urlscan.io logo urlscan.io
SecurityTrails logo

www.hs3uka.com Open in urlscan Pro
119.59.104.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apps.hs3uka.com/
Effective URL: https://www.hs3uka.com/
Submission: On September 29 via api from GB — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 139 HTTP transactions. The main IP is 119.59.104.14, located in Thailand and belongs to METRABYTE-TH 453 Ladplacout Jorakhaebua, TH. The main domain is www.hs3uka.com.
TLS certificate: Issued by R3 on July 31st 2021. Valid for: 3 months.
This is the only time www.hs3uka.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    119.59.104.14 (Thailand)

ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH)
apps.hs3uka.com
www.hs3uka.com
23    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
pagead2.googlesyndication.com
2    31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net
connect.facebook.net
16    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
adservice.google.com
7    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googletagservices.com
34    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
4    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
3    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
googleads4.g.doubleclick.net
6    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
s0.2mdn.net
3    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
fonts.googleapis.com
3    172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net
www.gstatic.com
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
4    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    142.250.185.67 (None, )

ASN- ()
fonts.gstatic.com
1    91.228.74.133 (None, )

ASN- ()
cms.quantserve.com
1    34.98.67.61 (None, )

ASN- ()
odr.mookie1.com
2    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
2    185.64.189.115 (None, )

ASN- ()
image6.pubmatic.com
1    69.173.144.139 (None, )

ASN- ()
pixel.rubiconproject.com
1    3.115.67.144 (None, )

ASN- ()
cc.adingo.jp
Domain Requested by
34 tpc.googlesyndication.com googleads.g.doubleclick.net
apps.hs3uka.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
23 pagead2.googlesyndication.com www.hs3uka.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
apps.hs3uka.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
23 www.hs3uka.com 1 redirects www.hs3uka.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
apps.hs3uka.com
8 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
7 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
apps.hs3uka.com
6 s0.2mdn.net apps.hs3uka.com
s0.2mdn.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 googleads4.g.doubleclick.net apps.hs3uka.com
3 adservice.google.com pagead2.googlesyndication.com
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 connect.facebook.net www.hs3uka.com
connect.facebook.net
1 cc.adingo.jp googleads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 odr.mookie1.com googleads.g.doubleclick.net
1 cms.quantserve.com googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 apps.hs3uka.com
139 24

This site contains links to these domains. Also see Links.

Domain
www.penguinsim.com
wordpress.org
themezee.com
Subject Issuer Validity Valid
hs3uka.com
R3		 2021-07-31 -
2021-10-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.adingo.jp
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-26 -
2022-04-14		 a year crt.sh

This page contains 26 frames:

Primary Page: https://www.hs3uka.com/
Frame ID: C3861671194FE78D1786E77047116FD8
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 4311B0C6A88DF47C0D0ADB19D4D1B840
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Frame ID: 8835D441CFC3C2B22B69B1F77E90FA49
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Frame ID: FFC824461D79330EB107F9651D53C8DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Frame ID: 628E4BC0FF22519D92571049FE46AD88
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&adk=1812271804&adf=3025194257&lmt=1632909289&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hs3uka.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289376&bpp=1&bdt=883&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280%2C856x280&nras=1&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=5
Frame ID: 65DCDCE1589777C6561E910AB1D55AF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6D47B945675F54327F589AF87EB0238A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Frame ID: 67AD847F0657606A80798A9E3B9E8342
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Frame ID: E2F6482EC81FE2C6B5D0AF3231968825
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPIw3efo5an_Y5o4yZ4aNReRK1PDfX-Xl7tnY-GdqF46z9Fbx7CSnOZVuIWN3H1V8LgEZWc-s1VibmMvcA6d3HNzWQuY-a0eW0k_FoDb3rFw8R2kqIYOXmZ0RNI8DIAKD13OD3C_Ms1IKq__fwSYx_Evg-cXNkrS53vfWyjVUQE5uPv46yVCf0Vnmi3g6xozQdnhSU2pQ0NPNmTaJyGfsvRBkvxX3xIH9GCYhdu7rI7ZpNj3j-SnUYMh-yzO_Y-COjg3Y_kIyIPZD3vQfviUmxGt2kkQ166hcugTWueCVt_wk1iJuldqmhLUG6aoTDDd-3De4d9dkyHfG-h43PaynFpvwmyA8U2i3JQ1vfT5GyKw44Y3oIFqoQAEdnz2SHWErMB6plwv1bo_BmMgz5o1T0Mfv48jCMKIFFrVd9Vya--OgS7_80xN3CDsDCdPVuR3hBB-tDCpfSJpnPqyWt9eWcsFDZis8GCZRyO4ecRcHr1NLzEWMgb70gv1vJELKXsWdgyh3MSsVKw7olJG8bfpQEBFH0K_SojhK5RMahMog7H61JoLz3k9yzSd06xUtG_oXO7vDr7IoOFapFGsCoimICw0VebmExpUF9FzqTfRKVeSVkWOANRYEYm15L_SeRxQR-2vW_7OJlrQ4GxyZfjVM2Us2bkSYmItdNNRE_P13aBOuKXNpxzK0MW2qQAjPz0WopLZPzQM1c8hI-zyme63_yDiFlWoxu59an3vfboOk1SBLwvkmeeb9fhCQl_cEP1259k4CSF_3tt6F9M7S2Yev8bJCITA1ur1Nd_Bt3DK_RgfXqztSjsLj0Ga6yfJCkWuGScMVfsjYrFA1g8NEp-YYSupxkpQr2osnATJRYfxBSAurrqPU3IQ5HUrcZNQEeV-KK4e5QqQ26g3iB5tqdzcYBF3P0JY8xjw&sig=Cg0ArKJSzDZqoDwiIfTWEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: FC96CFE3CA67A451AF72EF720AB3B6D2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Frame ID: 83E2E2D47BF12C36D04543C577A85B78
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2F22DDAD6BB0D94EE7609C201E251F68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0A27CF3C404EB78EAE8A8E1433962338
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 28747185E6232A6B7F433B840E0A4226
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
Frame ID: 981AB13BE1BB31D3A3EAFBF91F2F4B56
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Frame ID: AD9F40479540AACEE8EE23BC4FB9D4D8
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
Frame ID: 988F0CD78F0ADA5AD96CA34AEF0799AD
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E893B815947A7D9A00211C69C0C454A4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Frame ID: E99B0F9A0CA4B8F2F82FA142301E04F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js
Frame ID: 183F28CD93EB7FEE49949EB6A916B0E2
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Frame ID: 6EEA711613DE1683D710A963D912A352
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Frame ID: 8A587BC7E5FAAECA01BADC2A0709F481
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58C905CEE2EF84B12E0BA107005DCCEE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Frame ID: 5E3E3085C4F339942A72459902F453A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B685C455F1534B16B5D650EB4ACAC165
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4AD53CD136A4F17E4364F3D8D939883
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HS3UKA.COM – บทความคอมพิวเตอร์ อิเล็กทรอนิกส์ วิทยุสมัครเล่น

Page URL History Show full URLs

  1. https://apps.hs3uka.com/ Page URL
  2. http://www.hs3uka.com/ HTTP 301
    https://www.hs3uka.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

99 %
HTTPS

0 %
IPv6

18
Domains

24
Subdomains

20
IPs

4
Countries

3227 kB
Transfer

5684 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apps.hs3uka.com/ Page URL
  2. http://www.hs3uka.com/ HTTP 301
    https://www.hs3uka.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
Request Chain 89
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVQ36um7MdgU1KG8u3-NAgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOC8_9ksYkq0gb5TA1a5QE0&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOC8_9ksYkq0gb5TA1a5QE0%26google_cver%3D1
Request Chain 91
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDc1NzcwODcwOTA3NzM2NA%3D%3D
Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 128
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBfoBzmyD-rqyKTf1WfwDzM&google_cver=1&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBfoBzmyD-rqyKTf1WfwDzM&google_cver=1&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw&google_hm=SEMD4en6wOMPfiXmDqZHJA==
Request Chain 129
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECW1qJ6_pOdIVEsEDQzkZ74&google_cver=1&google_push=AYg5qPJGFYltuG_rNMpe8QVZ3AnfLVQAr3i9abRgqhPmQbbu8LbZlXV6MIZQkNPBrGXqyLVGV-9Z7MQUoisxV-8B71-JSBVWQdxquA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECW1qJ6_pOdIVEsEDQzkZ74&google_cver=1&google_push=AYg5qPJGFYltuG_rNMpe8QVZ3AnfLVQAr3i9abRgqhPmQbbu8LbZlXV6MIZQkNPBrGXqyLVGV-9Z7MQUoisxV-8B71-JSBVWQdxquA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eu-ySqA5SGWrwCLMY3j3jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJGFYltuG_rNMpe8QVZ3AnfLVQAr3i9abRgqhPmQbbu8LbZlXV6MIZQkNPBrGXqyLVGV-9Z7MQUoisxV-8B71-JSBVWQdxquA
Request Chain 130
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMC4i_LwV71IggCYTBQ0zO4&google_cver=1&google_push=AYg5qPIeN5xR7cagusjA_9r7TeXfOy9kFRTTMomgPOxFRc5hu2-LFXwjShZm1pVzxSnKkrJ-yBbIsXoikEnpd5MAEVr9Tlm5sV8r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U1QzE0VFktMTUtQVZYVg==&google_push=AYg5qPIeN5xR7cagusjA_9r7TeXfOy9kFRTTMomgPOxFRc5hu2-LFXwjShZm1pVzxSnKkrJ-yBbIsXoikEnpd5MAEVr9Tlm5sV8r
Request Chain 131
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_cver=1&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1

139 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
apps.hs3uka.com/ 		457 B
542 B 		Document
General
Check archive.org
Download Go to
Full URL
https://apps.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
2edfe95175855606ea41a9ed6d4e23bee8e7820428107588b108f37e8c64078e

Request headers

:method
GET
:authority
apps.hs3uka.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 29 Sep 2021 09:54:51 GMT
content-type
text/html
content-length
303
x-accel-version
0.01
etag
"1c9-4fb403d31df80-gzip"
accept-ranges
bytes
cache-control
max-age=3600
expires
Wed, 29 Sep 2021 10:54:51 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
referrer-policy
Primary Request /
www.hs3uka.com/
Redirect Chain
  • http://www.hs3uka.com/
  • https://www.hs3uka.com/
48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
b9f5dff8989672578327224026dcb0a32b9386da1f2f68c469bd261ab5d73318

Request headers

:method
GET
:authority
www.hs3uka.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://apps.hs3uka.com/

Response headers

server
nginx
date
Wed, 29 Sep 2021 09:54:53 GMT
content-type
text/html; charset=UTF-8
content-length
10367
link
<https://www.hs3uka.com/wp-json/>; rel="https://api.w.org/"
cache-control
max-age=3600
expires
Wed, 29 Sep 2021 10:54:52 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
referrer-policy

Redirect headers

Server
nginx
Date
Wed, 29 Sep 2021 09:54:52 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
231
Connection
keep-alive
Location
https://www.hs3uka.com/
custom-fonts.css
www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/ 		2 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
5e9549dcf4e69eac1bdcde3f6cd80ac2a9e0f46788aaab79c4cf64d4c357e163

Request headers

:path
/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 01:21:26 GMT
server
nginx
etag
W/"60bec616-9dd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
style.min.css
www.hs3uka.com/wp-includes/css/dist/block-library/ 		79 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 23:36:35 GMT
server
nginx
etag
W/"613bec03-13abe"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
style.css
www.hs3uka.com/wp-content/themes/dynamic-news-lite/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/style.css?ver=1.6.7
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
00ada518c05526ce852a14ba026d02c9919b2698c562a29f554d2afc3d726a33

Request headers

:path
/wp-content/themes/dynamic-news-lite/style.css?ver=1.6.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 01:21:25 GMT
server
nginx
etag
W/"60bec615-d776"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
genericons.css
www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/genericons/ 		28 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/genericons/genericons.css?ver=3.4.1
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Request headers

:path
/wp-content/themes/dynamic-news-lite/css/genericons/genericons.css?ver=3.4.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 01:21:26 GMT
server
nginx
etag
W/"60bec616-6e6a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
jquery.min.js
www.hs3uka.com/wp-includes/js/jquery/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 23:36:36 GMT
server
nginx
etag
W/"613bec04-15db1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
jquery-migrate.min.js
www.hs3uka.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 05:32:06 GMT
server
nginx
etag
W/"607e6756-2bd8"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
navigation.js
www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/navigation.js?ver=20210324
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
3fdcdfd20f719bd492a121fcd444f0dd6524bb3da0421f42ea8581fc63fcd759

Request headers

:path
/wp-content/themes/dynamic-news-lite/js/navigation.js?ver=20210324
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 01:21:26 GMT
server
nginx
etag
W/"60bec616-e73"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
sidebar.js
www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/js/sidebar.js?ver=20210324
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
d0ee3870dcefaa10fb84c35cc3eecf01760c7743f2906f5ce3fcd47f302ccb22

Request headers

:path
/wp-content/themes/dynamic-news-lite/js/sidebar.js?ver=20210324
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:53 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 01:21:26 GMT
server
nginx
etag
W/"60bec616-a87"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:53 GMT
cropped-chips_electronic_wallpaper.jpg
www.hs3uka.com/wp-content/uploads/2014/11/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hs3uka.com/wp-content/uploads/2014/11/cropped-chips_electronic_wallpaper.jpg
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
7f81f34316ca2e866324c8f94de3e657c44caf057bffd8876eb6d748a8920af9

Request headers

:path
/wp-content/uploads/2014/11/cropped-chips_electronic_wallpaper.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Sun, 16 Nov 2014 03:00:08 GMT
server
nginx
etag
"54681338-13ef8"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
81656
expires
Thu, 29 Sep 2022 09:54:54 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2b9d8f134f92b518f4abd954c7fa61c95fd4fb6e8ee6c2e65fdfd5668ee99030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49995
x-xss-protection
0
server
cafe
etag
6661097763461573863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 09:54:49 GMT
dashicons.min.css
www.hs3uka.com/wp-includes/css/ 		58 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/css/dashicons.min.css?ver=5.8.1
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path
/wp-includes/css/dashicons.min.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 05:32:06 GMT
server
nginx
etag
W/"607e6756-e688"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:54 GMT
thickbox.css
www.hs3uka.com/wp-includes/js/thickbox/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/js/thickbox/thickbox.css?ver=5.8.1
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Request headers

:path
/wp-includes/js/thickbox/thickbox.css?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 05:32:07 GMT
server
nginx
etag
W/"607e6757-a63"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:54 GMT
wp-embed.min.js
www.hs3uka.com/wp-includes/js/ 		1 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 18:57:02 GMT
server
nginx
etag
W/"60788c7e-592"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:54 GMT
thickbox.js
www.hs3uka.com/wp-includes/js/thickbox/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4

Request headers

:path
/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 05:32:07 GMT
server
nginx
etag
W/"607e6757-338a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:54 GMT
wp-emoji-release.min.js
www.hs3uka.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 23:36:37 GMT
server
nginx
etag
W/"613bec05-4705"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31536000
expires
Thu, 29 Sep 2022 09:54:54 GMT
ubuntu-v11-latin-ext_latin-regular.woff2
www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/ubuntu-v11-latin-ext_latin-regular.woff2
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
9738e74b15ccfde5d94d73c5f7fff840e1c58027b9e4a34c4be6a198ea590daf

Request headers

:path
/wp-content/themes/dynamic-news-lite/fonts/ubuntu-v11-latin-ext_latin-regular.woff2
pragma
no-cache
origin
https://www.hs3uka.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Origin
https://www.hs3uka.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Tue, 08 Jun 2021 01:21:26 GMT
server
nginx
etag
"60bec616-10450"
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
66640
expires
Thu, 29 Sep 2022 09:54:54 GMT
francois-one-v11-latin-ext_latin-regular.woff2
www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/fonts/francois-one-v11-latin-ext_latin-regular.woff2
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb

Request headers

:path
/wp-content/themes/dynamic-news-lite/fonts/francois-one-v11-latin-ext_latin-regular.woff2
pragma
no-cache
origin
https://www.hs3uka.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.hs3uka.com/wp-content/themes/dynamic-news-lite/css/custom-fonts.css?ver=20180413
Origin
https://www.hs3uka.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Tue, 08 Jun 2021 01:21:26 GMT
server
nginx
etag
"60bec616-6298"
content-type
application/font-woff2
cache-control
max-age=31536000
accept-ranges
bytes
content-length
25240
expires
Thu, 29 Sep 2022 09:54:54 GMT
truncated
/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://www.hs3uka.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
9961e1884a99a3ed6cc2e773a4128d6fa6f3b34d72ddb8ac7d450fc841e988e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
nnVQGcazBtTVZwjrK9CZjg==
cross-origin-resource-policy
cross-origin
expires
Wed, 29 Sep 2021 09:58:13 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
f32640v7PjzUKCzRs50kptQyvwdmx07LyFdriy5PvtJh5GD9AwGzRjP2972ehm/g3FrbQi/orES2W8YGMTdqpQ==
x-fb-trip-id
686109401
x-fb-content-md5
2e38fd408947c867fb82f8587a0535b7
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Sep 2021 09:54:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"324c6ef7269a7728cc56b0bec5f7dfdc"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
Tourist-Ham-VR.jpg
www.hs3uka.com/wp-content/uploads/2016/10/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hs3uka.com/wp-content/uploads/2016/10/Tourist-Ham-VR.jpg
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
902bee017260c8706075d13f73ede9e212f1c41d8d29248ac0cdb9f68458c424

Request headers

:path
/wp-content/uploads/2016/10/Tourist-Ham-VR.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Sun, 09 Oct 2016 02:45:49 GMT
server
nginx
etag
"57f9af5d-26bf0"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
158704
expires
Thu, 29 Sep 2022 09:54:54 GMT
P_20160807_135711.jpg
www.hs3uka.com/wp-content/uploads/2016/08/ 		378 KB
379 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hs3uka.com/wp-content/uploads/2016/08/P_20160807_135711.jpg
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
dc35fafb2856c869d5af4bb7da3420db82762479350bc2f90af36ea2a8f67ec4

Request headers

:path
/wp-content/uploads/2016/08/P_20160807_135711.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Mon, 08 Aug 2016 10:59:43 GMT
server
nginx
etag
"57a8661f-5e8aa"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
387242
expires
Thu, 29 Sep 2022 09:54:54 GMT
P_20160710_142446.jpg
www.hs3uka.com/wp-content/uploads/2016/07/ 		436 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hs3uka.com/wp-content/uploads/2016/07/P_20160710_142446.jpg
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
5a7454cee17704354767d21916d1ed9b87db69cfc2a3884d98542a88a3eca09d

Request headers

:path
/wp-content/uploads/2016/07/P_20160710_142446.jpg
pragma
no-cache
cookie
__gads=ID=0c64e191c6b461a2-229d8cee65c9004a:T=1632909289:RT=1632909289:S=ALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Wed, 13 Jul 2016 05:53:28 GMT
server
nginx
etag
"5785d758-6d19f"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
446879
expires
Thu, 29 Sep 2022 09:54:54 GMT
P_20150420_115111.jpg
www.hs3uka.com/wp-content/uploads/2016/04/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hs3uka.com/wp-content/uploads/2016/04/P_20150420_115111.jpg
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
b1619779d9188d22bb7cd8af4bc50f7186522fca16b597bd026c6c510fb28b23

Request headers

:path
/wp-content/uploads/2016/04/P_20150420_115111.jpg
pragma
no-cache
cookie
__gads=ID=0c64e191c6b461a2-229d8cee65c9004a:T=1632909289:RT=1632909289:S=ALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Wed, 06 Apr 2016 12:52:35 GMT
server
nginx
etag
"57050693-48a7e"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
297598
expires
Thu, 29 Sep 2022 09:54:54 GMT
sdk.js
connect.facebook.net/en_US/ 		264 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=5f3cd136a2cbfe0eb478f6e85017eb2e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frt3.fbcdn.net
Software
/
Resource Hash
c2679b438c20b1993919d89b2de3b93d1e6f848bdff1a88d9c8db16da02a7084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.hs3uka.com/
Origin
https://www.hs3uka.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
j+ww3jaAZZPYkqiCIJuadQ==
cross-origin-resource-policy
cross-origin
expires
Thu, 29 Sep 2022 08:07:10 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76285
x-fb-rlafr
0
x-fb-debug
cPhPfUDAY4HjgOeZ3aIZG5rGFiOGpYhFs8RnpQYN5czyFf6aBS4s8A3dRXQ2rAwsDMQOMuCQmnRiaJcGzpv+mw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a2b5a308fc230afea331b25c2badb049
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Sep 2021 09:54:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"f00b7c1703502391967465aac8769f1c"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 		255 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96603
x-xss-protection
0
server
cafe
etag
5043874018115547463
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 09:54:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 4311 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 29 Sep 2021 05:09:11 GMT
expires
Wed, 13 Oct 2021 05:09:11 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
17138
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		200 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.hs3uka.com&callback=_gfp_s_&client=ca-pub-9550899622990799
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3b0c1ebbe8bf08755413940a60a019a8542396b84d7ad8054f46fdf657b9e114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hs3uka.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8835 		67 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
08ca295a03fa1e94802d6d8137b4f378b9102f3442664db27bf723d76de7bf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Sep 2021 09:54:49 GMT
server
cafe
content-length
26307
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 10:09:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:49 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27596
x-xss-protection
0
server
sffe
etag
"1632742284803949"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:49 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame FFC8 		76 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9188647580d589f27388e49cc832068d90d00320cb8b4d31faf1144589e4c355
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Sep 2021 09:54:50 GMT
server
cafe
content-length
31313
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 10:09:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:50 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 628E 		93 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
bfe5d52d171126f6cf109689e20ac276e26c9a866a6881e21792833985099e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Sep 2021 09:54:50 GMT
server
cafe
content-length
29216
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 10:09:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:50 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 65DC 		226 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&adk=1812271804&adf=3025194257&lmt=1632909289&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hs3uka.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289376&bpp=1&bdt=883&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280%2C856x280&nras=1&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4b5b8abbd4c62640d0ffecc78a6a08ea1cc57bc44a856b33459235e5c510551c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9550899622990799&output=html&adk=1812271804&adf=3025194257&lmt=1632909289&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.hs3uka.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289376&bpp=1&bdt=883&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280%2C856x280&nras=1&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Sep 2021 09:54:50 GMT
server
cafe
content-length
64661
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 29-Sep-2021 10:09:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:50 GMT
cache-control
private
loadingAnimation.gif
www.hs3uka.com/wp-includes/js/thickbox/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hs3uka.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
119.59.104.14 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software
nginx /
Resource Hash
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

:path
/wp-includes/js/thickbox/loadingAnimation.gif
pragma
no-cache
cookie
__gads=ID=0c64e191c6b461a2-229d8cee65c9004a:T=1632909289:RT=1632909289:S=ALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hs3uka.com
referer
https://www.hs3uka.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:54 GMT
last-modified
Sat, 15 Nov 2014 05:32:45 GMT
server
nginx
etag
"5466e57d-3b86"
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15238
expires
Thu, 29 Sep 2022 09:54:54 GMT
10402886707832185806
tpc.googlesyndication.com/simgad/ Frame 8835 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10402886707832185806?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlXeinavmZ-dKFmvpgy7UazK0CsmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
9996c9a048958551805e7dc25059ee960450d934b40a219fd497f1254dfbb2cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 20:49:06 GMT
x-content-type-options
nosniff
age
565543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124579
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 09:01:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Sep 2022 20:49:06 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 8835 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:51:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:51:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 8835 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
981
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:38:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8835 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:49 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 8835 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1397
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:31:32 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 8835 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16334
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11114
x-xss-protection
0
server
cafe
etag
7602392314963332887
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 05:22:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8835 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cnayn6TdUYZf6FrmK7_UPsMusuAnN3uq4Zdvn8f29DtzZHhABIO7C9hBgyQagAaXjhdkDyAECqAMByAPJBKoEswFP0OJVW7KZDeLS2stWzn93NElUcFN93UX1W-uJA6Xnz4NlpCM27dZtnevSGYH6ZCc9qZoZNJPzOjehB8dAgUmC7eFbt3y8dk1kzXyLPEHXdMUaPdkrZFYsZruO19wxRdTDP8CT9QGTwIYAMXjiHICbGfvuHCtZgcS6nGX4_XMQi4N4YNpsPp4iJoiVNRDV5I6rUvBROskU7WNexQxdnAB-GXkIJra91wVip5rmQ3DOacJ1-sAEtKq-gNsDkgUECAQYAZIFBAgFGASgBgKAB4KVr36oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEL3YCdIIBwiAYRABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTU1MDg5OTYyMjk5MDc5ORgA&sigh=SZ-ihSsuDTU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Sep 2021 09:54:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 29 Sep 2021 09:54:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6D47 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Sep 2021 09:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1236
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6D47
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 29 Sep 2021 09:54:50 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 29-Sep-2021 10:54:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:50 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 29 Sep 2021 09:54:50 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 8835 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79097c14ebf86206aefb82f74ca368f3fe8487be310e0a8498c4c2c57a9c799a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 		142 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
f0251e5919b517e6ab4783fbf49073baa359418f197b8f189350d50790a96306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52317
x-xss-protection
0
server
cafe
etag
53139206650774794
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Sep 2021 09:54:50 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hs3uka.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 67AD 		111 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e23ffcec9d89bbd022eb29897da9dfbd118a0bd19768bbb7b5de54dd8b71483b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 29 Sep 2021 09:54:50 GMT
server
cafe
content-length
41127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9372660221339517755
tpc.googlesyndication.com/daca_images/simgad/ Frame 628E 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9372660221339517755
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
c9e6d81fb77c609aa092c32d75cde0a6eed0cb1cec263ebde6bd6fe36324fa29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:51:29 GMT
x-content-type-options
nosniff
age
349401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170210
x-xss-protection
0
last-modified
Fri, 24 Sep 2021 06:38:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 25 Sep 2022 08:51:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 628E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:22:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 628E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CXxcY6TdUYbf2F-Hl7_UPnKyx4AWO4MXVY9_o6M7ADvy1g534ChABIO7C9hBgyQagAaaJ64wDyAECqAMByAPJBKoEvgFP0O6hXpz5Hh4EUnYh2ksJaHXrB9lbhsYMTmgCHYSx-CxCegFJSbwjr7Cr9CohM8dmNDScgqNhhs5W7vMfKzqAWJC8jSCSTlwExYkprknZIM5dJ-M3W3oUsbP6y5iJrnfecQi45POyf1UiN7cNjoQotE-BfkJ1yY2ufRaSlm31WIK3BYk5wG0n1ACYAock2JdO5tUFGxChJhcYVpw89QT3Rqzw7QS0Ee1sbaEv5t5Oppr0oXIhVeP2tCkVwUGiwAT7jPz_vQOSBQQIBBgBkgUECAUYBKAGAoAHnuKAN6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQtoYT0ggHCIBhEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi05NTUwODk5NjIyOTkwNzk5GAA&sigh=DtRnYdfWI7A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Sep 2021 09:54:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 628E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:15:49 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 628E 		67 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Sep 2021 17:58:30 GMT
x-content-type-options
nosniff
server
cafe
age
57380
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Wed, 29 Sep 2021 17:58:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 628E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 628E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:45:25 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 628E 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 05:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11114
x-xss-protection
0
server
cafe
etag
7602392314963332887
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 05:22:35 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame E2F6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=2497673534&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289234&bpp=5&bdt=741&idt=91&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=4682253047403&frm=20&pv=2&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=564&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=2kK6tLXGeU&p=https%3A//www.hs3uka.com&dtd=108
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FC96 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPIw3efo5an_Y5o4yZ4aNReRK1PDfX-Xl7tnY-GdqF46z9Fbx7CSnOZVuIWN3H1V8LgEZWc-s1VibmMvcA6d3HNzWQuY-a0eW0k_FoDb3rFw8R2kqIYOXmZ0RNI8DIAKD13OD3C_Ms1IKq__fwSYx_Evg-cXNkrS53vfWyjVUQE5uPv46yVCf0Vnmi3g6xozQdnhSU2pQ0NPNmTaJyGfsvRBkvxX3xIH9GCYhdu7rI7ZpNj3j-SnUYMh-yzO_Y-COjg3Y_kIyIPZD3vQfviUmxGt2kkQ166hcugTWueCVt_wk1iJuldqmhLUG6aoTDDd-3De4d9dkyHfG-h43PaynFpvwmyA8U2i3JQ1vfT5GyKw44Y3oIFqoQAEdnz2SHWErMB6plwv1bo_BmMgz5o1T0Mfv48jCMKIFFrVd9Vya--OgS7_80xN3CDsDCdPVuR3hBB-tDCpfSJpnPqyWt9eWcsFDZis8GCZRyO4ecRcHr1NLzEWMgb70gv1vJELKXsWdgyh3MSsVKw7olJG8bfpQEBFH0K_SojhK5RMahMog7H61JoLz3k9yzSd06xUtG_oXO7vDr7IoOFapFGsCoimICw0VebmExpUF9FzqTfRKVeSVkWOANRYEYm15L_SeRxQR-2vW_7OJlrQ4GxyZfjVM2Us2bkSYmItdNNRE_P13aBOuKXNpxzK0MW2qQAjPz0WopLZPzQM1c8hI-zyme63_yDiFlWoxu59an3vfboOk1SBLwvkmeeb9fhCQl_cEP1259k4CSF_3tt6F9M7S2Yev8bJCITA1ur1Nd_Bt3DK_RgfXqztSjsLj0Ga6yfJCkWuGScMVfsjYrFA1g8NEp-YYSupxkpQr2osnATJRYfxBSAurrqPU3IQ5HUrcZNQEeV-KK4e5QqQ26g3iB5tqdzcYBF3P0JY8xjw&sig=Cg0ArKJSzDZqoDwiIfTWEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 29 Sep 2021 09:54:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame FC96 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Sep 2021 09:18:34 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FC96 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 16:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 28 Sep 2022 16:30:55 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FC96 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
ca300181b97db79837a99178494075a3533a40d5ae3b3be2861e54e6eaec5ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 08:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12797
x-xss-protection
0
server
cafe
etag
17082845058424178743
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 08:57:24 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FC96 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:15:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FC96 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame FC96 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:45:25 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame FC96 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=3750996850&adf=231546647&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289239&bpp=1&bdt=746&idt=114&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=1580&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=QxhhpinrJX&p=https%3A//www.hs3uka.com&dtd=123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:22:44 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hs3uka.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/ Frame 83E2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Sep 2021 17:27:37 GMT
expires
Tue, 12 Oct 2021 17:27:37 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
59233
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/ Frame 2F22 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Sep 2021 17:27:37 GMT
expires
Tue, 12 Oct 2021 17:27:37 GMT
content-type
text/html; charset=UTF-8
etag
14847953055219580247
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4613
x-xss-protection
0
age
59233
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0A27 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Sep 2021 09:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 628E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49f84c3c506e0ee4c64ab5b9b5aa1d43e83843c6d2db7199ad698ea84591d6ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FC96 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af50ea2da0f80654ad0a876b87b62fd7c52f434f9625360dbc834e822664935c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2874 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 28 Sep 2021 07:38:15 GMT
expires
Wed, 28 Sep 2022 07:38:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
94595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 83E2 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 09:07:55 GMT
server
ESF
date
Wed, 29 Sep 2021 09:54:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 09:54:50 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 83E2 		205 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 23:07:51 GMT
x-content-type-options
nosniff
age
38819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Sep 2022 23:07:51 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 83E2 		604 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 23:07:51 GMT
x-content-type-options
nosniff
age
38819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Sep 2022 23:07:51 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 83E2 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7680
x-xss-protection
0
server
cafe
etag
7151105853351230339
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:48:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 981A 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 29 Sep 2021 09:54:50 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:50 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame AD9F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:53:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:53:33 GMT
5766790462732067972
s0.2mdn.net/simgad/ Frame AD9F 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5766790462732067972
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
a603a5b5b17a1845503de11ada8c0a9d5a88f88ed067774be29f8fd6d3beefdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 00:36:18 GMT
x-content-type-options
nosniff
age
119912
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37282
x-xss-protection
0
last-modified
Tue, 27 Jul 2021 21:03:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 00:36:18 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame AD9F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1149
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2646
x-xss-protection
0
server
cafe
etag
7823829336074104133
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:35:41 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame AD9F 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlf9zvlaqGY7hiPRquSD47MdGRd4fq9uxjaJ_b5674aPFglnFAvSx51bqO08y74j_XRWkp3i4CeqtFhwWrlXI1d4g2CRQY4hkHozjaCm04BalImGOnhXLRJPGNIw2IJRRNoJnS4CPmRUJ7yLHSNNBervUTkMvD1D3sZcGi9w1WWDuNLj9v7VeCl7Xq3o7qEx5d_cBqAzsNmcylZVvF8vGC92PgCFqzSyAL0nQNhOXAgo8vFg6HORgbDt_STVXhzlfFoZ-K5FiYzmlFuJX9-hA5iUBRAF0HvH9D-gClzGUlbUFCkgafEV2muoZxm3ETY2vi9bMnRgSazSnEZRLE0ImjDYn31epxkyMtfSYi0J6gaQTXM0uldZkqeuOJbUtDB-B6vBdzpu8Bjllggo7V1WfBYC3FW-123j2vi1j1DOKYctVskRRjBty1xxLkvN2y66MmJg2drbboSB5TEAx9K3JwPVi95MrYOEb25sdiCWM0lPrU8mFMjsXu0N29I6LpdrbEk7EjVH1QdWUXXhS7YTbc2WYuyyy0CZB_0nFekZjG39RLzMAohzhh0XupTJXItQ9iVfzNCoHkiJamIf6BN-L-deDZWRlf_6MTSKcGlMSeL01HfncIVcGrGC6gPxf1n2qS1NLUll4B3sCYAfwZa-8T7iUxvICNFDYE6HHCkmjzK8gWS7uKLW_MrBZFWKUZm8O4lpH6UAwXQsE3cDGlgUaHGP_YgjUaGVgstkc6VSHGcBzrm2MbruqRXBEfXO6CSyF-SMsImdxirlFaVvpWcMNZA6XNKt3G_s4-aM-hwoXrp4ZoLf4qNA7uZPmDEdZOmdTSBrQw-ZI_-qRX9q6MebW49EBVz83I6fSPuiOJ8gn-miO0nNG3G71jzlH2Nd5tNeHfDkgxvcFx-04-0LS-3m1ACCC9VIwkzwFEJGt-sPu83vOKBxG_-NNkAwHsH_U65sQacgUMnA9SMefpTkbNSRJE4jwIwCLPqqfKhCXuHfhXhCgMwQwkXgKHXkPRKhhCS90jpKi0mNw7cHw2uMdDbRn-8aM&sai=AMfl-YRO0LFxUESm8K2QcvFbO9yTUQdjrevaZwOIaB1d2C8LhddAmnwPkapi2YWIcy2DVNDm8-8T5SOxbsr9h8kNtRYdR2JTnevXWzKsKCdc0Yg94sEjoChMDK00bdVr0uHLas_6-lg4ana2UtQfV9PY6HDdqAe2QGP2mb0uJBPnPw&sig=Cg0ArKJSzGKvNiU-5rWrEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210922.95573&adurl=
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 29 Sep 2021 09:54:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame AD9F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 16:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 28 Sep 2022 16:30:55 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame AD9F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:15:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD9F 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame AD9F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:45:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AD9F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BjIGZZJYbCx8MUu2aWIlQkTOyzXzDXmS3zQII5egA8EWxNiNneZHkKT4dsE8SHvLx2nxB-vuby2XGFLZ3lmQuHHhKGArHR1qVFqj7kvJ41xxmUY78
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/ Frame 988F 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
03ed5ae3103733cf5fde70ca262c9c7389bc6390a7c22898014cd548cc0512c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
3000
date
Wed, 29 Sep 2021 09:54:50 GMT
expires
Thu, 29 Sep 2022 09:54:50 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 20 Apr 2021 15:36:17 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame AD9F 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlf9zvlaqGY7hiPRquSD47MdGRd4fq9uxjaJ_b5674aPFglnFAvSx51bqO08y74j_XRWkp3i4CeqtFhwWrlXI1d4g2CRQY4hkHozjaCm04BalImGOnhXLRJPGNIw2IJRRNoJnS4CPmRUJ7yLHSNNBervUTkMvD1D3sZcGi9w1WWDuNLj9v7VeCl7Xq3o7qEx5d_cBqAzsNmcylZVvF8vGC92PgCFqzSyAL0nQNhOXAgo8vFg6HORgbDt_STVXhzlfFoZ-K5FiYzmlFuJX9-hA5iUBRAF0HvH9D-gClzGUlbUFCkgafEV2muoZxm3ETY2vi9bMnRgSazSnEZRLE0ImjDYn31epxkyMtfSYi0J6gaQTXM0uldZkqeuOJbUtDB-B6vBdzpu8Bjllggo7V1WfBYC3FW-123j2vi1j1DOKYctVskRRjBty1xxLkvN2y66MmJg2drbboSB5TEAx9K3JwPVi95MrYOEb25sdiCWM0lPrU8mFMjsXu0N29I6LpdrbEk7EjVH1QdWUXXhS7YTbc2WYuyyy0CZB_0nFekZjG39RLzMAohzhh0XupTJXItQ9iVfzNCoHkiJamIf6BN-L-deDZWRlf_6MTSKcGlMSeL01HfncIVcGrGC6gPxf1n2qS1NLUll4B3sCYAfwZa-8T7iUxvICNFDYE6HHCkmjzK8gWS7uKLW_MrBZFWKUZm8O4lpH6UAwXQsE3cDGlgUaHGP_YgjUaGVgstkc6VSHGcBzrm2MbruqRXBEfXO6CSyF-SMsImdxirlFaVvpWcMNZA6XNKt3G_s4-aM-hwoXrp4ZoLf4qNA7uZPmDEdZOmdTSBrQw-ZI_-qRX9q6MebW49EBVz83I6fSPuiOJ8gn-miO0nNG3G71jzlH2Nd5tNeHfDkgxvcFx-04-0LS-3m1ACCC9VIwkzwFEJGt-sPu83vOKBxG_-NNkAwHsH_U65sQacgUMnA9SMefpTkbNSRJE4jwIwCLPqqfKhCXuHfhXhCgMwQwkXgKHXkPRKhhCS90jpKi0mNw7cHw2uMdDbRn-8aM&sai=AMfl-YRO0LFxUESm8K2QcvFbO9yTUQdjrevaZwOIaB1d2C8LhddAmnwPkapi2YWIcy2DVNDm8-8T5SOxbsr9h8kNtRYdR2JTnevXWzKsKCdc0Yg94sEjoChMDK00bdVr0uHLas_6-lg4ana2UtQfV9PY6HDdqAe2QGP2mb0uJBPnPw&sig=Cg0ArKJSzGKvNiU-5rWrEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=41&vt=11&dtpt=40&dett=2&cstd=0&cisv=r20210922.95573&adurl=
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 09:54:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 981A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 09:54:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Sep 2021 09:54:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 981A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVQ36um7MdgU1KG8u3-NAgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 09:54:50 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 29 Sep 2021 09:54:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMuvicD6qYnBhWeeciQWkmQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 981A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEOC8_9ksYkq0gb5TA1a5QE0&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOC8_9ksYkq0gb5TA1a5QE0%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOC8_9ksYkq0gb5TA1a5QE0%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 09:54:50 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2c1e58a1-1468-4d68-9b2a-1780aa0e9b76
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 09:54:50 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d042afe6-4c35-465e-ba8b-8714f5802de3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOC8_9ksYkq0gb5TA1a5QE0%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 981A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDc1NzcwODcwOTA3NzM2NA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDc1NzcwODcwOTA3NzM2NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMnRvNQCEJP9zuICGJDhzrUBMAE&v=APEucNVDoXGvFC8FLouvD_bPHA6-7PbuljWJ9TZ09L1WShWtyKNBoNC1SZtuP3buZwIyY4BTwuq-osAtd-OVTbBDHDNh3Pe_RA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Sep 2021 09:54:50 GMT
X-Proxy-Origin
216.131.114.235; 216.131.114.235; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c41e0211-e555-4250-98e8-c1f904357803
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTc3MDc1NzcwODcwOTA3NzM2NA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A27
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 29 Sep 2021 09:54:50 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 29-Sep-2021 10:54:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 29 Sep 2021 09:54:50 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 29 Sep 2021 09:54:50 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame AD9F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
660c9dfee5173e08a9e9bb78e28f4a903357983fbb01cc1815a4bf4ebae9c8fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E893 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Tue, 28 Sep 2021 07:38:15 GMT
expires
Wed, 28 Sep 2022 07:38:15 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
94595
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame E99B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=280&slotname=6974332613&adk=4043506148&adf=71591246&pi=t.ma~as.6974332613&w=856&fwrn=4&fwrnh=100&lmt=1632909289&rafmt=1&psa=0&format=856x280&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909289240&bpp=1&bdt=747&idt=130&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=856x280%2C856x280&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=179&ady=2071&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4352841128247297&pem=492&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=2QS9EbuBxG&p=https%3A//www.hs3uka.com&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame 2874 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 183F 		1 KB
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
518
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:46:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 183F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1926
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:22:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 183F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:15:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 183F 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:50 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 183F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:45:25 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame 183F 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f99.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 23 Sep 2021 03:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
539697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 03:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Wed, 22 Dec 2021 03:59:53 GMT
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 988F 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:50:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83065
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Sep 2021 10:50:25 GMT
spokeo_logo.png
s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/ Frame 988F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/spokeo_logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
65851a726c7334ad0993ba41cf1808f496e90caf64bbbbedc4c63bfc7d04ff65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 07:02:39 GMT
x-content-type-options
nosniff
age
96731
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3101
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 15:36:17 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 07:02:39 GMT
MuseoSans_700.woff2
s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/ Frame 988F 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/MuseoSans_700.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
1717c223ecf044a0ac6a67c5b3d1e8e61abf6b71508bf322bb41c3fc4e0055ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6411162448497213440/Banner_Light_970x250/index.html?e=69&leftOffset=0&topOffset=0&c=QDgdnLkbZK&t=1&renderingType=2
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 20:02:38 GMT
x-content-type-options
nosniff
age
395532
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18168
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 15:36:17 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 24 Sep 2022 20:02:38 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame E893 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame 6EEA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: apps.hs3uka.com
URL: https://apps.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 988F 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
0c7a16d26335c613f897bd8449a5d0998e3e8ac259fa1ea1f382354bd1be7553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4419
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 988F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 29 Sep 2021 09:54:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2874 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BD6kU6TdUYZqkF8HL7_UP06KmkAsAAAAAOAHgBAI&bg=!nZ6lntrNAAZNQyuQTUM7ACkAdvg8Wu-j_7yy8a_11ph1MIxeq4hFtPn5tE-ZfwtLPuIyCl5n2KIsjQIAAAEnUgAAABdoAQcKAD04TMSNmbObiyaxZZpAxkHXPqvIimReDzU1b96v1bsd2b3rsycR9PONRE5Am2Mq5qC13JajASiKJYsEU5WVmQMlDw6ZOlzKHOtjzD6AKL9enFqCv1z7Pw_XiINtRIH8VR1Cp1o37SdgFzYwyC3lbY3WCMOBYjwRe66jRvqeH0-lsJKMAc_9L96iyeIUOlEK5af-sqZm-wh2Xl2LO75LpzOiBJKtrbYmhBAE3KUFdn3u2v46T2NABhGoULhe2Q6sYVJ4sIPE39jOl-kB8hDHMmPYJ7lTpImSwdLUwIB38ggw2tWYI_ozWE_SGgUXQl48zo4Dd7cPGXs8npmlN8A309O-1zdm6OVnOiTLT1AT2jRLsiWWkG6eh9jIwuiUoD6pNbpfihMruxtGjUbs16gvebkFvNufPVEJMq8VnZC7UuqLCO_nJ7OUG1kJvY0NxPMWnnnQw3kYJ96ig0dSnalFrIt6OWMMnOCP3U4GzApamC0KuIncn71JmrCa1sBZlzeqvnbIuuo9WF7Ujj-788Ga-_QRaMPmKstnLohpjq_B8oL85kP-XzXoUb7G6VfmTJb-4NhmK6F6eDAxkcrhhvEku12Em_Cq-GBoi7IbyGXoGo5xcvU7PY4K4so6ISwaEfvub3Gz9CSNUe_O1if9iAjmgKBk80F6kxjSGdZ2U4xG-Da-12uZXU6Rlzyn4SQ7EO3XgxK_3HjAf1ecOjV6jM0ji5uTtbfdybtL6y0elz2IyMI_w8q5nVocJERLRM7ccvectzYa0jh_E8ox4wPbtK1RkiupGdKkknlqxOddaGcb1qUcacNbqR9Q6-j7sBVspItkOyxQvBjpnN6QHad3W7Sff00ayyNhFuTaS8WYDqccjGvLJl4zCp-S2xXah3LZTO-QwMr9QdKis3nVKzsr6o9T5f1z-Oe0IMM-2NFhfCHfxhaUq8WQEevqGpQmQ7TvJ1Q6diFYZXl6WnWk5xaXhDpdKQmh8fSfJhZ14MY4HOueCtlSS-BG82v813sEvva2drdsO5pKgM-cQQMNXZD_oPrkxarxY1aX0-QKGMWY0CkP2qHP2SQQkMZFMbShOhs2TV_nryCaxYaQvHCNerbKcatj16xEL1_OU2HlG0ORlGrlUdibvYadY5Iul7z8m_-BqkOX05FB-Uf5Nw
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E893 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BgD5U6TdUYcvAGN2f7_UPx_OV4AkAAAAAOAHgBAI&bg=!mZqlmt7NAAZNQyuQTUM7ACkAdvg8WkNRflYcXye1fcmIaOunY2EsxERNOt0cnC136cO1u54ExSY5TwIAAADBUgAAAAtoAQeZAxyoGIBnpRhxgijbI1RAZs8FDIy-d8tq9z17OzKZ_WOTXSzTIBiQOieoUNednbjhzhnN7JkaPOQXpf54OlEX8YavhZLAXH8Wq9YgeN7BBWvyW2KIH5hZGWdPENIU2BIm_8IBrio-PtqHJp4CF_KK_UyQO8nv2Gyv4K1-80F4Yr7Zk6tu5Ml_lPdEowtDmq6Muzvz6c5kAgEJtb8h1-AdAMQW1zBbM8aFg_8KTJRcNRMwNJT6mYA1kYR9NQheYCsD-Lo09YvopzT0BCtElPvtUjy7DDaGm48BqOkBCLAwQ6NZZnOUdX2GK2xAKA9cJ-LGRYxfJpI9104Zq-FqmOGwc7ALyCF3vVo7zKB-0PrNz6B6cJb-0qJAl-NisR0juhiUhwTcjCHlfhsqK_l4P7LiO7TN1IxGAoKlmmCgdFaMmnVrm_FjHnt5pqKv-5E2lsIsPRk25eyD54nQXD9lpPZfImrqE3tbJiGvIIdsuawbX3xuPUzryOF-4hgECBnM9L-Mts5dRg8PtXFSEL_ME1PGm_FvhcIJE5yB-LiXKU9e2BEcXbcgTv21jcqAwmmDC1OAQF7UpSDvEhoj5pZhv2n7EW5Zg1-boiwg13PpmDGbljtmnZZoA_rwd7qmbloCk7EOx2qF1ntXv1uV-_A4pnq19-MVF0d5Cz050P0emIWEWVKrYnvT5_M2wdSi9rn2Rd6yYUAF5FWIxFyx2CE-yGdLWFqZ8saUegfkGF7COyeiYXXY62KMgzMBxC16Aizw6jvEsE5DQtv-grGJaB5uEJg641BCYeEagfj8bCjY6YAN_MYSLMI2QZbdrX6w-Uwnjl5EzEsy0hsrpMmy4P6-DyRPfT5Smm-E5OGx27V1mxaf5T6GDMjEBVm22MlaTnOiAXlSWavkcTUrigvObp0utwEwUuI1aAAY1XP5686z78PFGihp7eTOnLmpqHRX1b2QPT_19Kkg0Om1Pmjb4C8Y63YFP2mBPiV9dXu9vLXenAM8KjF3xmAyk8hKbO-lnerilsocJuVSF8LzEJtOPIIe--l_fPW_QLS0DOvVCc7MMrFA
Requested by
Host: www.hs3uka.com
URL: https://www.hs3uka.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame 8A58 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
css
fonts.googleapis.com/ Frame 67AD 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 08:20:40 GMT
server
ESF
date
Wed, 29 Sep 2021 09:54:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 09:54:51 GMT
css
fonts.googleapis.com/ Frame 67AD 		8 KB
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 09:13:46 GMT
server
ESF
date
Wed, 29 Sep 2021 09:54:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Sep 2021 09:54:51 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 67AD 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
ca300181b97db79837a99178494075a3533a40d5ae3b3be2861e54e6eaec5ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 08:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3447
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12797
x-xss-protection
0
server
cafe
etag
17082845058424178743
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 08:57:24 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 67AD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7635
x-xss-protection
0
server
cafe
etag
15605042170853735879
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:22:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 67AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:15:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 67AD 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37837
x-xss-protection
0
server
sffe
etag
"1632742272549041"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Wed, 29 Sep 2021 09:54:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 67AD 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:45:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
566
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6232
x-xss-protection
0
server
cafe
etag
15606800361334891596
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Oct 2021 09:45:25 GMT
l
www.google.com/ads/measurement/ Frame 67AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAs3wxnMs4Lz0HD8mJC1oiGST6-ajDTMV9ZROEL4IPG5HtMIOe_rC-cxWFxBbQemqIc7q0VTxdt_Y8RfeQXfY_0hgFwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8835 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSClLZ65wcHUXcU6hzJwvAfjZJPxNJSHoTCRw4vsuJ4fiU_ZKBstUEoiPk2uxCZEFH5UOwlYoEvhleptXGmZcCyxr6Ywj_BEWT_xbjdnkHGt1W_F8&sai=AMfl-YQefnVr-oBzH8JrM37JUAVGG6P-_FDGMLcQ5Elxh8aeq-Seb9SRyV7FpneEyiK8D7PGSfZHOmx6tLWg&sig=Cg0ArKJSzL4HwaGpq06_EAE&id=lidar2&mcvt=1011&p=564,179,785,1035&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3750996850&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632909289343&rpt=710
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/18166301172279824630/ Frame 67AD 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18166301172279824630/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIngYQogMYASABLQAAAD8wnwY4ogNFAACAPw&rs=AOga4qmCcR1AsUWi29KvzUDfuLPWBgbeUA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
f2b14634d32911bc9ded8f8c88897e2f3d97e69e8b49057c7d9e5ced661246ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:51 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
82362
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 10:11:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 29 Sep 2022 09:54:51 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 67AD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEoXx6jdUYabzB5CK7_UPx7qEmASQuL7JY9HsjfmaCo_zm6PRFxABIO7C9hBgyQagAcuA0P4DyAEGqAMByAPLBKoEtwFP0Ef_RU4dbh7Imzty1nTiI-4giLBiCbrPudEreUwoiNSrlUaXKKnkyToee2_4Ib0EssgOlViBedhDI9ppJTbnsR_e-7fFExDwASc3Iq9ouCkn_AM9y0-BU9aAyTYB4ZxtH2hqcD_tsGUCvU1QC0bun0I_ZktEt3Vnm_y8k0Pkeigw0_biCSLh6U4siGmrYLk_o8H183UhiwZRYCH3-y3p6K12ePclmoJMwn00TvLsk0MGbEyfntrABJaD2L6vApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAed_68BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCA0zvSCAcIgGEQARgfgAoByAsB2BMNiBQK0BUBmBYBgBcBshccChoIABIUcHViLTk1NTA4OTk2MjI5OTA3OTkYAA&sigh=A5_0-k0-L4c&template_id=492
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 29 Sep 2021 09:54:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 67AD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.67 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options
nosniff
age
580988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 22 Sep 2022 16:31:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 58C9 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 28 Sep 2021 21:06:15 GMT
expires
Wed, 29 Sep 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
46116
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dpixel
cms.quantserve.com/ Frame 58C9 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHgRcaV5KNiGjaw5qhrjupI&google_cver=1&google_push=AYg5qPKC-GRuw0UsQ5LqfRQeAFqXXZN02tgBmp-sJG-lXi91yLST-Gc2oMvy5EqJ3pOMSZILL7Iok8JEYpTeIYFnFYCygzRTI_THVg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 58C9 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEJJCVEGchmgdkNL1Cyq3NuE&google_cver=1&google_push=AYg5qPIGP_WcEuB5m3lkFgIZcdj9y6vWa5YJHKI6wAsvSul_TTELH-hmRyGP8KQuhAvfNVtmifC8GZRnNbYBcvptsaQ0IF_uDAD9Fw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 58C9
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBfoBzmyD-rqyKTf1WfwDzM&google_cver=1&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBfoBzmyD-rqyKTf1WfwDzM&google_cver=1&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfX...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw&google_hm=SEMD4en6wOMPfiXmDqZHJA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw&google_hm=SEMD4en6wOMPfiXmDqZHJA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLvObZ06kLqEmnRApWB92sDqaoan4ivSv4brRxSd9eJlmN524J1WbzOy_ncOtDRwHZsqML7X2zQHdfSH-CGnKh3K6Ph6cHfXw&google_hm=SEMD4en6wOMPfiXmDqZHJA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
m05mocs8fn0m55ou9l3kjalksp3j69ok
pixel
cm.g.doubleclick.net/ Frame 58C9
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eu-ySqA5SGWrwCLMY3j3jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eu-ySqA5SGWrwCLMY3j3jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJGFYltuG_rNMpe8QVZ3AnfLVQAr3i9abRgqhPmQbbu8LbZlXV6MIZQkNPBrGXqyLVGV-9Z7MQUoisxV-8B71-JSBVWQdxquA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eu-ySqA5SGWrwCLMY3j3jQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJGFYltuG_rNMpe8QVZ3AnfLVQAr3i9abRgqhPmQbbu8LbZlXV6MIZQkNPBrGXqyLVGV-9Z7MQUoisxV-8B71-JSBVWQdxquA
date
Wed, 29 Sep 2021 09:54:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 58C9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMC4i_LwV71IggCYTBQ0zO4&google_cver=1&google_push=AYg5qPIeN5xR7cagusjA_9r7TeXfOy9kFRTTMomgPOxFRc5hu2-LFXwjShZm1pVzxSnKkrJ-yBb...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U1QzE0VFktMTUtQVZYVg==&google_push=AYg5qPIeN5xR7cagusjA_9r7TeXfOy9kFRTTMomgPOxFRc5hu2-LFXwjShZm1pVzxSnKkrJ-yBbIsXoikEnpd5MAEVr9Tlm5sV8r
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U1QzE0VFktMTUtQVZYVg==&google_push=AYg5qPIeN5xR7cagusjA_9r7TeXfOy9kFRTTMomgPOxFRc5hu2-LFXwjShZm1pVzxSnKkrJ-yBbIsXoikEnpd5MAEVr9Tlm5sV8r
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U1QzE0VFktMTUtQVZYVg==&google_push=AYg5qPIeN5xR7cagusjA_9r7TeXfOy9kFRTTMomgPOxFRc5hu2-LFXwjShZm1pVzxSnKkrJ-yBbIsXoikEnpd5MAEVr9Tlm5sV8r
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 58C9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01Cg...
0
0
/
cc.adingo.jp/adx/push/ Frame 58C9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc.adingo.jp/adx/push/?google_gid=CAESEDN_D-AdigelAuclcYmOoaU&google_cver=1&google_push=AYg5qPKrEMKaCt9ThjlNYtUj24jtNGQ71ZzMperGFFzLMl1cBjko6ank7gtJzQUlfLEDOvc_xos8aGTVseH6HdztZ5jtywipjTF2Ig
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.115.67.144 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:51 GMT
server
awselb/2.0
attr
cm.g.doubleclick.net/pixel/ Frame 58C9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlGDR6BSuyhwzFgmqLMbqErgWlDjPO8DMYHX6dmdT8B2P6cKTgoUxgXddUbSzcc5eI7xxD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 67AD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79aa4b4f59469dd842a5c6d53923bf5a5b6b242099fddd9ad0daf6289fe75b80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
02dced5adce13adbfaa221bb194f287eb9b3ac6909c92118c639f1fd486f8184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Sep 2021 09:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8575
x-xss-protection
0
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame 5E3E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9550899622990799&output=html&h=619&adk=2070321803&adf=188218590&pi=t.aa~a.1221079309~rp.4&w=906&lmt=1632909290&nsk=573bdf4b&rafmt=11&pwprc=9302228041&psa=1&ad_type=text_image&format=906x619&url=https%3A%2F%2Fwww.hs3uka.com%2F&flash=0&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632909290100&bpp=1&bdt=1607&idt=1&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0c64e191c6b461a2-229d8cee65c9004a%3AT%3D1632909289%3ART%3D1632909289%3AS%3DALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg&prev_fmts=856x280%2C856x280%2C856x280%2C0x0&nras=2&correlator=4682253047403&frm=20&pv=1&ga_vid=859576585.1632909289&ga_sid=1632909289&ga_hid=1957648196&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=154&ady=3173&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H-079wceOcnR7OciL3L2B_LGKQr06US-B_JoZ5KU8PY5Er1g2F9TGTroyd-UoAyMhbYiuTAGlMwDrc&pvsid=4352841128247297&pem=492&eae=0&fc=768&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=dwQelRRErM&p=https%3A//www.hs3uka.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 29 Sep 2021 09:54:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B685 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Wed, 29 Sep 2021 09:09:51 GMT
expires
Thu, 29 Sep 2022 09:09:51 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2700
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame C4AD 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
bf7f1053749e312a24897e30e2cb79c3120872d4df9e94fdf3b0398b8ca72135
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w9atfHz2s3Q38perq1ngcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hs3uka.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 29 Sep 2021 09:54:51 GMT
date
Wed, 29 Sep 2021 09:54:51 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-w9atfHz2s3Q38perq1ngcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
pagead2.googlesyndication.com/bg/ Frame B685 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 10:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
85933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 23:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 28 Sep 2022 10:02:38 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C4AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=4352841128247297&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame AD9F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZi_YD66LFQ4q7pUHyGGAa5VwgdQihD3v3z1Q0MqIqm0m0tgoQ8_6rrXG0F2xYlYfVuLfSdOUlXYopa7fNBd80ex4qQ6GTEqgZHJZ0nMj8v8r3hzY&sai=AMfl-YRh6KypojxKrFp_eN5AmabWUql822RIObFSGFLACY3T-LOfWOqxP6vj5HX9zSOyNNcrGsPKyzKeqDq8&sig=Cg0ArKJSzOkIi4MVwhmmEAE&cid=CAASBORokZc&id=lidar2&mcvt=1005&p=1110,298,1204,1026&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=20&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1632909290358&rpt=456
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Sep 2021 09:54:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=4352841128247297&bg=!3d6l3prNAAZNQyuQTUM7ACkAdvg8Wrw0Ou40tbtuNCuBbcIRhkN55LEi0nR1ReKfveuxsRS8ofsz7wIAAABaUgAAAAtoAQeZArRmGhh-KFTN1oVOf6fglonkMmPFOyZuT0YwT4ZXo7Kqcn9y6Hq-lIXaUStibIJl07AneNP6ThZQgIcuBcrKbk3cGZccfMHNlW968ZR1vy9DkGEi8PNoGCaWI7oMLUwjPQ7UO0zvoIbbO6OngQgTwdqdn19QjBFoICqnTT5aZFe1MqPZJLoSthNqYXmTRLqCtLl95dlOuNwzN-OZ5iOAVvrZQLbGEmub-Nm9O5uSCUHsuM_0WAJS2QREDCMNz5RbWmKORRHfP-o75r7P0UZxmF0iCjXM-v57ExQfAbGi1C6HodNMVeeMRF4-bfVMPEBd11grWHxSx7JSk1FDghFTdyYLD4te5ViSH9MJhpSG0TMkMO6D-FF1PRkGXv7c9EH17uARtOZes3HLXHmKMtErIdSAUYrQ-kwYcTmCmjJ-d9JEUIPIh4jPge_VO8odx9TNhCzI8SqKs17eRpgl0u4X-OTu4UMoXobN39I-PuGopz15jfLIiAc87IMGXpAlNHflR_2fdDQk8bp8OEt17BfT_g0cohiLGp6pkwC19egwDA9IyduSi4EQvoK5GLAVq-e1CgyRfr4Z0pt5hMr1ACd1Z4MTuOgAO-feynp4Aa1w9Cu4D0DzIoyeUko_MhO7db1RceFBO3K1jNgbOPs6_5dRsxgu8AHM5NIwNxNRLP8h-D1XVmBMOlFKP_jH1QPZsvS_Q0VO2p28ihnhyqmvk2D_Isr_KEtea9OC0fz1qP9LvzBer04hsIGM7f472gmWigZT6PoMG4d7zqJpuGsycscAyFD3WzBwc6ggTTh9wkr2Zb2j7MgdLDDf7JORecjGvag2FtfhIBalsaKaw2tptAILbBzzmcn7FMXokoCspRh_cCdrw-30GVap7F1zMFwnO1gRAKzhBRS_4T9Q2nu3KHDL7XExixu_Jg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hs3uka.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery object| dynamicnews_menu_title object| dynamicnews_sidebar_title object| adsbygoogle object| FB object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| wp object| thickboxL10n string| tb_pathToImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| imgLoader function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| twemoji object| googletag object| google_llp

10 Cookies

Domain/Path Name / Value
.hs3uka.com/ Name: __gads
Value: ID=0c64e191c6b461a2-229d8cee65c9004a:T=1632909289:RT=1632909289:S=ALNI_MYLx5M5V9Ef5JLq9y7pfr4a_LRhWg
.doubleclick.net/ Name: IDE
Value: AHWqTUksITqSYtRI9tvwvUOge7yk3djdjs2j0iECFu2QbqrSOaRxctoWXMC8e4AZloQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: YVQ36um7MdgU1KG8u3-NAgAA
.casalemedia.com/ Name: CMPS
Value: 3201
.casalemedia.com/ Name: CMPRO
Value: 1209
.casalemedia.com/ Name: CMST
Value: YVQ36mFUN+oA
.adnxs.com/ Name: uuid2
Value: 2364196310588453533
.casalemedia.com/ Name: CMRUM3
Value: 2d615437ea2760CAESEMuvicD6qYnBhWeeciQWkmQ
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?bwpg[x!]tbPl1M>e)ZlrFUfJ+tGXxpW_YQR@K(d(=XlA!kFt(RrY4u>%NaaBa*Z<9I*bpRz*qF1`*b_G<*%KZy

3 Console Messages

Source Level URL
Text
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVQ36um7MdgU1KG8u3_NAgAABLkAAAAB&google_gid=CAESEK8dUizUuXKjPqwhpmHeFxM&google_push=AYg5qPL1NH03KO4s_CBx5kicpoL4p6_tHF-ir2ufB3vHkUN01CgKyhCu78SRTSyq9VXY6rR3VhJ00bT0vHtCC_hePwvH8yf4U7_uVg&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
apps.hs3uka.com
cc.adingo.jp
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.hs3uka.com
cm.g.doubleclick.net
119.59.104.14
142.250.181.226
142.250.184.194
142.250.185.102
142.250.185.129
142.250.185.164
142.250.185.194
142.250.185.234
142.250.185.66
142.250.185.67
172.217.23.98
172.217.23.99
185.33.220.244
185.64.189.115
2.18.234.21
216.58.212.162
3.115.67.144
31.13.92.14
34.98.67.61
35.186.253.211
69.173.144.139
91.228.74.133
00ada518c05526ce852a14ba026d02c9919b2698c562a29f554d2afc3d726a33
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02dced5adce13adbfaa221bb194f287eb9b3ac6909c92118c639f1fd486f8184
03ed5ae3103733cf5fde70ca262c9c7389bc6390a7c22898014cd548cc0512c3
08ca295a03fa1e94802d6d8137b4f378b9102f3442664db27bf723d76de7bf97
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7a16d26335c613f897bd8449a5d0998e3e8ac259fa1ea1f382354bd1be7553
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1717c223ecf044a0ac6a67c5b3d1e8e61abf6b71508bf322bb41c3fc4e0055ee
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2b9d8f134f92b518f4abd954c7fa61c95fd4fb6e8ee6c2e65fdfd5668ee99030
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
2edfe95175855606ea41a9ed6d4e23bee8e7820428107588b108f37e8c64078e
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
3b0c1ebbe8bf08755413940a60a019a8542396b84d7ad8054f46fdf657b9e114
3fdcdfd20f719bd492a121fcd444f0dd6524bb3da0421f42ea8581fc63fcd759
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
49f84c3c506e0ee4c64ab5b9b5aa1d43e83843c6d2db7199ad698ea84591d6ac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5b8abbd4c62640d0ffecc78a6a08ea1cc57bc44a856b33459235e5c510551c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
569411215bdd18d7660a5d2e5385f061c409915fbf4c9058e06ab18b06fb0ad5
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
5a7454cee17704354767d21916d1ed9b87db69cfc2a3884d98542a88a3eca09d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1b2acad2dd2f0095ace4499fb9945a5436adcf28bb47260bf75def4b0235d0
5e9549dcf4e69eac1bdcde3f6cd80ac2a9e0f46788aaab79c4cf64d4c357e163
65851a726c7334ad0993ba41cf1808f496e90caf64bbbbedc4c63bfc7d04ff65
660c9dfee5173e08a9e9bb78e28f4a903357983fbb01cc1815a4bf4ebae9c8fc
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
77a38ebee5730b70e36e9d5ddaa61456b06e905d98c5af6b86d7b7ca214583a4
79097c14ebf86206aefb82f74ca368f3fe8487be310e0a8498c4c2c57a9c799a
79aa4b4f59469dd842a5c6d53923bf5a5b6b242099fddd9ad0daf6289fe75b80
7f81f34316ca2e866324c8f94de3e657c44caf057bffd8876eb6d748a8920af9
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
902bee017260c8706075d13f73ede9e212f1c41d8d29248ac0cdb9f68458c424
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9188647580d589f27388e49cc832068d90d00320cb8b4d31faf1144589e4c355
9738e74b15ccfde5d94d73c5f7fff840e1c58027b9e4a34c4be6a198ea590daf
9961e1884a99a3ed6cc2e773a4128d6fa6f3b34d72ddb8ac7d450fc841e988e4
9996c9a048958551805e7dc25059ee960450d934b40a219fd497f1254dfbb2cd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a603a5b5b17a1845503de11ada8c0a9d5a88f88ed067774be29f8fd6d3beefdb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
af50ea2da0f80654ad0a876b87b62fd7c52f434f9625360dbc834e822664935c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1619779d9188d22bb7cd8af4bc50f7186522fca16b597bd026c6c510fb28b23
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b9f5dff8989672578327224026dcb0a32b9386da1f2f68c469bd261ab5d73318
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bf7f1053749e312a24897e30e2cb79c3120872d4df9e94fdf3b0398b8ca72135
bfe5d52d171126f6cf109689e20ac276e26c9a866a6881e21792833985099e62
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2679b438c20b1993919d89b2de3b93d1e6f848bdff1a88d9c8db16da02a7084
c9e6d81fb77c609aa092c32d75cde0a6eed0cb1cec263ebde6bd6fe36324fa29
ca300181b97db79837a99178494075a3533a40d5ae3b3be2861e54e6eaec5ace
cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14
d0ee3870dcefaa10fb84c35cc3eecf01760c7743f2906f5ce3fcd47f302ccb22
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d850e65552835b3f137b941d741625b693ada871207bc891d501aa16bc12acdb
dc35fafb2856c869d5af4bb7da3420db82762479350bc2f90af36ea2a8f67ec4
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e23ffcec9d89bbd022eb29897da9dfbd118a0bd19768bbb7b5de54dd8b71483b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0251e5919b517e6ab4783fbf49073baa359418f197b8f189350d50790a96306
f2b14634d32911bc9ded8f8c88897e2f3d97e69e8b49057c7d9e5ced661246ac