urlscan.io logo urlscan.io
SecurityTrails logo

ad.doubleclick.net Open in urlscan Pro
142.250.186.102  Public Scan

Go To Rescan Add Verdict Report
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=30...
Submission: On September 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 142.250.186.102, located in United States and belongs to GOOGLE, US. The main domain is ad.doubleclick.net. The Cisco Umbrella rank of the primary domain is 214.
This is the only time ad.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    108.128.37.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-37-226.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
1    2600:9000:2490:c00:7:4bc6:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
track.activemetering.com
1    63.34.52.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-52-197.eu-west-1.compute.amazonaws.com
secure-gg.imrworldwide.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2600:9000:223f:6e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2600:1f18:1aca:4280:900:d0fd:30d4:6da5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
78 KB
6 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1021
static.adsafeprotected.com — Cisco Umbrella Rank: 791
dt.adsafeprotected.com — Cisco Umbrella Rank: 735
93 KB
4 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
31 KB
1 imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 3632
525 B
1 activemetering.com
track.activemetering.com — Cisco Umbrella Rank: 4183
311 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
44 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
49 KB
22 7
Domain Requested by
6 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
3 googleads4.g.doubleclick.net ad.doubleclick.net
2 dt.adsafeprotected.com ad.doubleclick.net
2 static.adsafeprotected.com ad.doubleclick.net
2 fw.adsafeprotected.com 1 redirects ad.doubleclick.net
1 secure-gg.imrworldwide.com ad.doubleclick.net
1 track.activemetering.com ad.doubleclick.net
1 www.googletagservices.com ad.doubleclick.net
1 s0.2mdn.net ad.doubleclick.net
1 ad.doubleclick.net
22 11

This site contains no links.

Subject Issuer Validity Valid
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
track.activemetering.com
Amazon		 2021-12-05 -
2023-01-01		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Frame ID: 975BBD2C46D6EDB58CC25BE3BE23C56B
Requests: 17 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D2669EE7C04C1D9D4B470C0B622B0A4F
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F1A25C06D86ABE411D1C442D55CADA42
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Frame ID: 1C4BBFA2E4C8A4723E127826E6DC19A4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advertisement

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

22
Requests

59 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

296 kB
Transfer

753 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://fw.adsafeprotected.com/rfw/st/1087738/65101187/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_e28dY_G_JL2U9u8PqJCR0A4&cbFunctionName=goog_wrapCb_e28dY_G_JL2U9u8PqJCR0A4&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN300005.3958515PMPRECISIONTHETRA%2FB28103820.344119899%3Bdc_ver%3D90.265%3Bdc_eid%3D40004001%3Bsz%3D300x250%3Bu_sd%3D1.25%3Bgdpr_consent%3DCPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA%3Bgdpr%3D1%3Baddtl_consent%3D1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2F&adsafe_type=f&adsafe_jsinfo=,id:46d80cc2-5e9b-6d47-a6ae-4e4f189cf589,c:nSCXX6,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-585d8b8594-v4flz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.250,am:sp,cc:0.0.1600.250,piv:0,obst:0,th:0,reas:l.h,mu:10000,br:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:th6fAIX+1*.1087738-65101187%7C111,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:17,oid:130c859e-3191-11ed-8a81-cea6f4ffb073,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcT...
ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/ 		69 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
HTTP/1.1
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
87db52f949f80c1cf96afcc19a70acee7c51de5fdf9392f0deb2f25bd1b31ad7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
30658
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sun, 11 Sep 2022 05:17:47 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0
1319507582676998832
s0.2mdn.net/simgad/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s0.2mdn.net/simgad/1319507582676998832
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5633a0c9c34fa569d9dccd90eebee94351f0f3d261d7248dc404cc6648669cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 05:17:47 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
cross-origin
Content-Length
49287
X-XSS-Protection
0
Last-Modified
Fri, 19 Aug 2022 18:21:41 GMT
Server
sffe
Report-To
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-doubleclick-media"
Expires
Mon, 11 Sep 2023 05:17:47 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 11 Sep 2022 05:17:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4842123143989086801
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=1209600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
4037
X-XSS-Protection
0
Expires
Sun, 25 Sep 2022 05:17:47 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 02:48:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
8970
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
3181
X-XSS-Protection
0
Server
cafe
ETag
10699485926258732851
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1209600
Timing-Allow-Origin
*
Expires
Sun, 25 Sep 2022 02:48:17 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1087738/65101187/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1087738/65101187/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.37.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-37-226.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
40742085bb15f63264a04e48efad4ed75183f3c8cf1039e9ef73cdea2c416813

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:17:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:17:47 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0-8wpqcgMEH4_rw0vsEvAxGlSVbOdLfGAqWOy0y_QJihGDzT5DQPyhzH-dsSvkRkw2YGkhPSbKTTiD-M_3dd_pD9laJi8nW7XRn0A1M6BIvSDR8J7iXnF&sig=Cg0ArKJSzG8nx8gOEcM6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.82218&adurl=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:17:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
track.activemetering.com/pixel/v1/all/ 		43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.activemetering.com/pixel/v1/all/pixel.gif?cid=1ddbc85d-87a6-4a69-84a5-b536056ffae6&creativeId=176457346&placementId=344119899&siteId=7259761&campaignId=28103820&adId=535741532
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c00:7:4bc6:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:17:47 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P6
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
cache-control
no-store
content-length
43
x-amz-cf-id
aGhMvOe4fdkqCco3MokggcC5cwT6oXAJpLH4U7JS6FB-h5sQBMHArQ==
m
secure-gg.imrworldwide.com/cgi-bin/ 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn341016&cr=176457346&ce=N300005.3958515PMPRECISIONTHETRA&pc=344119899&ci=nlsnci3731&am=1&at=view&rt=banner&st=image&r=2475964444&C78=G1,DCM&uoo=0
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.52.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-52-197.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:17:47 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Fri, 09 Sep 2022 09:13:56 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
158631
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15207
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 09 Sep 2023 09:13:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6570852321fd6fd5a5a50eec73056931c6f0f0efe4eae098c3f06c7f6bf1dfff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5620
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D266 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
158631
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
8395
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Fri, 09 Sep 2022 09:13:56 GMT
Expires
Sat, 09 Sep 2023 09:13:56 GMT
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
view
googleads4.g.doubleclick.net/pcs/ 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0-8wpqcgMEH4_rw0vsEvAxGlSVbOdLfGAqWOy0y_QJihGDzT5DQPyhzH-dsSvkRkw2YGkhPSbKTTiD-M_3dd_pD9laJi8nW7XRn0A1M6BIvSDR8J7iXnF&sig=Cg0ArKJSzG8nx8gOEcM6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=155&vt=11&dtpt=154&dett=2&cstd=0&cisv=r20220907.82218&adurl=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:17:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
pagead2.googlesyndication.com/bg/ Frame D266 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/PsgKtCaN-XibavDd5zYoPighR_y43YjKXjrNcIggNuI.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 07 Sep 2022 19:40:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
293825
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15954
X-XSS-Protection
0
Last-Modified
Mon, 29 Aug 2022 10:58:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 07 Sep 2023 19:40:42 GMT
4a.js
static.adsafeprotected.com/
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1087738/65101187/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_e28dY_G_JL2U9u...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:07:50 GMT
content-encoding
gzip
age
392999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 06 Sep 2022 16:07:47 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
x-amz-version-id
y278kCHjy4az.swXkOrW4jguar1P2G10
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
qN-eMUfl4XJ1YjItV8hupUlh4pjzttL0oMzDoqWGwjpYzh5Cr1UkaQ==

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:17:47 GMT
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame F1A2 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:6e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10183395
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
Wv3Yh9XKcDD2mzVOs4bjE_xkEMWsmLFHPmJb6wsJYEN5k34WQJp0yA==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1087738&asId=46d80cc2-5e9b-6d47-a6ae-4e4f189cf589&tv=%7Bc:nSCXXG,pingTime:-2,time:53,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:355,beZ:356,mfA:358,cmA:360,inA:360,inZ:364,prA:364,prZ:367,si:373,poA:374,poZ:397,cmZ:397,mfZ:397,loA:401,loZ:402,ltA:408,ltZ:408%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.h,w:1600,h:250,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:53,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:0.0.1600.250,am:sp,cc:0.0.1600.250,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~1600.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:th6fAIX+1*.1087738-65101187%7C111,idMap:1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,slid:%5BDfaVisibilityIdentifier_2475964444%5D,sinceFw:34,readyFired:true%7D&br=c
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:900:d0fd:30d4:6da5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:17:48 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame D266 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1Euhe28dY_G_JL2U9u8PqJCR0A4AAAAAOAHgBAI&bg=!rq2lrenNAAZTikH4c4o7ACkAdvg8WjALaknvbVVU0r2DSHweIG3khWIUbr0htqp5wd9-vMZZqIi0swIAAAB9UgAAAAJoAQeZAuO1CgDQnd5epy3e5o_F1rrqZk2BuwkXYIVUA4FGojzuxZpXRrCBZ8bBl21qmb-azGn1nA5Om35OwxUn2E_3B2lLJwwxDiZ-PintZH8qXfFBpqcC3ppwecXLJHEOPK9jyMalJ3EWktxZC_YADmVZeuCQZkdvd4yRICjclhzGXtehcTVweSJtB__jTq223di3JBb86M9E3pl_o098fCTAhVExvFcPQH2rpcUC-TNf9IH-bwB5lfAmMmrry54g8hY6vdlfCG8Ih36kljpzdkMBgyBdi4L4_oI9MvJbf-75EGFSJtoqAmG57p78OtybkR3YFt3DM9JFTWesuXO8cf495SBA9zRX_48jyy3IZ1pictrX_P5UDA4OSN298UEwE7TUNwdJx05FnRJzYeNNzlXdm_786qR8bL2SxVWy0_3A7QhyEfoYbBmrQoJekO5tPAhPVlF7WLvrPNHA_WUOXeblben58BMQK4ootomDN213Elme1sV_qp_EfqA0b6Ler3ch08EyIafCjNRC2NBMCpQhLgvssVwup46eB3aRVRLgsn0ZPbiDr8qMOKZJ319tARTlqbbiaUF8N_c5dyhliOmD4qSjQWH6ckYY2SHs01O_BqaWARQYyMAtLfv4Refc02V-FhIBQ5yZsM9GzdCGBCk7nS9l4NFB-_BMuy3n-1ZU9A3gSjOybXFTDaLaUwJcRzGmD_kwmpwjbCZo7LfRpjGbByKELz3bo-0gcO5f0C5Xh_ETMDxe-mmrjS2eTKYNm_M6-JMTMV_vJgYIfJD3d338uhEh-GJRCK7Vv_VzGE9GCRhKZ6vTvqdYTy2s2In7okix7pefpKfpj9tIPUTDWvZdlOt0-7to73-muRxlVDYhin6uQJsYOBp0SJmWnJg6VTWQ0bCt-sZiFMO9l7M7yJfOl6Oio1lemmWFDHMruo1TLhLH3vrvHVfA0S_7h-N_GtfihHWsBfdNEe4S17SWno7IYjXcxgrH
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
HTTP/1.1
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 05:17:48 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss0-8wpqcgMEH4_rw0vsEvAxGlSVbOdLfGAqWOy0y_QJihGDzT5DQPyhzH-dsSvkRkw2YGkhPSbKTTiD-M_3dd_pD9laJi8nW7XRn0A1M6BIvSDR8J7iXnF&sig=Cg0ArKJSzG8nx8gOEcM6EAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 05:17:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1087738&asId=46d80cc2-5e9b-6d47-a6ae-4e4f189cf589&tv=%7Bc:nSCY4j,pingTime:-10,time:464,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1662873464651%7C%7C40179885ae9f7a38d0f290367222bf4e%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7Cbd06247d3d763ed621452ae75ab48bfd%7C%7C19e4abb4932a69bcc0918ecca29783dc%7C%7C5bd437d2eca60265bc55dfec3cf95e5f%7C%7Cba1c7c7d7f02427b8450714d9b38dd19%7C%7C6106b93e1f464e7de55088c5ce2480a0%7C%7C1629390669%7D
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:900:d0fd:30d4:6da5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 05:17:48 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 05:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 05:17:48 GMT
dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
pagead2.googlesyndication.com/bg/ Frame 1C4B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sat, 10 Sep 2022 05:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 10 Sep 2023 05:05:47 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| clsn function| goog_wrapCb_e28dY_G_JL2U9u8PqJCR0A4 function| bllsne28dY_G_JL2U9u8PqJCR0A4 object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc function| ait function| ast object| google_image_requests object| GoogleTyFxhY function| omrhp number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| GoogleGcLKhOms function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient function| __IntegralASAdPush function| __IntegralASEventLoadHandler_46d80cc25e9b6d47a6ae4e4f189cf589 object| GoogleA13IjpGc

0 Cookies

1 Console Messages

Source Level URL
Text
other error URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
secure-gg.imrworldwide.com
static.adsafeprotected.com
tpc.googlesyndication.com
track.activemetering.com
www.googletagservices.com
108.128.37.226
142.250.186.102
172.217.18.2
2600:1f18:1aca:4280:900:d0fd:30d4:6da5
2600:9000:223f:6e00:8:48e:53c0:93a1
2600:9000:2490:c00:7:4bc6:d200:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2006
2a00:1450:4001:830::2001
63.34.52.197
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
3ec80ab4268df9789b6af0dde736283e282147fcb8dd88ca5e3acd70882036e2
40742085bb15f63264a04e48efad4ed75183f3c8cf1039e9ef73cdea2c416813
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
5633a0c9c34fa569d9dccd90eebee94351f0f3d261d7248dc404cc6648669cc6
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6570852321fd6fd5a5a50eec73056931c6f0f0efe4eae098c3f06c7f6bf1dfff
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
87db52f949f80c1cf96afcc19a70acee7c51de5fdf9392f0deb2f25bd1b31ad7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855