online-nachrichten.eu Open in urlscan Pro
79.172.252.23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://online-nachrichten.eu/
Submission: On October 30 via automatic, source rescanner (October 30th 2021, 2:05:12 am UTC) — Scanned from DE

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 19 domains to perform 76 HTTP transactions. The main IP is 79.172.252.23, located in Kisdobsza, Hungary and belongs to DENINET-HU-AS, HU. The main domain is online-nachrichten.eu.
TLS certificate: Issued by R3 on October 29th 2021. Valid for: 3 months.

This is the only time online-nachrichten.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	79.172.252.23 79.172.252.23	29278 (DENINET-H...) (DENINET-HU-AS)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	178.19.70.100 178.19.70.100	29551 (HGCOMP-ASN) (HGCOMP-ASN)
1	194.107.62.39 194.107.62.39	5403 (AS5403) (AS5403)
2	2.18.232.180 2.18.232.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:cb57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.100.153.88 95.100.153.88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 1	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
76	19

18 79.172.252.23 (Kisdobsza, Hungary)

ASN29278 (DENINET-HU-AS, HU)
PTR: k25223.tarhely.eu

online-nachrichten.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.19.70.100 (Germany)

ASN29551 (HGCOMP-ASN, DE)

static.kino.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.107.62.39 (Austria)

ASN5403 (AS5403, AT)

www.wienerzeitung.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.180 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-180.deploy.static.akamaitechnologies.com

img.blick.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cb57 (United States)

ASN13335 (CLOUDFLARENET, US)

image.kurier.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.153.88 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-88.deploy.static.akamaitechnologies.com

image.gala.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.136.236 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	384 KB
18	online-nachrichten.eu online-nachrichten.eu	490 KB
12	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	82 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
3	gstatic.com www.gstatic.com	13 KB
3	google.de adservice.google.de	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	760 B
2	rlcdn.com 2 redirects id.rlcdn.com	886 B
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	blick.ch img.blick.ch	69 KB
1	agkn.com 1 redirects d.agkn.com	761 B
1	quantserve.com cms.quantserve.com	463 B
1	gala.de image.gala.de	93 KB
1	kurier.at image.kurier.at	3 MB
1	wienerzeitung.at www.wienerzeitung.at	50 KB
1	kino.de static.kino.de	179 KB
1	googleadservices.com partner.googleadservices.com	643 B
76	19

	Domain	Requested by
18	online-nachrichten.eu	online-nachrichten.eu
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	online-nachrichten.eu pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	img.blick.ch	online-nachrichten.eu
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	image.gala.de	online-nachrichten.eu
1	image.kurier.at	online-nachrichten.eu
1	www.wienerzeitung.at	online-nachrichten.eu
1	static.kino.de	online-nachrichten.eu
1	partner.googleadservices.com	pagead2.googlesyndication.com
76	22

This site contains links to these domains. Also see Links.

Domain
themezee.com
www.siteguarding.com

Subject Issuer	Validity	Valid
www.web--news.news--site.com R3	`2021-10-29` - `2022-01-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.kino.de RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-10-29` - `2022-10-29`	a year	crt.sh
www.wienerzeitung.at Sectigo RSA Extended Validation Secure Server CA	`2020-08-07` - `2022-09-27`	2 years	crt.sh
blick.ch DigiCert SHA2 Secure Server CA	`2021-10-24` - `2022-10-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
www.guj.digital R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://online-nachrichten.eu/
Frame ID: 0741260BEEA34DAB7F1CA2DEF2B69B99
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html
Frame ID: ED15B2E819D54D65C3C0FCDB7ADC3C06
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&h=250&slotname=9754091754&adk=3623683073&adf=681444098&pi=t.ma~as.9754091754&w=319&fwrn=4&fwrnh=100&lmt=1635559507&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fonline-nachrichten.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507018&bpp=4&bdt=1266&idt=72&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=7771049880235&frm=20&pv=2&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1051&ady=189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z46Ysbzn2a&p=https%3A//online-nachrichten.eu&dtd=84
Frame ID: 6512A842C7E41C5C0FA4D8826AF581F2
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E83336F3AE79D08B916A665C958A2299
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&adk=1812271804&adf=3025194257&lmt=1635559507&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fonline-nachrichten.eu%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507642&bpp=1&bdt=1890&idt=1&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf2c131cd78c3c38-2226ab0805cb00ed%3AT%3D1635559507%3ART%3D1635559507%3AS%3DALNI_MaMhc74E18WCzQB9s3Moh0rCBrx3Q&prev_fmts=319x250&nras=1&correlator=7771049880235&frm=20&pv=1&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=7
Frame ID: A47BDDA7241A575BEE11F4FBC5768066
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Frame ID: CCC8011E1FE3B56741CA9436898D6AAD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 820DD80DD8C95DF4A38545F7AC84C463
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 322080D18EA5E76A95DB81801EB8A826
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 57F825DAD94E3EA8EEDB523E6404DB63
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: FB30E04CAF7897060B057B88BDD5E208
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78CCAA4AB6FD077483D47AF08D1CD7E9
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js
Frame ID: 3E94DE5CA39F041A77A08A717CCEBBF5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Nachrichten

Page Statistics

76
Requests

93 %
HTTPS

50 %
IPv6

19
Domains

22
Subdomains

19
IPs

5
Countries

4476 kB
Transfer

5329 kB
Size

19
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://themezee.com/
Title: ThemeZee

Search URL Search Domain Scan URL

URL: https://www.siteguarding.com/en/
Title: GEO protection plugin

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 68

https://d.agkn.com/pixel/2175/?google_gid=CAESEOjqnrcJYFXS_yzXo0a2xyI&google_cver=1&google_push=AYg5qPL8g-lNElTB4cj_dLwud_y5LmXB2wPsf8PqF7UKc6H66Et_hynsYPUutmffIkKz6n6cy7SCRQhl8xNcmuGaO_6JgqpmxFFs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL8g-lNElTB4cj_dLwud_y5LmXB2wPsf8PqF7UKc6H66Et_hynsYPUutmffIkKz6n6cy7SCRQhl8xNcmuGaO_6JgqpmxFFs&google_hm=Q0FFU0VPanFucmNKWUZYU195elhvMGEyeHlJ

Request Chain 69

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPILsIgNuZMuFfFG7EbdsVTV9KKq9OOHj4U9D8uVzoKv5BShArdSXPcK1IFoyJPiCLcevTsxT46HZansACiJe2NUal1rNtc1&google_gid=CAESEHxA-BfAH9i5KEx0u9agW_8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTQ8osGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJTHNJZ051Wk11RmZGRzdFYmRzVlRWOUtLcTlPT0hqNFU5RDh1VnpvS3Y1QlNoQXJkU1hQY0sxSUZveUpQaUNMY2V2VHN4VDQ2SFphbnNBQ2lKZTJOVWFsMXJOdGMx HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbm91akd4NmVDdlRwWWkzVVZMVUFiOVNjM3owNDAwTGNKak9VeUh6YzNwMA==&google_push

Request Chain 70

https://rtb.openx.net/sync/dds?google_gid=CAESEGk_yKv3M5byo3dmvHugJOA&google_cver=1&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEGk_yKv3M5byo3dmvHugJOA&google_cver=1&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E&google_hm=9FMVzqMIzJcbjOgmBlD35g==

Request Chain 71

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ8c2c-FiJ9saPpOQvx1bNA&google_cver=1&google_push=AYg5qPJDDia2oxqf9QSbJ6Xr9QK2ZDlBVMgbO75PxN1TOoyqwO7DBlII5KOgcStZREERwe1VCoNosJJPZb_nIr3R9K5zRbvTitm0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ8c2c-FiJ9saPpOQvx1bNA&google_cver=1&google_push=AYg5qPJDDia2oxqf9QSbJ6Xr9QK2ZDlBVMgbO75PxN1TOoyqwO7DBlII5KOgcStZREERwe1VCoNosJJPZb_nIr3R9K5zRbvTitm0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRx9byCXSh28z8tyjirMlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJDDia2oxqf9QSbJ6Xr9QK2ZDlBVMgbO75PxN1TOoyqwO7DBlII5KOgcStZREERwe1VCoNosJJPZb_nIr3R9K5zRbvTitm0

Request Chain 72

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_cver=1&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1

76 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
online-nachrichten.eu/ 75 KB
76 KB 3255ms
3173ms Document
text/html 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache / PHP/5.6.40
Resource Hash: b1b87379a90f71e87fac3b1ae0017d99d99458386af50e5bf3d4c025311234a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 30 Oct 2021 02:05:02 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Link: <https://online-nachrichten.eu/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
online-nachrichten.eu/wp-includes/js/ 14 KB
14 KB 172ms
28ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Thu, 04 Feb 2021 03:59:49 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 14229

GET
H/1.1 200
OK custom-fonts.css
online-nachrichten.eu/wp-content/themes/worldstar/assets/css/ 3 KB
3 KB 47ms
32ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 57363347820920b65974ffe9b25ac4ae39391a98b20e3fcfdc33ad0ef9598a06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:55 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2999

GET
H/1.1 200
OK style.min.css
online-nachrichten.eu/wp-includes/css/dist/block-library/ 57 KB
57 KB 71ms
28ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-includes/css/dist/block-library/style.min.css?ver=5.7.3
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Thu, 15 Apr 2021 03:24:28 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 58171

GET
H/1.1 200
OK mashsb.min.css
online-nachrichten.eu/wp-content/plugins/mashsharer/assets/css/ 50 KB
50 KB 74ms
31ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.8.0
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 916079cc6df11c53017bb1357534c9d0c19583159b1c5645dabf6070b84adcc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 13:50:38 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 51136

GET
H/1.1 200
OK templates.css
online-nachrichten.eu/wp-content/plugins/wp-rss-multi-importer/templates/ 9 KB
9 KB 74ms
30ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/plugins/wp-rss-multi-importer/templates/templates.css?ver=5.7.3
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 3288ddfc5fc07888231764e88fe713c0ae8110552db0d3c8565a2494cca18792

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Tue, 11 Oct 2016 19:30:36 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8978

GET
H/1.1 200
OK style.css
online-nachrichten.eu/wp-content/themes/worldstar/ 57 KB
57 KB 71ms
28ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/style.css?ver=1.6.7
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 5b987f1486deeec9756623c2b79bfcb6ce40cc2a852cdd738afc7b46386edb3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 58250

GET
H/1.1 200
OK genericons.css
online-nachrichten.eu/wp-content/themes/worldstar/assets/genericons/ 28 KB
28 KB 74ms
29ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/genericons/genericons.css?ver=3.4.1
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:56 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28266

GET
H/1.1 200
OK front.min.css
online-nachrichten.eu/wp-content/plugins/cookie-notice/css/ 5 KB
6 KB 103ms
29ms Stylesheet
text/css 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.7.3
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 13:36:48 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5480

GET
H/1.1 200
OK jquery.min.js Show response
online-nachrichten.eu/wp-includes/js/jquery/ 87 KB
88 KB 127ms
29ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sat, 16 Jan 2021 16:43:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 89496

GET
H/1.1 200
OK jquery-migrate.min.js Show response
online-nachrichten.eu/wp-includes/js/jquery/ 11 KB
11 KB 131ms
28ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sat, 16 Jan 2021 16:43:33 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11224

GET
H/1.1 200
OK mashsb.min.js Show response
online-nachrichten.eu/wp-content/plugins/mashsharer/assets/js/ 16 KB
16 KB 143ms
32ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.0
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: fa3c969639cf419ee66ff6ba52dbb8acd4dc86c4754b8e0f0ae8ef1c1e189fe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 13:50:38 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16187

GET
H/1.1 200
OK navigation.js Show response
online-nachrichten.eu/wp-content/themes/worldstar/assets/js/ 5 KB
5 KB 113ms
34ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/js/navigation.js?ver=20210324
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: f570ca3a83f8f9caa6288f00c802d83410987210f1b088cae1faaf6664c5a2e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5276

GET
H/1.1 200
OK front.min.js Show response
online-nachrichten.eu/wp-content/plugins/cookie-notice/js/ 8 KB
8 KB 29ms
28ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.1.4
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 13:36:48 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 8371

GET
H/1.1 200
OK open-sans-v15-latin-ext_latin-regular.woff2
online-nachrichten.eu/wp-content/themes/worldstar/assets/fonts/ 18 KB
19 KB 32ms
32ms Font
font/woff2 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/fonts/open-sans-v15-latin-ext_latin-regular.woff2
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b

Request headers

Referer: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Origin: https://online-nachrichten.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:55 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 18876

GET
H/1.1 200
OK oswald-v16-latin-ext_latin-regular.woff2
online-nachrichten.eu/wp-content/themes/worldstar/assets/fonts/ 22 KB
22 KB 29ms
28ms Font
font/woff2 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/fonts/oswald-v16-latin-ext_latin-regular.woff2
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 601e73774ff1f1abadf4377842963c119df9a0d82c4027d9375778c585faecd9

Request headers

Referer: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Origin: https://online-nachrichten.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:55 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22252

GET
H/1.1 200
OK open-sans-v15-latin-ext_latin-700.woff2
online-nachrichten.eu/wp-content/themes/worldstar/assets/fonts/ 19 KB
19 KB 30ms
29ms Font
font/woff2 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/fonts/open-sans-v15-latin-ext_latin-700.woff2
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356

Request headers

Referer: https://online-nachrichten.eu/wp-content/themes/worldstar/assets/css/custom-fonts.css?ver=20180413
Origin: https://online-nachrichten.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:05 GMT
Last-Modified: Sun, 26 Sep 2021 14:18:56 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 19504

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://online-nachrichten.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 64ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f6348af3d37a9e195cdbe27e76ab99dc4b7e844c6042107af5f76e41eee484e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51584
x-xss-protection: 0
server: cafe
etag: 11206383080602960133
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 02:05:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/ 269 KB
97 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8569926783297913&plah=online-nachrichten.eu

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a9a5bafa80bff7a29351962671bfafad98917892a6ae4830b45fc7aa4d11bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98743
x-xss-protection: 0
server: cafe
etag: 4242715592925228197
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 02:05:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/ Frame ED15 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 16:25:53 GMT
expires: Fri, 12 Nov 2021 16:25:53 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 34754
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 211 B
643 B 39ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=online-nachrichten.eu&callback=_gfp_s_&client=ca-pub-8569926783297913

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8569926783297913&plah=online-nachrichten.eu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

8a311e519659fa624740cff4eafc8ea12bc1df88595ce215fe166cfe17230871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online-nachrichten.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online-nachrichten.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6512 75 KB
28 KB 425ms
424ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&h=250&slotname=9754091754&adk=3623683073&adf=681444098&pi=t.ma~as.9754091754&w=319&fwrn=4&fwrnh=100&lmt=1635559507&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fonline-nachrichten.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507018&bpp=4&bdt=1266&idt=72&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=7771049880235&frm=20&pv=2&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1051&ady=189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z46Ysbzn2a&p=https%3A//online-nachrichten.eu&dtd=84

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e19c9d67ae1c18ed02b928c28aee56f5da82f94580c6819e1cdb63e71ed4cb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 30 Oct 2021 02:05:07 GMT
server: cafe
content-length: 27953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 30 Oct 2021 02:05:07 GMT
cache-control: private

GET
H2 200 SDS-1-rcm1200x0u.jpg
static.kino.de/wp-content/uploads/2021/10/ 178 KB
179 KB 191ms
21ms Image
image/jpeg 178.19.70.100
HGCOMP-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.kino.de/wp-content/uploads/2021/10/SDS-1-rcm1200x0u.jpg

Requested by

Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.19.70.100 , Germany, ASN29551 (HGCOMP-ASN, DE),

Reverse DNS

Software

nginx /

Resource Hash

c04b707cfa32d5dd192e148ba40d18d4bc039f7240da3d23bd6709d3121898cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Oct 2021 14:15:36 GMT
server: nginx
filer-source: a709311c77a36a56ded20a13357f12a2e4cbd04fd971d50fd8d690a63d738302
strict-transport-security: max-age=300; includeSubDomains;
filer-attr: W1sxMjAwLDE3MDBdLCJzaHV0dGxlLXYyIixbIkZSQS0xIl0sWyJGUkItMSJdXQ==
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=31536000, no-transform, immutable
accept-ranges: bytes
content-length: 182527
x-xss-protection: 1; mode=block

GET
H2 200 211028_1344_sparen2.jpg
www.wienerzeitung.at/_em_daten/_cache/image/1xURJYMHxM6mb_y9aWpB0lAyiV9dYDhNnguC9RDZriEGqq72JPEhg5W6crfIippk9_rphSndT1_CxGXH4HETngBkJETQ5lJTBVcmgEj9r9LyP-qwtJ3s8YCE9Kk6fs66RQmElQsZ4Zt7SiruRxFhYSJkD... 49 KB
50 KB 250ms
60ms Image
image/jpeg 194.107.62.39
AS5403

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wienerzeitung.at/_em_daten/_cache/image/1xURJYMHxM6mb_y9aWpB0lAyiV9dYDhNnguC9RDZriEGqq72JPEhg5W6crfIippk9_rphSndT1_CxGXH4HETngBkJETQ5lJTBVcmgEj9r9LyP-qwtJ3s8YCE9Kk6fs66RQmElQsZ4Zt7SiruRxFhYSJkDQxypmqd5xHZ58z_DBpNc/211028_1344_sparen2.jpg

Requested by

Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

194.107.62.39 , Austria, ASN5403 (AS5403, AT),

Reverse DNS

Software

Apache /

Resource Hash

c11c6ebc58969141eded1ae0d9cd27b2b37f95aa50723ce2b0d5984bc438e30e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
via: 1.1 varnish-v4
last-modified: Thu, 28 Oct 2021 11:44:49 GMT
server: Apache
age: 0
vary: X-Forwarded-Proto
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
x-varnish: 845746589
accept-ranges: bytes
access-control-allow-headers: *
front-end-https: on
x-xss-protection: 0
expires: Sat, 30 Oct 2021 02:15:07 GMT

GET
H2 200 16945116-v0-mourinho.jpg
img.blick.ch/incoming/ 42 KB
42 KB 142ms
47ms Image
image/webp 2.18.232.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.blick.ch/incoming/16945116-v0-mourinho.jpg?imwidth=1200&ratio=16_9&x=124&y=70&width=2609&height=1469
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-180.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: c9daf296a1d5cb5ad1f7c9ec8594fa6385704c7d66be48269fc1e1f4c349c441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
last-modified: Fri, 29 Oct 2021 10:10:32 GMT
server: Akamai Image Manager
etag: "a45e59f51f6478d1a5a57bcb7385145e:1635497081.763137"
content-type: image/webp
cache-control: private, no-transform, max-age=547489
content-length: 42560
expires: Fri, 05 Nov 2021 10:09:56 GMT

GET
H2 200 46-68076706.jpg
image.kurier.at/images/original/6494144/ 3 MB
3 MB 48ms
20ms Image
image/jpeg 2606:4700::6810:cb57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.kurier.at/images/original/6494144/46-68076706.jpg

Requested by

Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cb57 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a470ec74a16b0b51f159d3c1412cf6eff65ffb00da9fd8926cd05cc64e49a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-platform-server: i-095a93257bcda7664
age: 119036
cf-polished: origSize=3336626, status=webp_bigger
content-security-policy-report-only: block-all-mixed-content; object-src 'none'; script-src 'self' 'unsafe-inline' assets.pinterest.com https://cdn.rawgit.com https://cdn.trackjs.com https://js.pusher.com https://pinpoll.com https://uvp-kurier.sf.apa.at https://www.riddle.com platform.instagram.com platform.twitter.com; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://csp.telekurier.at/reportOnly
content-type: image/jpeg
vary: Accept-Encoding
content-length: 3091453
x-request-id: 00-16b240718879ccfca755ac55cdd93e28-a6ac4d628cc77bc9-00
x-ua-compatible: IE=edge
last-modified: Thu, 28 Oct 2021 16:52:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-language: de
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6a6113a86d2b0601-FRA
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-bgj: imgq:85,h2pri

GET
H2 200 16460293-v13-standard-kolumne-lisa-feldmann.jpg
img.blick.ch/incoming/ 27 KB
28 KB 123ms
28ms Image
image/webp 2.18.232.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.blick.ch/incoming/16460293-v13-standard-kolumne-lisa-feldmann.jpg?imwidth=1200&ratio=16_9&x=0&y=0&width=1939&height=1091
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.180 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-180.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 658b3ce2a273b93a1526a0db60e4276f676330a93fd880fb4d2961894e264763

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
x-check-cacheable: NO
x-serial: 1331
etag: "5381d8b5a6bb3aa98cf8516ecaa198fd:1618467057.998196"
content-type: image/webp
cache-control: private, no-transform, max-age=590322
last-modified: Thu, 14 Oct 2021 09:32:32 GMT
content-length: 27864
server: Akamai Image Manager
expires: Fri, 05 Nov 2021 22:03:49 GMT

GET
H2 200 vanessa-mai.jpg
image.gala.de/22537874/t/s6/v9/w1440/r1.7778/-/ 92 KB
93 KB 159ms
31ms Image
image/jpeg 95.100.153.88
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.gala.de/22537874/t/s6/v9/w1440/r1.7778/-/vanessa-mai.jpg
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.88 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-88.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8c14f26f6a776babafad03068ef64da035a07acd49bfd2ee6902f83ceeace394

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
last-modified: Fri, 29 Oct 2021 10:14:00 GMT
server: Akamai Image Manager
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=2535031
content-length: 94421
expires: Sun, 28 Nov 2021 10:15:38 GMT

GET
H/1.1 200
OK wp-embed.min.js Show response
online-nachrichten.eu/wp-includes/js/ 1 KB
2 KB 48ms
48ms Script
application/javascript 79.172.252.23
DENINET-HU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://online-nachrichten.eu/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.172.252.23 Kisdobsza, Hungary, ASN29278 (DENINET-HU-AS, HU),
Reverse DNS: k25223.tarhely.eu
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 30 Oct 2021 02:05:07 GMT
Last-Modified: Thu, 04 Feb 2021 03:59:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1426

GET
H2 200 11318014896675321366
tpc.googlesyndication.com/simgad/ Frame 6512 71 KB
72 KB 92ms
39ms Image
image/gif 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11318014896675321366

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&h=250&slotname=9754091754&adk=3623683073&adf=681444098&pi=t.ma~as.9754091754&w=319&fwrn=4&fwrnh=100&lmt=1635559507&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fonline-nachrichten.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507018&bpp=4&bdt=1266&idt=72&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=7771049880235&frm=20&pv=2&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1051&ady=189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z46Ysbzn2a&p=https%3A//online-nachrichten.eu&dtd=84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61d21bc6b757c1e2483339ecd9d0d04d112b842ad7ff55f6fdddf6d8977cd7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 06:16:03 GMT
x-content-type-options: nosniff
age: 157744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73186
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 07:31:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Oct 2022 06:16:03 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame 6512 19 KB
8 KB 78ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 01:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7760
x-xss-protection: 0
server: cafe
etag: 2659786357195577193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:44:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 6512 3 KB
2 KB 83ms
38ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:56:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6512 120 KB
37 KB 86ms
27ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 02:05:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 6512 14 KB
6 KB 74ms
29ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 01:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:57:41 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame 6512 27 KB
11 KB 97ms
52ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a719efa92ba257d3044e0647257b53efc9137ae0064411d25600a66da5a54697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 15:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37861
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 10869067349040096472
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 15:34:06 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6512 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQuSkU6h8YduxB9Dz3wOHu464DoWPx5Bm39GwqpYOitGj7b4BEAEgqL7QCmCVAqABkeuo2APIAQOpAi6C9C-RZbM-qAMByAPJBKoEgAJP0FD13sip5Qw6MHl6LPL6rnABJpSFiCAqzdQFWP96Bw_NrAdagGa8j7QBXpvZ9ffYaSAbFy2xl74Vbn-vIuzbXaKm83Eqy8VfEj6YVpjfIYWg7ENtRNEDg9t5keWC_T7z-c81NyrKnhPvbUUtAzqB_m5ioKJW6BfoU62Px5sFtUuRxsMQ5RbqWkCDALOODG4jZhMYX02un_uivcfWiPp13wCD7joLxJcUhaPfEEFL7E6Kd709M0sWJLqOcn5JFJ5X_EXg6S8j3xrwj8fLXxrI7wybtO3Idp3L3tskDx3UWohp2Xuk_q9IWjs3aeTmn6dJzvC4C3eL0RpS2KLorc_iwAS9qviDygOSBQQIBBgBkgUECAUYBKAGA4AH4OX32QGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQyL_aBdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04NTY5OTI2NzgzMjk3OTEzGAA&sigh=KAnVu63UW00&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&h=250&slotname=9754091754&adk=3623683073&adf=681444098&pi=t.ma~as.9754091754&w=319&fwrn=4&fwrnh=100&lmt=1635559507&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fonline-nachrichten.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507018&bpp=4&bdt=1266&idt=72&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=7771049880235&frm=20&pv=2&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1051&ady=189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z46Ysbzn2a&p=https%3A//online-nachrichten.eu&dtd=84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Oct 2021 02:05:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Oct 2021 02:05:07 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E833 143 B
222 B 9ms
9ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&h=250&slotname=9754091754&adk=3623683073&adf=681444098&pi=t.ma~as.9754091754&w=319&fwrn=4&fwrnh=100&lmt=1635559507&rafmt=1&psa=0&format=319x250&url=https%3A%2F%2Fonline-nachrichten.eu%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507018&bpp=4&bdt=1266&idt=72&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&correlator=7771049880235&frm=20&pv=2&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1051&ady=189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=z46Ysbzn2a&p=https%3A//online-nachrichten.eu&dtd=84

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 30 Oct 2021 01:43:08 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1319
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online-nachrichten.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online-nachrichten.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A47B 156 KB
44 KB 313ms
313ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8569926783297913&output=html&adk=1812271804&adf=3025194257&lmt=1635559507&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fonline-nachrichten.eu%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635559507642&bpp=1&bdt=1890&idt=1&shv=r20211026&mjsv=m202110260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcf2c131cd78c3c38-2226ab0805cb00ed%3AT%3D1635559507%3ART%3D1635559507%3AS%3DALNI_MaMhc74E18WCzQB9s3Moh0rCBrx3Q&prev_fmts=319x250&nras=1&correlator=7771049880235&frm=20&pv=1&ga_vid=1358228323.1635559507&ga_sid=1635559507&ga_hid=891352369&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C44752093%2C31063294%2C31062554&oid=2&pvsid=477644806759416&pem=101&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f350e1a7555d91f90981c37c3a294876683267074dbc6497712a89359965667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 30 Oct 2021 02:05:07 GMT
server: cafe
content-length: 44534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6512 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15a519e8f917c9774cffe7d111e68b81fc1f549938f74d3e1950bf72f0292a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E833
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

24ms
24ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 30 Oct 2021 02:05:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 30 Oct 2021 02:05:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 30 Oct 2021 02:05:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame CCC8 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:14:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 39ms
19ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211026&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ddf5b4329c09f9316c5567ca9ba5793f17b4fb551815b891c040167dc575f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8469
x-xss-protection: 0

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/ 143 KB
52 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110260101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9c894588132662e56bfd636ab19a57831c4fe106a207a453f20b3be316732b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52781
x-xss-protection: 0
server: cafe
etag: 15138605428841842935
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Oct 2021 02:05:08 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 30 Oct 2021 02:05:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=online-nachrichten.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=online-nachrichten.eu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Oct 2021 02:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/ Frame 820D 10 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 16:17:15 GMT
expires: Fri, 12 Nov 2021 16:17:15 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 35273
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3220 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 29 Oct 2021 21:10:31 GMT
expires: Sat, 29 Oct 2022 21:10:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17677
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 57F8 783 B
999 B 24ms
24ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c243d90ac3ca2075513e4816236b173d04d5773d62ea025a5398eb7ab683f7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uHFhoEljdI2NX/vGqdED0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 30 Oct 2021 02:05:08 GMT
date: Sat, 30 Oct 2021 02:05:08 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uHFhoEljdI2NX/vGqdED0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 820D 4 KB
1 KB 41ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 01:09:00 GMT
server: ESF
date: Sat, 30 Oct 2021 02:05:08 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 02:05:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 820D 205 B
744 B 29ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 20:44:32 GMT
x-content-type-options: nosniff
age: 192036
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 27 Oct 2022 20:44:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 820D 604 B
696 B 30ms
7ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 16:08:40 GMT
x-content-type-options: nosniff
age: 467788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Oct 2022 16:08:40 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/ Frame 820D 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d708e6899a77c81a9547e6d36f81d91d4391f1202c6cc973df9f5c106ece767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 22:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 16949158767468107603
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 22:06:56 GMT

GET
H2 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3220 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 14:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 14:35:26 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 57F8 0
0 24ms
24ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211026&jk=477644806759416&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame FB30 3 KB
653 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Oct 2021 01:11:05 GMT
server: ESF
date: Sat, 30 Oct 2021 02:05:08 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 30 Oct 2021 02:05:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame FB30 2 KB
991 B 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 00:10:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 00:10:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame FB30 19 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 01:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7760
x-xss-protection: 0
server: cafe
etag: 2659786357195577193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:44:04 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame FB30 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 01:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 505
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:56:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB30 120 KB
37 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Oct 2021 02:05:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame FB30 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 01:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 13 Nov 2021 01:57:41 GMT

GET
H2 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame FB30 27 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 09:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11281
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 10:17:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 26 Jan 2022 09:36:35 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 78CC 1 KB
845 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 29 Oct 2021 18:26:41 GMT
expires: Sat, 30 Oct 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 27507
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dpixel
cms.quantserve.com/ Frame 78CC 35 B
463 B 28ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENQ3P6jUf4-eOCX-8YHEjgQ&google_cver=1&google_push=AYg5qPIo1PBBNocWveYFuk4vzjbhdNN3a_2LzAph-7STHXJRGNo4NE9ZgL3Z1uJRc6NpxTK2GSg-qTG4aVDKccW9IEhCfyDEZT0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CC
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEOjqnrcJYFXS_yzXo0a2xyI&google_cver=1&google_push=AYg5qPL8g-lNElTB4cj_dLwud_y5LmXB2wPsf8PqF7UKc6H66Et_hynsYPUutmffIkKz6n6cy7SCRQhl8xNcmuGaO_6JgqpmxFFs
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL8g-lNElTB4cj_dLwud_y5LmXB2wPsf8PqF7UKc6H66Et_hynsYPUutmffIkKz6n6cy7SCRQhl8xNcmuGaO_6JgqpmxFFs&google_hm=Q0FFU0VPanFucmNKWUZYU...

170 B
329 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL8g-lNElTB4cj_dLwud_y5LmXB2wPsf8PqF7UKc6H66Et_hynsYPUutmffIkKz6n6cy7SCRQhl8xNcmuGaO_6JgqpmxFFs&google_hm=Q0FFU0VPanFucmNKWUZYU195elhvMGEyeHlJ

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 30 Oct 2021 02:05:07 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPL8g-lNElTB4cj_dLwud_y5LmXB2wPsf8PqF7UKc6H66Et_hynsYPUutmffIkKz6n6cy7SCRQhl8xNcmuGaO_6JgqpmxFFs&google_hm=Q0FFU0VPanFucmNKWUZYU195elhvMGEyeHlJ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CC
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPILsIgNuZMuFfFG7EbdsVTV9KKq9OOHj4U9D8uVzoKv5BShArdSXPcK1IFoyJPiCLcevTsxT46HZansACiJe2NUal1rNtc1&google_gid=CAESEHxA-BfAH9i5KEx0u9agW_8&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTQ8osGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJTHNJZ051Wk11RmZGRzdFYmRzVlRWOUtLcTlPT0hqNFU5RDh1VnpvS3Y1QlNoQXJkU1hQY0sxSUZveUpQaUNMY2V2VHN4VDQ2SFphbnNBQ2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbm91akd4NmVDdlRwWWkzVVZMVUFiOVNjM3owNDAwTGNKak9VeUh6YzNwMA==&google_push

170 B
232 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbm91akd4NmVDdlRwWWkzVVZMVUFiOVNjM3owNDAwTGNKak9VeUh6YzNwMA==&google_push

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 30 Oct 2021 02:05:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwbm91akd4NmVDdlRwWWkzVVZMVUFiOVNjM3owNDAwTGNKak9VeUh6YzNwMA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 78CC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEGk_yKv3M5byo3dmvHugJOA&google_cver=1&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E
https://rtb.openx.net/sync/dds?google_gid=CAESEGk_yKv3M5byo3dmvHugJOA&google_cver=1&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E&google_hm=9FMVzqMIzJcbjOgmBlD35g==

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E&google_hm=9FMVzqMIzJcbjOgmBlD35g==

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:07 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKK77MOW2vQrjmF0XHyyM-s6M2gQKLx6KqxYtmiX2w0I1_wfn5VE4x9qhuO7nGFIdmeKjXV2StZ2z3jfBV1DitnmfXz19E&google_hm=9FMVzqMIzJcbjOgmBlD35g==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: fl1dl01hk9shen3mcnb6djro0f2r902o

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 78CC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRx9byCXSh28z8tyjirMlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
232 B

16ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRx9byCXSh28z8tyjirMlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJDDia2oxqf9QSbJ6Xr9QK2ZDlBVMgbO75PxN1TOoyqwO7DBlII5KOgcStZREERwe1VCoNosJJPZb_nIr3R9K5zRbvTitm0

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lRx9byCXSh28z8tyjirMlA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJDDia2oxqf9QSbJ6Xr9QK2ZDlBVMgbO75PxN1TOoyqwO7DBlII5KOgcStZREERwe1VCoNosJJPZb_nIr3R9K5zRbvTitm0
date: Sat, 30 Oct 2021 02:05:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET

pixel
cm.g.doubleclick.net/ Frame 78CC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWN...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 78CC 0
232 B 35ms
14ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7fiIIjTkcmcdGn6FfjeOxtfkJ1z3_VwCIvCwj2_tkoSdSQVkAaopzWpmpvS-bSQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 30 Oct 2021 02:05:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E94 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9ikrJPTMnmu1IVkna_il0BrUQdIJ_Q2gP_yjrETMSUw.js

Requested by

Host: online-nachrichten.eu
URL: https://online-nachrichten.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 21:14:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 190261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13471
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 21:14:07 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 23ms
23ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211026&jk=477644806759416&bg=!KimlKW3NAAbUs_yW1LM7ACkAdvg8Ws9RXdl35xTMz5Vk5fIut5xT3qah7EJ41j_7YTlB1tu-cjhRCwIAAACyUgAAAAxoAQcKAGWZVrp1txt1WQXwxuiExr8DO0gUQf1NHJ2P_CwvhW5MHIHkVpSIEkd39D0obu3NZwJeIRLmMBmeaAWtthp-0UJfRBuBfBBHrqr3hCBQAwb7Eh_UTq5x65NxJzCRmnrezJhNcqJIf5kCuvVOnqVOeC_GokCMK8svKe03ske6JEvxkwLcFV54SLJYLo6lg-PReeN8ZS1t69RNzgQ5Le5bCMGImfQSStefsAqQWyB6M4VNrSzwnX1OHRH7CmK5h7msnfop2O3dy4waiKDuFBJPRxKpHcrH1LHb5iE4CFnXt2SgEv-OlrWCTMqVMeMW0SuXwXV5T1duHKFl_G6P5-ejvYIqUmWJcKBGxGLu_gIrP6eAqpaFv_goxGgfSmcRFisU3KrNBL9eCE8GGsZETHGqKoLeHaCJ7lPVKXVXR_6XuLQnoI9hsOSmAaN92h0BkuHvTXi2ASoilCWVvZysMVrok4ioiLNqdWgeu0DOzs2W1HmX4ty7NhcthWxdxpubepkVlj_PdaNMLA3VPwzoB9mmrKlFT1LIGBkSq9tsjGTiaCE3H7MtXTvbcaNDAsAfP32gbus9LwKqTYoOJ8D1qv5Z9Kw60UWEwbjfZThAjPJMa8scHdzkoulxRp2HlMbXiAZJ8-ut3wvU-Ss-7gfB1YhpsXA-rvd2sy9pz2HltC-vTCO2d9P87g9yFIF6asEJK_mtWX5lg20PloruvijptHXLc_k1ISV-XRRCI6CmH2NaKKgzl7UeSNEUoneflTmKrtivs0s6LVDIfeWel5mYYDaKkIst-YglOCBhANRLHS8sc9IlRosFQG6GfEXJWUipRnJe6cQ9jA9uZparbOW1nxm5yuex0K6PlNTdOyyxlVJhYtkPHNtzi48JkRpQiFCzsFOi_mW77-kFnJG-f2wAazdU_gSzJnR1225Qvhl8arBaJvbQKAmcNFpriOY2zDhUSIToSSTE_Xv2ALa1ypwQdWOWcm67cIbObNAXB_MboLe3kNRNJ50H3RwQmprqL2ynl4QXi2P-FuioWoX8T0Rq8LG2BNrL0AMlJCc04bKPywPUmGLf-LOz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://online-nachrichten.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6512 42 B
174 B 18ms
18ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvA9kpBTCW6b00wTnAHUNd-oACtogWOcIi5SYlg8iwASRoLsIIIPbKBMSfZNjSDmd1pbvSi5jZn6c73dzO4QsmGgIlMlZ_uic1SiJ1DGjsvPNE4LVzLUQ&sai=AMfl-YTAwGyLA9UPGwj_JSQDxa-2xu1IRG2exSRWOJ5t1dl5oQfRV-Ql0Tol-LLn5LGzTmhsoGe3Rv-4rttW&sig=Cg0ArKJSzB9rqlvvktL0EAE&id=lidar2&mcvt=1001&p=0,10,250,310&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3623683073&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635559507103&rpt=649&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Oct 2021 02:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
online-nachrichten.eu/	1970-01-19 22:20:45	Name: GEO_country_code Value: DE
online-nachrichten.eu/	1970-01-19 22:20:45	Name: GEO_country_code_hash Value: 2c76110124ff7a6fbc98daa53ec03aa4
online-nachrichten.eu/	1970-01-19 22:19:30	Name: geo_check Value: 5ed02023ebfcf
.online-nachrichten.eu/	1970-01-20 07:40:55	Name: __gads Value: ID=cf2c131cd78c3c38-2226ab0805cb00ed:T=1635559507:RT=1635559507:S=ALNI_MaMhc74E18WCzQB9s3Moh0rCBrx3Q
.doubleclick.net/	1970-01-20 07:40:55	Name: IDE Value: AHWqTUnDQL3JlxEQsdXBufcysH0DAIKm-k92Xk3Vj48yPmWdwWKaELQ1dxkfWxa7xTI
.doubleclick.net/	1970-01-19 22:19:23	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 00:28:55	Name: d Value: EHEBCQHNJIEA
.quantserve.com/	1970-01-20 07:49:33	Name: mc Value: 617ca854-3d20c-cb321-5fa1b
.casalemedia.com/	1970-01-20 07:04:55	Name: CMID Value: YXyoVG-6vCrvi8Ue3A6EnwAA
.casalemedia.com/	1970-01-20 00:28:55	Name: CMPS Value: 3177
.rlcdn.com/	1970-01-20 07:04:55	Name: rlas3 Value: aOniiSW5UCH8BSVv054fWfXo3SRuL6ugIMnjvhFLIAE=
.pubmatic.com/	1970-01-19 22:20:45	Name: KTPCACOOKIE Value: YES
.openx.net/	1970-01-20 07:04:55	Name: i Value: f8a9a0ab-a309-4a4e-a72e-6c79b16efea1\|1635559508
.agkn.com/	1970-01-20 07:04:55	Name: ab Value: 0001%3AtBg3RzBpjGlpEwomYown%2FPrb8aOQxXJV
.agkn.com/	1970-01-20 07:04:55	Name: u Value: C\|0CEApD2TUKQ9k1AAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/	1970-01-20 00:28:55	Name: KADUSERCOOKIE Value: 951C7D6F-2097-4A1D-BCCF-CB728E2ACC94
.rlcdn.com/	1970-01-19 23:45:43	Name: pxrc Value: CNTQ8osGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 00:28:55	Name: CMPRO Value: 1183
.casalemedia.com/	1970-01-19 22:20:45	Name: CMST Value: YXyoVGF8qFQA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YXyoVG_6vCrvi8Ue3A6EnwAABJ8AAAIB&google_gid=CAESENsjC0GXqEWdpFi0vcQRq38&google_push=AYg5qPLmVCBPRczNexBbESgBULW_Xy8tSXPREjY7EaQe9XqjqWNIzi4PJRGpRZsxTWHXs_ZXjmFYnP9WknNgsAFWAG3SgXQtdwo&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
googleads.g.doubleclick.net
id.rlcdn.com
image.gala.de
image.kurier.at
image6.pubmatic.com
img.blick.ch
online-nachrichten.eu
pagead2.googlesyndication.com
partner.googleadservices.com
rtb.openx.net
static.kino.de
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.wienerzeitung.at
cm.g.doubleclick.net
142.250.186.162
172.217.18.98
178.19.70.100
194.107.62.39
198.47.127.19
2.18.232.180
2606:4700::6810:cb57
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
3.124.136.236
35.227.252.103
35.244.174.68
79.172.252.23
95.100.153.88
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10
0d708e6899a77c81a9547e6d36f81d91d4391f1202c6cc973df9f5c106ece767
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1f6348af3d37a9e195cdbe27e76ab99dc4b7e844c6042107af5f76e41eee484e
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
3288ddfc5fc07888231764e88fe713c0ae8110552db0d3c8565a2494cca18792
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3e19c9d67ae1c18ed02b928c28aee56f5da82f94580c6819e1cdb63e71ed4cb4
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53c088f65c77c6b7af2804face3e267d4c1bf148177798a30fa3a15aa693c36f
557116ee5706daa3b6cb2f52e7490e22db9c30ebfc447a5c85458a5fa0f6f84b
57363347820920b65974ffe9b25ac4ae39391a98b20e3fcfdc33ad0ef9598a06
5b987f1486deeec9756623c2b79bfcb6ce40cc2a852cdd738afc7b46386edb3c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
601e73774ff1f1abadf4377842963c119df9a0d82c4027d9375778c585faecd9
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61d21bc6b757c1e2483339ecd9d0d04d112b842ad7ff55f6fdddf6d8977cd7d5
658b3ce2a273b93a1526a0db60e4276f676330a93fd880fb4d2961894e264763
6a9a5bafa80bff7a29351962671bfafad98917892a6ae4830b45fc7aa4d11bcf
6f350e1a7555d91f90981c37c3a294876683267074dbc6497712a89359965667
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
7a470ec74a16b0b51f159d3c1412cf6eff65ffb00da9fd8926cd05cc64e49a6c
8a311e519659fa624740cff4eafc8ea12bc1df88595ce215fe166cfe17230871
8c14f26f6a776babafad03068ef64da035a07acd49bfd2ee6902f83ceeace394
8c21cdf7be2219908a953d92fba153dcc7175f7ee238856bd9954da18b0e05dd
8c243d90ac3ca2075513e4816236b173d04d5773d62ea025a5398eb7ab683f7c
8ddf5b4329c09f9316c5567ca9ba5793f17b4fb551815b891c040167dc575f1e
9098bce32fa311e967ba3bae1f3c4763801acf08ba95c67fb477f468e42a69a2
916079cc6df11c53017bb1357534c9d0c19583159b1c5645dabf6070b84adcc2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15a519e8f917c9774cffe7d111e68b81fc1f549938f74d3e1950bf72f0292a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a719efa92ba257d3044e0647257b53efc9137ae0064411d25600a66da5a54697
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b1b87379a90f71e87fac3b1ae0017d99d99458386af50e5bf3d4c025311234a8
b41570405890d4f995da7b265ceb5cfb50246a940f9489525a8f526cfd160356
c04b707cfa32d5dd192e148ba40d18d4bc039f7240da3d23bd6709d3121898cc
c11c6ebc58969141eded1ae0d9cd27b2b37f95aa50723ce2b0d5984bc438e30e
c9daf296a1d5cb5ad1f7c9ec8594fa6385704c7d66be48269fc1e1f4c349c441
d9c894588132662e56bfd636ab19a57831c4fe106a207a453f20b3be316732b5
dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f570ca3a83f8f9caa6288f00c802d83410987210f1b088cae1faaf6664c5a2e3
f6292b24f4cc9e6bb52159276bf8a5d01ad441d209fd0da03ffca3ac44cc494c
fa3c969639cf419ee66ff6ba52dbb8acd4dc86c4754b8e0f0ae8ef1c1e189fe0

online-nachrichten.eu Open in urlscan Pro 79.172.252.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

76 Requests

93 %HTTPS

50 %IPv6

19 Domains

22 Subdomains

19 IPs

5 Countries

4476 kBTransfer

5329 kBSize

19 Cookies

2 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

online-nachrichten.eu Open in urlscan Pro
79.172.252.23 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

93 %
HTTPS

50 %
IPv6

19
Domains

22
Subdomains

19
IPs

5
Countries

4476 kB
Transfer

5329 kB
Size

19
Cookies

76 HTTP transactions
2 data transactions