvsjcANoKhF6ir9rET9QMvJT3OsBY2SHUQ9zvnTtxcfzn9LkO-XVd8dOlya7-7_nVtOhTRVgbHrE0daAXlDfRRuwAutiQZ-TZk6FFUqX8O6OKBsQPYoldeB7-JephO5sEBMZr_1a_I2BB9s_SlD4S09GCVk6b-4LCuLIRSXHQh_rgAeOqO80pILehCl3pLYIoMsJpMOlO8afYtd4znCDWKSDZUKOVzBklnWxHJbi5r2vH0MfokU2l4Hr1573WN2YoFywO97NHrv7oWKWwND7MtWIqwd1OEM8nf1MEE90B5VLLf2tlawy7Jgkia6JqWpRr_bqxNfMQw5HiI5hn&sai=AMfl-YTppxdY-MPXIQK3JGMAbde1ZAO-qEpOB8xBiZkp1nmrJ2CNAXJALu1x8p7EXItyx0OvtKreoPyfHCPdibSj3-s2srBpCkGPlgZNZIRh61HnkYewScqY-fACmJVbLDmHNFw9I931-2avHNKHmL8C90sCdNQzUlI08_kUW5X7b4e2BI5oYbxXcBc1VTzUxwwHdYIH3U9H0hd1bn3bPPAQWNjk53PLQgjGIRj4hS3oSpyecNY_o7sgh6RgqbIDJebi5VL9PUVd8UHUxE5VmTZwvAgnVBRN9y8mZJmj&sig=Cg0ArKJSzG6cwq6grzSdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=133&cisv=r20230627.26186&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 1542
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

98ms
76ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D&documentReferer=https%3A%2F%2Fpaspor.siap-online.com%2F&ancestorOrigins=https%3A%2F%2Fpaspor.siap-online.com&random=7580958202597&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9282b4bd913dc38864f4d19e9c8a7e8a6b144bdf714019c19d8683dc28481406

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:43 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 63405700042710504444994012371007
Connection: close
Content-Length: 1388
Expires: Fri, 30 Jun 2023 10:43:43 +0200

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jun 2023 09:43:43 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D&documentReferer=https%3A%2F%2Fpaspor.siap-online.com%2F&ancestorOrigins=https%3A%2F%2Fpaspor.siap-online.com&random=7580958202597&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 30 Jun 2023 10:43:43 +0200

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A7EB 29 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 17:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 17:28:21 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 7544 32 KB
11 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 04:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 01 Jul 2023 04:31:52 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame ED7C 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jun 2024 20:54:02 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame B4B2 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jun 2024 20:54:02 GMT

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame EBDF 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jun 2024 20:54:02 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 9666
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/990511/61634100/4.js?ias_dspID=3&ias_campId=1010147412&ias_pubId=pub-5068597661936667&ias_chanId=1&ias_placementId=19422215943&bidurl=https://paspor.siap-onlin...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_zqOeZLiyKeixx_APk5a_eA&cbFunctionName=goog_wrapCb_zqOeZLiyKeixx_APk5a_eA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassba...

1 KB
1 KB

8ms
7ms

Script
application/javascript

2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_zqOeZLiyKeixx_APk5a_eA&cbFunctionName=goog_wrapCb_zqOeZLiyKeixx_APk5a_eA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:26:18 GMT
x-amz-version-id: c567TBReTKM9m7VfCfOmpAHbFN80zD8c
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 317846
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 26 Jun 2023 17:26:15 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: WMAy0JOdda4THCoZJMtTZFc71FeG0Ysq8gOanFi-IayynIqZHNQrjQ==

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_zqOeZLiyKeixx_APk5a_eA&cbFunctionName=goog_wrapCb_zqOeZLiyKeixx_APk5a_eA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 4997 91 KB
23 KB 70ms
9ms Script
application/javascript 2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24343647
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: nn173LEXquY6jjcOvPSzgjlxKomTCnHUTNwaKqwAhEktxfE7okJgzw==

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame B571
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1484042/72188329/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1013030159&ias_pubId=pub-5068597661936667&ias_chanId=1&ias_placementId=20254536615&bidurl=ht...
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_zqOeZLvAJ_3Cx_APvfqloAE&cbFunctionName=goog_wrapCb_zqOeZLvAJ_3Cx_APvfqloAE&true_pb=https%3A%2F%2Fstatic.adsa...

1 KB
1 KB

10ms
10ms

Script
application/javascript

2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_zqOeZLvAJ_3Cx_APvfqloAE&cbFunctionName=goog_wrapCb_zqOeZLvAJ_3Cx_APvfqloAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:26:18 GMT
x-amz-version-id: c567TBReTKM9m7VfCfOmpAHbFN80zD8c
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 317846
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Mon, 26 Jun 2023 17:26:15 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: G1T7uYANnNI-X668ZsojTTgg2fgYlnoO8ry7yj1o99pUe1zr7Q1zDw==

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&adContainerId=brand_safety_zqOeZLvAJ_3Cx_APvfqloAE&cbFunctionName=goog_wrapCb_zqOeZLvAJ_3Cx_APvfqloAE&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 459E 91 KB
23 KB 37ms
16ms Script
application/javascript 2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 24343647
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: E7sPzpst8v1pP-cSG9yBd3S4P05KqTx0Q4GsW9imWEqBtIGeQxL1yA==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9666 43 B
217 B 544ms
169ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5fec913e-2fe8-9e82-9970-64ab76a6acfd&tv=%7Bc:h0RyLR,pingTime:-3,time:114,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:115,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C161%7C162%7C163,idMap:151*,rmeas:1,rend:0,renddet:na,siq:24%7D&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9666 43 B
216 B 543ms
171ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5fec913e-2fe8-9e82-9970-64ab76a6acfd&tv=%7Bc:h0RyLT,pingTime:-6,time:116,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:116,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B108~0%5D,as:%5B108~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C161%7C162%7C163,idMap:151*,rmeas:1,rend:0,renddet:na,siq:24%7D&tpiLookup=ao:paspor.siap-online.com*%2C36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com*&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 533ms
172ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0RyM5,pingTime:-3,time:82,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,rmeas:1,rend:0,renddet:na,siq:18%7D&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 529ms
171ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0RyM6,pingTime:-6,time:83,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:83,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,rmeas:1,rend:0,renddet:na,siq:18%7D&tpiLookup=ao:paspor.siap-online.com*&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9666 0
0 46ms
45ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvT2nFnb0zgY2LwYOh2_VKLxlsR9GdbDh5FN077Q5Rf2nlqjL5Ityy6YP75p9UYPA_pY5q98jmP8jCNlQahQjMFJfEs8DdrHYEu-U_XmSvEpXZabM2bbzjPQvAKRhjFWIF-n44q4KzMKVcjInzdi5WRUkhSCjXstu4Dtqqba_DBbm9MVFoOlfTtiEOjFymNHT7azCu9DxZQOvJOdBSYTtk2AHiMrLk-rueiGAl0j6QsLujQLazC77kHtblH7784IWUiRJHUiVm27porCR0I0HLs_BQKLimWUM1T-KPMyOXsQcS0tDaeorPDqnRwnYZ9p-5GyoHSbJmzu0s2xbxAy9WiW55KT_KHnK-7O2nMZX_5z2LXsfySXi1srEn254Nd_2VShc6D5I0zEyYQuw_qNZI2z6raEReNLoKzprTmrfBtPt8xfdJANWz_n8tihIHi3Wd9kgHdsYmTLcvOaL_sZ3a-PWT14JqHbC8SXZN42QtSHmat8xUOfQ103K-07_zM_LMP403cuImD-HGYGTCU-Y0cmRl3c9MgoMW0JN39H9mEqnOJkDyLLQYC937rLUX1PO-5tGaj7sgFZXishzxAnWUyoNJ54sSAAO8s-9duKHZRtc2Mw67K_B04Am8UCnHOtRCcBjDsb-ay-PdFiMtooSrJxOFNy8BuBltSIaMLxjmyKCd4PkthwmnogZ7lj7PCZtdGTHwkydEN-qssAOwqo_QN7hoVOdqw5kijoA9sI7Re2aIwPIxWIxwKj65zNGBRSR-sDxr-ni3jYmieN3pbKr2gH7D2NTZCwe-08xhICcEKKE-_YyI58xjnBMg9jmWMylDOuPICluXl-xMP8_gc5XJfFnrCYHcvR0pynjcQstKtFJcFQ4CYs_ZmhyGfyEUDfw8b9KqMB4n_IlNC_TiBDQCfONu13VNRP830ltE7un6hNt-6jKszmKcFj_EvPqf75Qrv6zeG_45Pb65z26ySEuNFQUD9HXEwzXmeds0xwEx8cZK8YCChWq-1-aFRvsjcANoKhF6ir9rET9QMvJT3OsBY2SHUQ9zvnTtxcfzn9LkO-XVd8dOlya7-7_nVtOhTRVgbHrE0daAXlDfRRuwAutiQZ-TZk6FFUqX8O6OKBsQPYoldeB7-JephO5sEBMZr_1a_I2BB9s_SlD4S09GCVk6b-4LCuLIRSXHQh_rgAeOqO80pILehCl3pLYIoMsJpMOlO8afYtd4znCDWKSDZUKOVzBklnWxHJbi5r2vH0MfokU2l4Hr1573WN2YoFywO97NHrv7oWKWwND7MtWIqwd1OEM8nf1MEE90B5VLLf2tlawy7Jgkia6JqWpRr_bqxNfMQw5HiI5hn&sai=AMfl-YTppxdY-MPXIQK3JGMAbde1ZAO-qEpOB8xBiZkp1nmrJ2CNAXJALu1x8p7EXItyx0OvtKreoPyfHCPdibSj3-s2srBpCkGPlgZNZIRh61HnkYewScqY-fACmJVbLDmHNFw9I931-2avHNKHmL8C90sCdNQzUlI08_kUW5X7b4e2BI5oYbxXcBc1VTzUxwwHdYIH3U9H0hd1bn3bPPAQWNjk53PLQgjGIRj4hS3oSpyecNY_o7sgh6RgqbIDJebi5VL9PUVd8UHUxE5VmTZwvAgnVBRN9y8mZJmj&sig=Cg0ArKJSzG6cwq6grzSdEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=375&vt=11&dtpt=240&dett=3&cstd=133&cisv=r20230627.26186&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B571 0
0 46ms
46ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2cgB-tg6h8LPGBEH--dcK-Asufj6vsI9rmonfth0Pzho8wIfllv3EiIvCMNgEeN0i7NQ5WLvMbhApOyQU9rl5xQtw3F3YJXBZpG3fJ0Ucr_45c_B4qKkF0uhN1xr6T4HN6EGdH9BG_B4aY-EaWG6SI8Je-InA5fpL70igXSj8yui7CmK2fpvG0Sz6d2nmI63CCAaJK6_gd5Sp4G_CfoAYIHSDlu5RdRcrhpATg-ZQBKPAWCgEWGGtxX00XSUvKfLsNT2qVjZRn0gFJl9Kq60QXSV1vql4Gi5ruSh8UJhE7kjMraoyLcEHSbreyviZesJ5Gkuw2fyqJV5ZnnNKN05rwgV0eitY_VXR8buxmmEpJ_-nmtOjAcBjL-0hiDIHyhQCY57pgONjSIfBJPehq49qgQ0ulW7RTFYU3iq_cqD-JnwzKZSbopcJdvSRDEYCIinIPkVB3hhdCkzb3gNbQWMXK5J1D0cXiLG1WGGzkM3wEAKQBiISe5yVYI-mTYoTrgAos3FrfjnkhvxRwpfiyJZgf3dLGINRB_04v7zAmwY_w2aRSWyTtAIGKgTdbhq-HOqetdN8DNpHuVhihjAbcgBnydPvPpHKfguLzaQmtot_br1aI1_SgAtQqhKPKTkVUuKpNg0Rh9IZVYUR7TkQLTwSnqgleNI2fXWEIo6-ROIgWt6QAOKef0kB0tWVPYa3LRhzBzEEpgSZ0IjBnb0pyLZgudQ0rL6kkRqtChdfFwD0AgCrdu4IjsXMYgWLDhj4hArX3f9WRdUMTan79p0wUQlQFvmobSPi0DFVLICgCUjRron8FC_bu1WbfSuD7McOS5AY0brgTVBsFVgeVN7lgOUvBNIYWyveiuNxq38BLybKFd5wNeNW_9dOsswD35kQcDCxbRBc0VmcECX88CBudlKd2wF69P7vTQNGl0YdK35RN7bxq6DYiqMccim6uHWrUNAeQQwNy07DRcztmFGQjY8LXh0VXKJix-iBkDokLbDKmVsCWStqiGXzinx9FtAsKq5lxVaAbiEz9k0ro6VhPE8FyXJKN7UOzvp9Zuu5FpXGXaaItRa5ip4FGNcIivFOVaBjnVGX30tVZu32MUkZkxgfPaLEaevi87a1fN32CuN1tN6cwQx1poTLUf3Zll54tX_u1oqRam7uhv5PN-7ETzeqE5w3P-RduhsHmn-naM8HUsQTVL_bFLVZPmmXkcQzIxgHzWivrBsgNC1GNpEv-vF8zYZxCuma8gUwBXYLwORGokU6quRoZ5xnEI29SsgKaGgOEnTicnA5vl1SH2masgeKeCHzNX2VDtFwFnQkQtjXsaNWnQ&sai=AMfl-YThNIUtlqa_D8mKul2FKnODVrpAmqEnH5FTLP4vvCGFwM3hgeEkWCV6mJX5IHId_GMT5kdjgbzYSVlygiq06l7NbtzUY6yXZM85dWWW_UGSuAYV_i5yoGHPu5vAcd_P1E-bVKq7gYkU_EB7gFyxgl13zEhpEZbBAGi7lsF-PCZqIoIkjDzaLQpSco_MqiBNWyuKFhZNas-yN6a8qo1NGFgy-Pg_ZUTCQhAprYgfgKKmqG925aoaJmo-BJBFQIZVxII3lizAceyhTdKS1GmvuEDbaeLHeZ9XOfDj&sig=Cg0ArKJSzDr0AN8TCyrUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=389&vt=11&dtpt=254&dett=3&cstd=131&cisv=r20230627.81641&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: paspor.siap-online.com
URL: https://paspor.siap-online.com/cas/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9666 43 B
216 B 496ms
172ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5fec913e-2fe8-9e82-9970-64ab76a6acfd&tv=%7Bc:h0RyMH,pingTime:-2,time:166,type:a,im:%7Bsf:0,pci:%7Btdr:119%7D,pom:1,prf:%7BbeA:765,beZ:766,mfA:769,cmA:771,inA:771,inZ:775,prA:776,prZ:781,si:788,poA:789,poZ:810,cmZ:810,mfZ:810,loA:880,loZ:882,ltA:930,ltZ:930%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:166,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B158~0%5D,as:%5B158~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151*.990511-61634100%7C1511%7C1512%7C1513%7C16.1484042-72188329%7C161%7C162%7C163,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:24,sinceFw:142,readyFired:true%7D&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 492ms
170ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0RyMJ,pingTime:-2,time:122,type:a,im:%7Bsf:0,pci:%7Btdr:77%7D,pom:1,prf:%7BbeA:847,beZ:847,mfA:849,cmA:850,inA:850,inZ:855,prA:855,prZ:860,si:865,poA:866,poZ:886,cmZ:886,mfZ:886,loA:930,loZ:933,ltA:969,ltZ:969%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:122,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sinceFw:103,readyFired:true%7D&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 653ms
335ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0RyMN,pingTime:0,time:126,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D,%7Bsl:i,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18%7D&br=c
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame A7EB 2 KB
1 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:40:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:55:05 GMT

GET
H3 200 flex_tarif_white.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A7EB 4 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/flex_tarif_white.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1508
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:27 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:57:40 GMT

GET
H3 200 head2_3line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A7EB 11 KB
3 KB 14ms
13ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_paare.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3285
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:04 GMT

GET
H3 200 head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame A7EB 4 KB
2 KB 15ms
15ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:31:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1610
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:46:14 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame A7EB 6 KB
2 KB 16ms
15ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:39:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:54:53 GMT

GET
H3 200 300x250_kv_paar.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame A7EB 38 KB
38 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x250_kv_paar.jpg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8545329873006492075/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:39:14 GMT
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38528
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:54:14 GMT

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame FE4A 0
366 B 184ms
100ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=63405700042710504444994012371007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D&documentReferer=https%3A%2F%2Fpaspor.siap-online.com%2F&ancestorOrigins=https%3A%2F%2Fpaspor.siap-online.com&random=7580958202597&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 0
Content-Type: application/javascript; charset=utf-8
Date: Fri, 30 Jun 2023 09:43:43 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 253A3903:8632_91EFC182:01BB_649EA3CF_5BE45AF:25BCF

GET
H2 200 / Show response
adv.office-partner.de/ Frame C6F1 930 B
933 B 63ms
8ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=17295bde3d&subid=&uid=3d7d629f5b644b24&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCn8svzaOeZPPpKPSwx_APwsK6mAWm5b2gab2TnKfJD_AuEAEgo--4UmCV6rOCwAfIAQmpAthYpFVxPLI-qAMByAObBKoE-gFP0N7PI1kflA7vZgtjja1F5p4vLK6zM7doZbvYbqOY3dmUnnHq3KQpBjNXrmJrH4Hr6PZwCXViMV7hKJUPYJzG377zMrD_gXZLEyPjW2I7YzF_JTF9li_SLXK1dtodJk6WnOnExdL7yM_l8Yqk7wppvJaTf1nn9h1OIjQqMoDTvhvdimNLOPhYLngjhLphCrjW0gTQ2M8u9QAfu2sW3KLMV4Fa2Br9MGZnb56LYfob2A480HqSdbFzhIs461pd0PMiOr0o0-h_RAbg8taVYFKuOg7ERpzzjv96pzHoBe9ymeQ5sF27qDy6TqYLfufLvGIjtMe23JGiwYkVwATrj_yO9wPgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgGYCwHICwGADAGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ%26sig%3DAOD64_0yQCdoor7YdAH8n9elLJKy16ZeEA%26client%3Dca-pub-9928520520496434%26dbm_c%3DAKAmf-DIBx2yopP9vQVzU6Bj98UUZEWFGF-pad8D2yN9Q8qD2nNIvVZKsilVUYBDXnAI0os9QVMkfBpaTx0AF3TfW6q1RoqB6DmWYhzMQPIL-Wjmb_3dD0w5zicC2wqTlWlOCA4MPuxGyYapNjmTJ43ZvCp3leDI9BD2sJBkAXJI-ag6cc143f0%26cry%3D1%26dbm_d%3DAKAmf-DfIDprCSqXoEQ349dItze5WHZzSEpz4EyZ4NoT_xSZERHJy4owAqMvaDztZw3xCk3qluobGrU4qYhIBJNSXqbS_kYbRUUqURVrz7IgnyDy9CTCxz46cnq-S8rFGB79t9zdP8Unp5cgoo6Iw1wzfu_5aLBrfeG3N2TUXvIUxZMaoUTgftqOi4cVG3lqE60mPfGzNEUfxbGEP3GtjPEBjhaIm3HwY9kZNW5nGdD5ef8Gpn523EsOcgyFIXih2YTy8MamWtgHckKrYQCPdDtc1MBsCZjzWStVg_8tn7huiuug919zQPK9vlRqaQXh-2nUw_hDwiQTcNKYaRf72vEGLVYqfrJ0XCvFVvBzG4k-B5t-LSwCGK_vAMtTgu1RY21t2S3iqAgC9Xv6SoXxxo4BQlhTZsXyzo0DFSLj87tEZXWq_oJzGIduEJaGe_e0pfokmOy1CiexY57410OeAo_J3pZVamMa7M1l0vh-Y1Bx4N8_GOj33xFb3BPf1Q7Q0HbPxaGyxz_GUcje35CwWVVBUX-YBdWBOuk2DB7vXDjrFAtw4e0heOS9Il_4-1THnlxd7kBRpxXY%26adurl%3D&documentReferer=https%3A%2F%2Fpaspor.siap-online.com%2F&ancestorOrigins=https%3A%2F%2Fpaspor.siap-online.com&random=7580958202597&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 30 Jun 2023 09:43:43 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 07 Jul 2023 09:43:43 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 1542 0
366 B 170ms
87ms Script
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=63405700042710504444994012371007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 253A3903:8636_91EFC182:01BB_649EA3CF_5C86D77:1ECFE
X-IPLB-Instance: 40028
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H/1.1 200
OK e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 1542 43 B
382 B 195ms
99ms Image
image/gif 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=63405700042710504444994012371007&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx/1.17.5 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: 253A3903:8634_91EFC182:01BB_649EA3CF_5BF606E:25BD0
X-IPLB-Instance: 40027
Content-Type: image/gif
Keep-Alive: timeout=20
Content-Length: 43
Proxy-Host: pv.medialead.de

GET
H3 200 TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 7544 1 KB
635 B 9ms
8ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 603
x-xss-protection: 0
last-modified: Tue, 27 Nov 2018 13:48:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:58:32 GMT

GET
H3 200 tb_logo.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 7544 5 KB
2 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/tb_logo.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

510e21325dc04a49e11b960b7eb05c89fab87b58e9dfededb0085da40d618a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2150
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:05:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:32 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 7544 2 KB
1 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 998
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 10:03:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:34 GMT

GET
H3 200 txt_160x600_sparen.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 7544 3 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_sparen.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2de293d583a6ec122882e9bb5f064df8058d79bda07d192e9d0cb5d99eed9a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1596
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:32 GMT

GET
H3 200 txt_160x600_40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 7544 2 KB
971 B 20ms
19ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_40.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485b7554ed0dffe4d13bfeb661cd96daaed0d0676b8b75fcef24c6c8446ef3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 934
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:32 GMT

GET
H3 200 txt_160x600_bis_zu.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 7544 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_160x600_bis_zu.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f130f4db7115f1b41912386aa95b56d8218900619d4fc7c9519ec3228d8f393b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1094
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:25:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:32 GMT

GET
H3 200 txt_300x250_lm40.svg
s0.2mdn.net/creatives/assets/4923930/ Frame 7544 2 KB
1 KB 17ms
15ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/txt_300x250_lm40.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a31f36feca1ee301f0edce1d69a3375f5f741e7c89b293ef719f7d0a6d682649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1089
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 09:33:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:33 GMT

GET
H3 200 txt_last_minute.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 7544 5 KB
2 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/txt_last_minute.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674c43d36f3380fcfc51d8677f7f016c8b74321d27f0dca6b4a73ee2b72284b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2194
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 13:08:01 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:53:33 GMT

GET
H3 200 728x90_rad_grad_tb.svg
s0.2mdn.net/creatives/assets/4910664/ Frame 7544 6 KB
1 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4910664/728x90_rad_grad_tb.svg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b58b6ee63b0b7e4d1be94c77901866fddf5beba19a58325cd423385d6c7c42a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1334
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 08:20:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:51:06 GMT

GET
H3 200 728x90_3_kv2.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame 7544 17 KB
17 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/728x90_3_kv2.jpg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ceb386e06452ce7f063b7e198c728170e34d72fd9c0bf8cb1d3f7feb50f5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:42:25 GMT
x-content-type-options: nosniff
age: 78
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17346
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:03:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:57:25 GMT

GET
H3 200 728x90_3_kv1.jpg
s0.2mdn.net/creatives/assets/4923930/ Frame 7544 27 KB
27 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4923930/728x90_3_kv1.jpg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d302f0e84f9f07bedf5d5f25b2732ebb36437cbfaf20fa197b6cf3f051e69e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12546954530650794831/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:42:25 GMT
x-content-type-options: nosniff
age: 78
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27669
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 08:03:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 30 Jun 2023 09:57:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame C6F1 116 KB
45 KB 42ms
16ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d7ad15fab9e2530dbac57278099c226d46432d278444132479c267d08f6bf916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45446
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 09:09:06 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED7C 0
20 B 46ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpBsuzqOeZNGoIpek3wOj_7iwDQAAAAA4AeAEAg&bg=!z8ylzJjNAAb90kgr3dI7ADkAdvg8WjJESOnlpN-cPmo_ZKs_qdH8xJYo-3CnL48zpsBDPbHQn4GnJipyMXd5_uklDz6xeWfjspECAAABFlIAAAADaAEHmQLmZ3TZg8tZ1j6t5senBjEaKh5RNYArcMUfXjz3SR6c-SeNIqyyzDpCfixHOKrwUhhd1BHhXuFt9gl_MHKLXoPcIIBoX1GPbgAakcusZ1RuzibVLaa_TTImtqGLnVKgFmfLcjV6HaKPFR1GFZucnKJXSijZwzdyMl8nWFqRXnj0yIypyi4vlLgC5O3lypIRt0EAn4Ec9UGXr1UfqTbVkBFa80kfmGo06S17p0kbjWEycsjqXmvIMpLC9t4AmfBfWI2LDdgvalFkZDU-bQaq_29q25Og3Y8SYPCa695wROtkHJxVS1_e98dTxavt4D14PVtvWI5O6XzvuwhGFcZy3G3D3nrTS5Y_2k0_yPUEAvwwlgel42CxpxAWyjZd8Ylq8q6OwTh_tarXk0a8liA9Y5CPeXGLUWvAc8wIfeecOBnV1KHXWlQNiUMfaeFIn6wR82KZkvivOn66J3-gLHQETC9dbUHucwzc9C87byw2IZK3FVaNDFwfTJTB9MbV5QQdQkymY22uf_RvadUnwqSxa-VFOeAnBVJ7tCxh3kMN5M35ADJx69SLiRhFnjIBQYhjReGE_DNsw2ONnWuYFTuB1GehSVSU8xjqHqwek4tVXmsJ4nyP-z2oYQFBG9qbVPragxv7KoyoX-hSLne1cZ4KSu6XHLl7JaV3a7EEg51yE7JL9rOesLBaStNLG8zfVq9Nf_T6gu9b3bpS6XFwxrnHePo6LN9XFMMWvKSGnHQ8oCgst2ez2pkzxj9rhOVECNh6iDRQcNu7m15TohtB0003HNwMplM841JdP54g3xulsT6rbyk-ET_oo8oKAFtuYMdF8n2rGgF7kzDhZG_1NUkDJN3iZkb-7ZIdpTc-9hIfcWPioMmN9la0DKwcqG-IDE2Rbp-hOYJr3U0vYNvTG-lDWtXi7a5Kx8FZ0p4h7NNWWJbv8YW06IlJKnIux16c1bAa7Z-8feusuD1y2apXYjCHlf9ulNUV9EV3Jg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B2 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH07-zqOeZLvAJ_3Cx_APvfqloAEAAAAAOAHgBAI&bg=!dHeldyPNAAb90kgr3dI7ADkAdvg8WprwLIKi-l7I8p0k7eCShO8KNqu8wwWSuoLMNnSAiIp6SHX5QFBS-2lHnAjbykV3fop6gUUCAAABCVIAAAAFaAEHCgBs_g0qFDi6a9Hy_n12MLdXLSX4IWNG0clV1G9i3bgdviXO_HW4xfydjZ5a9EHDREDke-JsNRbOiVyAhj5Ce1-o_Vy5ixdgodWz0a12rsG0sDfKosvQeeX-CNKfjoV312OxIcQ_Kig4sm4umbVymQL4n5ylaACya7xdiwLVpjDaDGEnXUGwRK5MVvU63FBGvsasgQQGpjJG9ndIfGKzEb5OTj56JoB_UIkqj7GjzQ_H-pHbYsPmbI4pxTtMgLrJQAPFO26QaLfNw-ojwY5CAMrlzVq1Ou57NHN5coPHQXMle0c1BuOOpwDO3gP7P4WGfef4ZGTWcG-GhgJ6bqMC6MW1JdqTJQF4wbnicXJmLMwMHcs9hhjYOk9HPYsZ_7zUutJiiL__Nu-sF1_cMIQ1o5JnEYm2Nxl92bktLdYF0EVZ2_2E06nDC7zaamGPRbbLk39suGJxvvxqBRfWZV4EZrMxHEnnFImrPjI0AfjRfAqSqHR5642N0B9GjqxCKDta_EKlLBnSuhTqJcjTrnjnd2yoXoLA3qYorsIDRXGD8jLGNethvoi2OKJQAJo4BlkHucCaZahqJz4O_6phbkQwL_Ftgor07X-7oFcgP_9yj3FyYP5fF_QpIpIRs2WAilqgj8xKZPAWi5sRfMbAxRMxpx-55Ii5pcUKdQcFAFWvqLzmbyjsMMw0XmaQXPan1ze9VIdjlyrbWSAmA2w4AKhXwBeoTn2s4YBqo0YM2maytYB0W6lYtGPx0JYuYFqCUTrcExMLSXT_aBLrdrpJfPW9z2QYmMwELdt_4po0-QzyPubVcbSqt5nd5JBoHD9xaJ11i_fXVrmsv7TUk1PEalSXWxjOr2kMRLbBoCKZ_2dCFaiZoV22Cc36EHK7KTL0K1FdhOEaWJSlNzUh7uzlvswPMdbe94yhZGjMgcaKLvuc0o-WPknmNup_zqVdCr74OkBfVzxhoQv2jJ-Q5r-YrUZgnWLVRZueu87g2JrFqf8muxD88sK-EApeH-OtLC_a-m_Af-cmdw7t_skDyr8h3RQ4C0Fixr4V8l8o7MRq-zQwLJhlNn-7F5pu4kIHD_7xkbvf3h5hjItnjcd19I4Ie3fCXteAa3zVGhr1rgle7bpYOhhI555OnuMe5wa89k9lJhbn_hhY7H3av9dBwg

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 1542 2 KB
2 KB 144ms
74ms Script
text/html 35.178.131.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=63405700042710504444994012371007&nw=1
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.131.157 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-131-157.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5498f3a94e08c46f6a4ac769dd56845b3f551093f92bcec73797c9ba0d72e70b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:43 GMT
last-modified: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 30 Jun 2023 09:44:43 GMT

GET
H/1.1

200
OK

inv.gif
img.tradedoubler.com/images/ Frame 1542
Redirect Chain

https://impfr.tradedoubler.com/imp?type(inv)g(24495172)a(1565155)epi(63405700042710504444994012371007)830393302
https://img.tradedoubler.com/images/inv.gif

43 B
644 B

111ms
9ms

Image
image/gif

13.224.189.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.tradedoubler.com/images/inv.gif

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Server

13.224.189.92 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-92.fra2.r.cloudfront.net

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Sun, 25 Jun 2023 01:15:09 GMT
Via: 1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA2-C1
Age: 462514
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 19 Nov 2004 15:35:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: wsG4OmqHThFmAA9oW9VypJaJVvAmuZKJOlqKegh9QRH2bUEig_jLcw==

Redirect headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
location: https://img.tradedoubler.com/images/inv.gif
access-control-allow-origin: *
content-type: text/html; charset=ISO-8859-1
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248

GET
H2

200

activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879 Show response
5994599.fls.doubleclick.net/ Frame 9C1A
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879?

391 B
324 B

55ms
54ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879?

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

98f346c0126969ef02bcd048939909be7f0e62b26d71a3711ecd1cc98c2ab91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:43 GMT
expires: Fri, 30 Jun 2023 09:43:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame B3E9 7 KB
2 KB 42ms
13ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 249c591e794b30b56721fa25d8ffae0b649f7746d638621b00dfa15d78e1eec0

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2106
Content-Type: text/html; charset=utf-8
Date: Fri, 30 Jun 2023 09:43:43 GMT
Expires: Fri, 30 Jun 2023 10:43:43 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C6F1 260 KB
88 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6dc6a7fff94450a4b54790d51005a6364e0bc5831f427d7cadbbfbe033729c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBDF 0
20 B 49ms
48ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bx84hzqOeZLiyKeixx_APk5a_eAAAAAA4AeAEAg&bg=!HB-lH0vNAAb90kgr3dI7ADkAdvg8WnvzlnQX_ffNEKUxcquteFDHrsx8NpOfUC12oB5f2G7DNetPhq3bXSMr9uSH4iemASfdL2oCAAAA91IAAAADaAEHmQNRFSpgXqgpN7Wvc71tfsH7YnkjIj_fZNZ71gbX_UUkUNkvHWCx2irugtmZtmukRBmfAgr4Zm4qkMPNL8OKfzcKXZTq4OvC5KddH1Jq8oQK_saS8eyp5TP1hWOkFLgjdrdACyjSF0QbY4BZXRK_b1fFbHd7IYEE3wd2F2lZtAoMgaKBhiC67eZAxnHv_Yn3LCXMSftsSzib8ntkOPxxkkf7b2GSlhh9W4zrDnqcEKW6qhrgbkem0flq73Jv8nZv8R7Ns9ZU2mLEuX4VxsJsYPjfkfZqh9xibmWofJ9ZvV-qDwKah8qKSTSy2C6xITD_G1Tc9BRVQKFI1T96jVts8Le8sOnPce0xZKQhB8-QKuBrdCq5mZZNu1SywSsMrvc6Z73C93cTI3vEDePg4K3R29pkRO1gbrk4SubncbY5bn1WS41yYdHI7zt-9JuJYgiZB7jw-qHetaLSvZCxuJGHsYVsgH1wZMyGa41SNLabBJV9LlmVJ7HQXMl0CUo-30dUzpdfiEAZRKdZGElXzLzoZXcMa20ptQmlbm51jGEvr_Mjsm9748-KLIE3Adbuml_paSDQq1B-FA19L7-Ppp5k8NO294AX8PauIKXhEB73V6Ci7Pk0mFnE-KUw445cT99hHHLMXDPYd2zDVrt3CQkJIe-PCzoTTSD1_xSzq0VHS7hde4ENoScJua654phr4UR0OKSboL3qSl7cwtnblQ1AH5zTaQLtMTFdemnozZHvk8tz2W9rbiY8SQQeLN2H5RNudTcnRBC8lrHqSoFZDuyVCakxvH33fLy2aJ3zWou8V4fZAkd4aknwfsJL3y_Xfe75Fw8Rm_UsJlzMNoI2_86QRbEBLGTP8FRyHL6lepX2KrAPVH3AfFjgmTYRvwBPKKCLfjVJczOBdQQUlWMM_AlYfCJU4IHHL2sAY_2nDgv_qHSR2uoCA3mxyx3_5Waw2d_fYwYeMWIxfw_cVQeQVXBGiOamUM8tB1nsoNl-32QZQmgh9mC6eU9OvN7qJOjD_J_lN57-CiUmfOoL8M0jap_wPohrlgGyhEcDpAzV3q4ZJh4VlcoS1gxTf_6tB4n0Lva_Hh22V_xoOZJWs3-RxRf8CZZVhC_mtEi_q57LO9nRzZlOMZyZ

Requested by

Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1542 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ac7043d2624911225b2a52be90a4aee05599f5d53546cd657460c2b8088db25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame B3E9 5 KB
1 KB 50ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 30 Jun 2023 09:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 08:51:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 30 Jun 2023 09:43:43 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B3E9 16 KB
16 KB 45ms
20ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 22a1f8bc1f508e20114bf596bcdf203607792080d2d452a1767847ee4fd53ebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16230
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B3E9 16 KB
16 KB 39ms
13ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 41afe11a6eb728d172072550751fafe6a7553a828c63aeb5cbd33470c1bba0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16512
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame B3E9 14 KB
14 KB 41ms
14ms Image
image/png 88.99.219.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/23333/creativesup/WW-Native-1200x627.jpeg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.219.174 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.174.219.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 74d6f246dcbc4e2c027e12ed66d59b339d9aec283a66ec64083928c560e9e8bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 14250
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 248ms
248ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0RyTa,pingTime:-10,time:521,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688118223643%7C%7Cf48481003958c3b6f915f93752b74580%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C77da4e9379107217e9473886a975e434%7C%7C0e32796589841cf3940c20f2217acd72%7C%7Caec95525517853a2c99b630775425db4%7C%7Cad2b3d54b72735b81e71a99ca7acdddf%7C%7Cdad7af5cbaf695419dfd748f01610b8c%7C%7C1663701684%7D
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 9666 43 B
216 B 235ms
235ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=5fec913e-2fe8-9e82-9970-64ab76a6acfd&tv=%7Bc:h0RyTw,pingTime:-10,time:589,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS4xOTggU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1688118223666%7C%7Cf3ba10fe0b64afbb8307a604fbd5f59d%7C%7Cdc0a08e416cd7f8471c71ad711523ca3%7C%7C1ff4d05a28b129fd6178dac0b04ea2f6%7C%7C65da20647d5e59276cf16cf8cb251446%7C%7C480d8a406490adb9f444e970f85a238e%7C%7Ce6100a7ccc52544aab411518eb4721aa%7C%7C8c5c2df95636b90eaac8f93fd6fbcabc%7C%7C1663701684%7D
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame B3E9 0
150 B 42ms
14ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=63405700042710504444994012371007&a=f8617af9&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:43 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879
adservice.google.com/ddm/fls/z/ Frame 9C1A 42 B
263 B 61ms
60ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPmYu7ja6v8CFdCEsgodzUAB4Q;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7036370925845.879?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B3E9 14 KB
15 KB 41ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 02:18:56 GMT
x-content-type-options: nosniff
age: 458687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 02:18:56 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame B3E9 15 KB
15 KB 39ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90007.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 18:50:39 GMT
x-content-type-options: nosniff
age: 312784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jun 2024 18:50:39 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 1542 85 KB
31 KB 45ms
9ms Script
text/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=63405700042710504444994012371007&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 12:41:10 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 17:26:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 75754
etag: W/"876c293e6c37046ecb0c11ce2e276942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: cUPYLBiCntr_r4G8BMxeoBCNV6q58oEnRG1tVQw0yqVWdIheaZDL8w==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame 1542 85 B
437 B 40ms
9ms Image
image/gif 99.86.4.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1688118523&Signature=XNhD3HwMtmbfinTrleKuQL7lNSqLWJGxClAUWmwXmBBp6ltJvT2njvqai-bmD81BaD9L0~PG9sQns-ApjNvLAII2oe8ha8Co6GQVLlxpPr1tadlvGF~kXb6MRs4EJK9q6ECG4MrpVxTj3PGnIgglw8DBH3Y29m2LmVNKubnXLQQLd36eXwe3nfo-4U0bFqbe4mDuClQo~4goO2bGTILrkE0LWAMls9KDhjAkHi2wSRrJQYC3VSRhJPVWOaKs6jGfyjh8k4HK448iN6TZFgIsnIyl4gQu7lOlFmQe14y7dZWeg7bCI5OBlFJ4EMYqtNRDK5zwAzoJpZMkhvGvTpyUvA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: 36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
URL: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-36.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 30 Jun 2023 00:00:24 GMT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 35002
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: 3opXToPg4sZgqd1lvzkM24wD52v9TQMUIl5E_4k2DVeFUPHADEZDcw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B571 42 B
64 B 71ms
48ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7qFKOHUFjSILhiPL-MpZbZfDzBbQOGKAckgvp892kWP_PwE_Xk2gY9RS5RDfl7hHcbQbr9ZxaVUgjBLgSEMD6DfefGk0xR2i4CGjOxif4Drpsd_7XJ5BDvRET1pFPhYxqiaf1KXsNVXM9&sai=AMfl-YR7rk1GHq3lYpM5R50RXLWb6JHmyM72xGxTpevFzHX1gCaDH9GvzZZN7tgQ0OaPHkoQ6sibZdn_piAlyTANsGX3qU52gi5lKK12H5tell9qdLiUIQg7z7DdoKyZ09BeAG-5WoKhzGBEti8NOg&sig=Cg0ArKJSzPDA-d7WRayOEAE&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&id=lidar2&mcvt=1000&p=696,436,786,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3644920350&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688118222276&rpt=631&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 67ms
66ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95b9dd0aa063096c1d5fe222f124650d734422f47e4b165c8d2ebd3b3b5b148c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11275
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js?cb=31075743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 09:43:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 76FC 13 KB
5 KB 11ms
8ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 6506
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 07:55:18 GMT
expires: Sat, 29 Jun 2024 07:55:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8101 783 B
920 B 20ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c982892995c5a1cfa4c820db43462f17901909b56fe2d6de891c8b9c4a9af70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bdF1Y9AZqPxo2GpcAV5TUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paspor.siap-online.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-bdF1Y9AZqPxo2GpcAV5TUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 30 Jun 2023 09:43:44 GMT
expires: Fri, 30 Jun 2023 09:43:44 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 76FC 38 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 20:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14768
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 28 Jun 2024 20:54:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8101 0
0 43ms
43ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=723760536486786&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 76FC 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gB0cLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 09:43:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 175ms
174ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0Rz2W,pingTime:1,time:1127,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1001,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D,%7Bsl:i,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:261,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sis:219%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:44 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame B571 43 B
216 B 172ms
171ms Image
image/gif 2600:1f13:800:7781:1172:d4f8:179f:23b5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1484042&asId=568c34a1-c3fb-726b-e9a6-9d0fc0eada8f&tv=%7Bc:h0Rz2W,pingTime:1,time:1128,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:126%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:126,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D,%7Bsl:i,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:261,fm:tIEI1Jr+11%7C12%7C13%7C141%7C142%7C151.990511-61634100%7C1511%7C1512%7C1513%7C1514%7C16*.1484042-72188329%7C161%7C162%7C163,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sis:219,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7781:1172:d4f8:179f:23b5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:44 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 92ms
22ms Preflight 18.168.234.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-168-234-149.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 30 Jun 2023 09:43:44 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 1542 16 B
210 B 69ms
69ms Fetch
application/json 18.168.234.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.168.234.149 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-168-234-149.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Jun 2023 09:43:44 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=723760536486786&bg=!xMelx5PNAAb90kgr3dI7ADkAdvg8WhmX8HXf3pED-Sn5VjqcGdTwS8QuZmpkybT_j6ONCnZe8y7vFEMzwONM5-pNoqE3EK1oLNYCAAAAZ1IAAAADaAEHmQKlMqSapWTOvje8u3Wi_Ohy9De-Fl5hkCryYbuArBWKlG7r_hUKEwAo3uG-owZZiuoyGKicXzxu0nP6B_-Wqe0Pl_OKR_DofEF6eErdXIu7hmRKI6h3x294eIrhlSGbYUyp4k9wJdURMT8JNgUsiBlxpWPnXnLLcI4067u-wa64hWVGqET9TafqLjb_5pCGAbL-Nm5rttnHKyriXp4iaC8VRMWFUB5qJebxOM3D7xjZ59h_Fum6hJOB3KEW8Z4NiZUYMeWSpXdG2uQiKWFkzMMAvTl9eOlA6R73eCPIV193dKbknIie6mck72evfzfkqDpHgzaJhwDuTydbtkRjaUdMblcPhRb3jtckKtgtta4ZjeVlq8omjZspwGKjvu-NBziQQMhJ3S6Oa6Ts-_v06vYKnrL0nF9GD1Wu8w6Bs2xuLp_YOsv8ztkEHHjWLltWuL_3Ko4nFbtiXeKQrBQPE-DsBBTecxD1YKgprdz0c7h-Eh7rnMW4EJo518bxqzBCT3eZfUBENW_wWgEfexnZZEM8343dxBW3nKMCf1l1CW7qBCZfABEklQxa-yrwn7WnDHld-ohG1zRWVOHFSvPcyMlwaZ8GJ0vZGwFR01MCAK-5VNMClJe4jNUTxU2P0GOCHiaVZDoNYaqe4VZFImEE4JH94jShjxp4C-9Idw1K9ETr7zwrd2dVCTMzxy44wzLZYXfR4dBo1ZDumVcO86H2LIlony8KYyVsufFDGHqqtRJTBLkXfb46qe5I674tKx8aOc398bj9bEgMlLLTW-YizkOMm0qiAyJZa0zZ44sq-Owuqzqisz3Q1AyFbL0p0IwE0yZgxlt_ml0VNJwp6kXtR7dBTWxnwjjA7E9_AJ57-ukATqGF3iSpHXB-nSzpdpPWo10yPNJ6Fzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paspor.siap-online.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1542 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDZf_2Gj5OAnfHv5txRneI8B4vqMlKENw3ZKst9q20h3nhw0NwE7Zczp3ZW9HUY7PpU6aC_ov3yZ26ky3nRiPeok4DkepgWdol8kAVJls5TB_S6D0L1CyYnfnhQYTUco8&sai=AMfl-YRnRM134_f_Q3LMWB_gIavOsoWmNBEiIowlmjFm7ua_7uSFMWHaco5Dk0G6k60O2Ol_w2aNwBJt1oTC2eeiALxUibqHRuHD-ytMtQHxEWYxiw5NJ-LuN4Tq9cOPWOnt8864zhuT7WA3iZV0bA&sig=Cg0ArKJSzD1MwDV1S23lEAE&cid=CAQSTABygQiDiuUMLGsXe6sLdX6590m_H1d9mGznZj17CGw2aylYEJEB3KkNZo15_GNAU7Hzd7DM0zcokLm6P0d82Pf8esPcLv1eVm-6R5AYAQ&id=lidar2&mcvt=1000&p=176,896,456,1232&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3987401759&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688118222259&rpt=1478&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1542 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4771633690432&version=m202301230201&ct=77&x=1&cor=3818250495698807300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame B3E9 0
150 B 38ms
15ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=63405700042710504444994012371007&a=f8617af9&vb=v
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=63405700042710504444994012371007&a=80321ffb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 30 Jun 2023 09:43:44 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B571 0
20 B 43ms
43ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1679797518013&version=m202301230201&ct=76&x=1&cor=13962128101455905000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9666 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7395034308727&version=m202301230201&ct=76&x=1&cor=889567813279080000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jun 2023 09:43:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
paspor.siap-online.com/cas	1969-12-31 23:59:59	Name: JSESSIONID Value: F8AAE95CDA221FC18C19C57285ADE78B
padamu.siap.web.id/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8jtj5jfi940lebimi51ga12ame
.paspor.siap-online.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: imgumh1mah1l56cb2f2mcmdr9u
.paspor.siap-online.com/	1970-01-20 22:31:18	Name: __utma Value: 80962070.486454162.1688118222.1688118222.1688118222.1
.paspor.siap-online.com/	1969-12-31 23:59:59	Name: __utmc Value: 80962070
.paspor.siap-online.com/	1970-01-20 17:18:06	Name: __utmz Value: 80962070.1688118222.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.paspor.siap-online.com/	1970-01-20 12:55:18	Name: __utmt Value: 1
.paspor.siap-online.com/	1970-01-20 12:55:20	Name: __utmb Value: 80962070.1.10.1688118222
.siap-online.com/	1970-01-20 12:55:18	Name: lotame_domain_check Value: siap-online.com
.criteo.com/	1970-01-20 22:16:54	Name: uid Value: 558e0bbf-7a0e-4265-b96e-bd3857f2effd
.openx.net/	1970-01-20 21:40:54	Name: i Value: e30bd19d-c8d6-4168-89b4-0ad4c62dde0f\|1688118221
.siap-online.com/	1970-01-20 22:16:54	Name: cto_bundle Value: RcRGsV9mZE5OMm5DV0N6VmlMUXd6SndBUng5RVA2RjNPWHU3ZU93USUyQndUOWQ4R3RtdW02TlR6TlZTZTBqSHk3TmlUOFAlMkJaNkRVaUFsZEJKcFkweGhZSVdiYkJlR1JnRTRqSklmMXZneHJUdWhZemp1MTFybU9jdkRzZUFmNGZPWWdTbyUyQkpLVXZwWG53OFd2Z0pnTXk2dmJUVmclM0QlM0Q
.siap-online.com/	1970-01-20 22:16:54	Name: __gads Value: ID=9dbbfd0718525d81:T=1688118221:RT=1688118221:S=ALNI_Ma5olFFGT1kP_m97MishtnMTSrEFQ
.siap-online.com/	1970-01-20 22:16:54	Name: __gpi Value: UID=00000c35724fd1da:T=1688118221:RT=1688118221:S=ALNI_MaBMIgSkk_cC8u03mjg840bxDC2vA
.doubleclick.net/	1970-01-20 22:16:54	Name: IDE Value: AHWqTUmiwGMoKhUhtXaG8znx0VYudzqFN9cKP9U9BdzG52cMRtm_Nbtnav_nTIiK
.casalemedia.com/	1970-01-20 21:40:54	Name: CMID Value: ZJ6jztlvb-D2lgWjwTDK8gAA
.casalemedia.com/	1970-01-20 15:04:54	Name: CMPS Value: 3293
.casalemedia.com/	1970-01-20 15:04:54	Name: CMPRO Value: 3293
.adnxs.com/	1970-01-20 15:04:54	Name: uuid2 Value: 8613974163967651492
.adnxs.com/	1970-01-20 15:04:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%7x9I8y!@wnfH8K6pQK`!5=E<L5?%Lz0uCB7ds`WRY0JsdrdFP2b_8FAU(!+CZF$xbpRzqF1`b_QE3PZ?
.redintelligence.net/	1970-01-20 15:04:54	Name: 8lcfmzhxc8d6_uid Value: 61991bba88538925
.office-partner.de/	1970-01-20 22:31:18	Name: source Value: {"webgains_webgains":{"timestamp":1688118223547,"clickCookie":false}}
.tradedoubler.com/	1970-01-20 21:40:54	Name: PI Value: 1z11z1z11oz1QpkNgz7ab3y1y21FmOy1FRDyyy7WPTyvUky2LIV5GyyF2%79HekMEhjJo%78oFqhf_9gUBEs4qV0E2YmaKXD5ukWLHoUpwfC%78QHsA%7ay
.tradedoubler.com/	1970-01-20 21:40:54	Name: UI Value: 1z11zz11ozKEJpkztbDyP9kh

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://paspor.siap-online.com/cas/login Message: Mixed Content: The page at 'https://paspor.siap-online.com/cas/login' was loaded over HTTPS, but requested an insecure element 'http://files.wacana.siap.web.id/content/uploads/2020/01/WhatsApp-Image-2020-01-18-at-23.13.26-e1579367220850.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://paspor.siap-online.com/cas/login(Line 193) Message: Mixed Content: The page at 'https://paspor.siap-online.com/cas/login' was loaded over HTTPS, but requested an insecure element 'http://files.wacana.siap.web.id/content/uploads/2020/01/WhatsApp-Image-2020-01-18-at-23.13.26-e1579367220850.jpeg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://files.wacana.siap.web.id/content/uploads/2020/01/WhatsApp-Image-2020-01-18-at-23.13.26-e1579367220850.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

36ee4d0b9beddfca6b58ade6ff7bbccf.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
esp.rtbhouse.com
files.wacana.siap.web.id
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
id5-sync.com
img.tradedoubler.com
impfr.tradedoubler.com
invstatic101.creativecdn.com
maxcdn.bootstrapcdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
padamu.siap.web.id
pagead2.googlesyndication.com
paspor.siap-online.com
pv.medialead.de
s0.2mdn.net
securepubads.g.doubleclick.net
siap-sekolah.s3-ap-southeast-1.amazonaws.com
ssl.google-analytics.com
static.adsafeprotected.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
track.webgains.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
13.224.189.92
138.201.63.157
142.250.185.98
142.250.186.38
145.239.193.130
158.178.225.114
162.19.138.119
172.217.16.194
178.250.7.13
18.168.234.149
18.66.147.52
185.80.39.216
185.89.210.141
2600:1f13:800:7781:1172:d4f8:179f:23b5
2600:9000:223f:1200:8:48e:53c0:93a1
2600:9000:2250:4200:a:e047:753:be1
2606:4700:10::6816:3456
2606:4700::6812:bcf
2a00:1450:4001:800::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:813::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42:600::485
2a0b:4d07:102::1
34.102.146.192
34.120.135.53
34.250.56.160
34.96.70.87
34.98.64.218
35.178.131.157
35.186.231.97
35.190.39.111
36.89.160.232
36.92.173.206
52.219.133.39
52.48.64.133
65.9.66.97
88.99.219.174
99.86.4.36
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
06c1bb59625a7d88baf1946f3dea8fc47fc8488d559d160a7f71a33094c127f3
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11bf63090379bf8e5bffb600ff56bde5f834fe39bebb155ee888f30e121b4dac
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15f3234ad446286076db5eb09790fc77556c885552df2fc4e1f44b0fb928c169
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
213da25a290b5e782fb6fb8e0331db8fb350341e4749662111db080e8dc002c0
228b6f8c9656d31bc9e0e7721f53d3a7867a767540915c6aaf27bf8da7933f92
22a1f8bc1f508e20114bf596bcdf203607792080d2d452a1767847ee4fd53ebd
249c591e794b30b56721fa25d8ffae0b649f7746d638621b00dfa15d78e1eec0
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
292532d44ba2bbf15d48b2bf6ab6388bc21155a71655e38533de8cf606c02fa7
2de293d583a6ec122882e9bb5f064df8058d79bda07d192e9d0cb5d99eed9a64
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
355cf3b8525dd8b18e615de71ee9226e347bd4975d9b76778ffaf2a43d5b8e08
35b21520d8731d44c9f6f53f5338711e8c3aff2e21250d8375531709feac83ae
37dfe6ecdd39aeec2759c8084e6c569883a7c16abedebb680331495f2a736666
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
41afe11a6eb728d172072550751fafe6a7553a828c63aeb5cbd33470c1bba0f6
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
45226a2bb1a55ea4984366e1e2af87ef8c7c56b381e9e72f5e5d5785e169c2bf
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
484eef6459e8a58c19115f287339366d82a7c2beeb7a35c7e16789b592515aec
485b7554ed0dffe4d13bfeb661cd96daaed0d0676b8b75fcef24c6c8446ef3fc
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510e21325dc04a49e11b960b7eb05c89fab87b58e9dfededb0085da40d618a20
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5498f3a94e08c46f6a4ac769dd56845b3f551093f92bcec73797c9ba0d72e70b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5728239d6302f134e425b17d7758bc6f4206b4acfc035db7f8625c2f1bbdea5e
597e4ec7ca2b12f9150e02e04096849d6b06061b09c2d131f1d2225871eedfdf
5ac7043d2624911225b2a52be90a4aee05599f5d53546cd657460c2b8088db25
5e5a524384b73d1fb8099fd189ee5f3511584bd4ba372fe99c6a1b9f7f062d41
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66ea546da1dad6411e89740f7c61ca450849045d436b42423e2c162b54622727
674c43d36f3380fcfc51d8677f7f016c8b74321d27f0dca6b4a73ee2b72284b0
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6bbd711477df4fa201aa37e2be166eb5e4ff708467f284b074bfe39acdcdae20
6dc6a7fff94450a4b54790d51005a6364e0bc5831f427d7cadbbfbe033729c36
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
74d6f246dcbc4e2c027e12ed66d59b339d9aec283a66ec64083928c560e9e8bf
74e52056417e27cda492afbc30cde6b7877e50153188bfdb20d776b033ca5cf9
750327caf85d3922012f1855d227538cb4ddf4cb2f382510e36b562d848e3330
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7df9c79b69dac7eb60962fa843afaabcbf31482db9fdfd346ecb8ca1b7cc8b0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
8c982892995c5a1cfa4c820db43462f17901909b56fe2d6de891c8b9c4a9af70
9282b4bd913dc38864f4d19e9c8a7e8a6b144bdf714019c19d8683dc28481406
95b9dd0aa063096c1d5fe222f124650d734422f47e4b165c8d2ebd3b3b5b148c
98f346c0126969ef02bcd048939909be7f0e62b26d71a3711ecd1cc98c2ab91d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a31f36feca1ee301f0edce1d69a3375f5f741e7c89b293ef719f7d0a6d682649
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a571c41963587015cc65ac30871f03643f6b2b7baf760a6dcec49c6c3ab0fc78
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a7f5f15481f2cf35cac0ddde3e3b8186ddc40ad8135d8df3656f0c04a4a25e7e
aa3196c4857cdd7a30e6b0b5459a909d7900b1e411fbedf0aacf107854793e17
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
ae7959f94301a10a4f9e2badc8af0dc38d6f625a820c5dd48e28de69e7b63704
b127a78c7956713733ae2090fcb4974be79c1c2e33718edce5a5e1e72e011425
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b58b6ee63b0b7e4d1be94c77901866fddf5beba19a58325cd423385d6c7c42a0
ba44447a78ecff290cafed5af0b860b48974ee09ce4677c29625ae7b560ec619
ba9e143db781b645a27217f7205e9b2e51ba525c0458ad50e3868d695cc27fa3
be289deeec23907337aa1bb44dfe993bcfa92d7a283eee4fdd4cb48f7ceaefe0
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c6ceb386e06452ce7f063b7e198c728170e34d72fd9c0bf8cb1d3f7feb50f5e1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
ca768b18dac3782735460183fd7f60e050a6dae5aa1736ac30ca4e0a27dcf175
ce6b58e0cf16b89d3f9071f1af334add08d5e15962e5fbc78aee5f49f77722cb
cec4bb9b95bf32c6b48cc3b74276f22284c9be2bb12c0753f10f23e02e23dac9
d302f0e84f9f07bedf5d5f25b2732ebb36437cbfaf20fa197b6cf3f051e69e11
d31b6115a7f86a8b60679cd71877b535b7fa10a64a2db52402827af0768512c8
d7ad15fab9e2530dbac57278099c226d46432d278444132479c267d08f6bf916
db18e4270aec7b2f9ac1aff626500be086a7334d48d76a8592314b25cde22503
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f130f4db7115f1b41912386aa95b56d8218900619d4fc7c9519ec3228d8f393b
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f70aaeb66ac07cae5c268be03e7297870a6eeadc58d208423b686fed398cb523
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f9be8fdd0f7842db504a80dda172e253f353ceb9fb1df1f3998ee281239c91de
f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

paspor.siap-online.com Open in urlscan Pro 158.178.225.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

90 %HTTPS

45 %IPv6

33 Domains

52 Subdomains

50 IPs

9 Countries

2019 kBTransfer

5291 kBSize

24 Cookies

42 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paspor.siap-online.com Open in urlscan Pro
158.178.225.114 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

90 %
HTTPS

45 %
IPv6

33
Domains

52
Subdomains

50
IPs

9
Countries

2019 kB
Transfer

5291 kB
Size

24
Cookies

184 HTTP transactions
3 data transactions