mail.seven9three.com Open in urlscan Pro
185.119.110.12  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response mail.seven9three.com/	17 KB 17 KB	95ms 28ms	Document text/html	185.119.110.12 BT-UK-AS BTnet UK...
General Check archive.org Show headers Download Go to Full URL https://mail.seven9three.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.119.110.12 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB), Reverse DNS Software Apache / Resource Hash 24001daf39ee658f315caa09fe617b4449ee3971860601dbb7613c06137c0423 Request headers Host mail.seven9three.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 18 Jun 2021 14:26:20 GMT Server Apache Last-Modified Thu, 24 Sep 2020 04:26:49 GMT Accept-Ranges bytes Content-Length 17138 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	135 KB 48 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 48867 x-xss-protection 0 server cafe etag 2918852401321146490 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 18 Jun 2021 14:26:20 GMT
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/	93 KB 17 KB	41ms 23ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/css/bootstrap.min.css Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c567912a3cf283a6dea7d0f502c1f350f1161db58cce545cf38674686fadca6b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://mail.seven9three.com Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 632, 617, 617 access-control-allow-origin * cdn-cachedat 2021-06-08 21:34:20 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0ac11d0fbd0000314027809000000001 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 290da82e44d6b59a82ce19c18a39f741 cf-ray 6615312c6daa3140-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	56ms 41ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://mail.seven9three.com Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 723, 617, 617 access-control-allow-origin * cdn-cachedat 2021-06-08 21:27:15 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0ac11d0fbb00004e2c810b1000000001 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 6767331b2aca8d19f1001ebedceb5d7a cf-ray 6615312c5a1c4e2c-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	1-1.png www.theemailshop.co.uk/wp-content/uploads/2019/02/	19 KB 19 KB	150ms 36ms	Image image/png	185.119.111.6 AS5413
General Check archive.org Show headers Download Go to Show image Full URL https://www.theemailshop.co.uk/wp-content/uploads/2019/02/1-1.png Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.119.111.6 , United Kingdom, ASN5413 (AS5413, GB), Reverse DNS Software Apache / Resource Hash fde83510faf8f3502b664cd3ae0397aa0aacdf4bb33e393d30f5bb2c470052a1 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 18 Jun 2021 14:26:20 GMT Last-Modified Tue, 19 Feb 2019 15:58:44 GMT Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 19489 Expires Sat, 18 Jun 2022 14:26:20 GMT
GET H2	200	google-adsense-logo.png www.reliablesoft.net/wp-content/uploads/2013/05/	8 KB 9 KB	195ms 167ms	Image image/png	2606:4700:20::ac43:4720 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.reliablesoft.net/wp-content/uploads/2013/05/google-adsense-logo.png Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4720 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80ac7025121cb94cdbbcd2f3dc0661c13078526653675204540d903a3e28b11d Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT cf-cache-status EXPIRED last-modified Tue, 10 Sep 2019 19:07:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Vywd4hohbonO%2FY0AaAekPV%2BddIXRovTChdbnxRiEhmVlOXGktf9eWk3HHTSECZGJh7Lla%2Bx58BYVZkWcH7En%2FoCwPtXpYuoGIGTV1qMTy8s0VNkfGE5j4ZgrujDpK%2BVGg3TQnyOMKlTIrr4gEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6615312cdc0105f5-FRA content-length 8245 cf-request-id 0ac11d1010000005f5e636a000000001 expires Sat, 16 Oct 2021 14:26:20 GMT
GET H/1.1	200 OK	Artboard-1.png www.theemailshop.co.uk/wp-content/uploads/2020/01/	581 KB 582 KB	149ms 35ms	Image image/png	185.119.111.6 AS5413
General Check archive.org Show headers Download Go to Show image Full URL https://www.theemailshop.co.uk/wp-content/uploads/2020/01/Artboard-1.png Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.119.111.6 , United Kingdom, ASN5413 (AS5413, GB), Reverse DNS Software Apache / Resource Hash ade167feb0131dd3a04d25853ef80de3dc987252ca99b0545b04fb5d06b831b3 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 18 Jun 2021 14:26:20 GMT Last-Modified Mon, 27 Jan 2020 17:16:50 GMT Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 595395 Expires Sat, 18 Jun 2022 14:26:20 GMT
GET H/1.1	200 OK	ver-5-Artboard-1.png www.theemailshop.co.uk/wp-content/uploads/2020/02/	338 KB 338 KB	150ms 36ms	Image image/png	185.119.111.6 AS5413
General Check archive.org Show headers Download Go to Show image Full URL https://www.theemailshop.co.uk/wp-content/uploads/2020/02/ver-5-Artboard-1.png Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.119.111.6 , United Kingdom, ASN5413 (AS5413, GB), Reverse DNS Software Apache / Resource Hash 6745409d5fe6a26748a3c15c6a0fc0cc04c94a9525fbf5ddbe8f13a4d12b239a Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 18 Jun 2021 14:26:20 GMT Last-Modified Sat, 29 Feb 2020 11:31:27 GMT Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 345840 Expires Sat, 18 Jun 2022 14:26:20 GMT
GET H/1.1	200 OK	Server-Hosting.png www.theemailshop.co.uk/wp-content/uploads/2020/01/	368 KB 368 KB	150ms 36ms	Image image/png	185.119.111.6 AS5413
General Check archive.org Show headers Download Go to Show image Full URL https://www.theemailshop.co.uk/wp-content/uploads/2020/01/Server-Hosting.png Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.119.111.6 , United Kingdom, ASN5413 (AS5413, GB), Reverse DNS Software Apache / Resource Hash dc1012ff5f229652650767db463cb78068fd1a4368391b0553667b30ec115bba Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 18 Jun 2021 14:26:20 GMT Last-Modified Mon, 27 Jan 2020 17:19:55 GMT Server Apache Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 376863 Expires Sat, 18 Jun 2022 14:26:20 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.4/	82 KB 29 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:12:43 GMT content-encoding gzip x-content-type-options nosniff age 817 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29725 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 18 Jun 2022 14:12:43 GMT
GET H3-29	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/js/	44 KB 11 KB	76ms 66ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.2/js/bootstrap.min.js Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 18cb1c9a336ce8c6d9bd71b61d18cfdcca5d386997bf4efc491807eccef6dcc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://mail.seven9three.com Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 632, 617, 617 access-control-allow-origin * cdn-cachedat 2021-06-08 18:45:04 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0ac11d0ff20000dfef9c10d000000001 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid d32cbdd6cff18ff44134fa575efb0d59 cf-ray 6615312cba2adfef-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H3-29	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/	233 KB 86 KB	43ms 39ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 88106 x-xss-protection 0 server cafe etag 14514754445097133811 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 18 Jun 2021 14:26:20 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame 3D14	10 KB 5 KB	6ms 6ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210616/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://mail.seven9three.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mail.seven9three.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Thu, 17 Jun 2021 19:02:37 GMT expires Thu, 01 Jul 2021 19:02:37 GMT content-type text/html; charset=UTF-8 etag 15579341980913220427 x-content-type-options nosniff content-encoding gzip server cafe content-length 4579 x-xss-protection 0 age 69823 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	fontawesome-webfont.woff2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/	75 KB 76 KB	40ms 40ms	Font font/woff2	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: stackpath.bootstrapcdn.com URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://mail.seven9three.com Referer https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 601, 617, 617, 617 access-control-allow-origin * cdn-cachedat 2021-06-08 21:27:38 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 77160 cf-request-id 0ac11d0ff30000dfefe3a35000000001 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 2b0d2bc6ccf93ed7454da06fd114e636 accept-ranges bytes cf-ray 6615312cba30dfef-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	205 B 662 B	39ms 17ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=mail.seven9three.com&callback=_gfp_s_&client=ca-pub-4818168227460749 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f2.1e100.net Software cafe / Resource Hash 7132227e103364fa0446b4f3eab2bd74b9bdcfe4d3e041644b437da8d24473f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 196 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	16ms 15ms	Script application/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=mail.seven9three.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	15ms 14ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=mail.seven9three.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 050C	603 B 67 B	27ms 26ms	Document text/html	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4818168227460749&output=html&adk=1812271804&adf=3025194257&lmt=1600921609&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmail.seven9three.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624026380249&bpp=25&bdt=51&idt=191&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3427942613445&frm=20&pv=2&ga_vid=443981778.1624026380&ga_sid=1624026380&ga_hid=980407424&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3065573667204820&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4818168227460749&output=html&adk=1812271804&adf=3025194257&lmt=1600921609&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmail.seven9three.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1624026380249&bpp=25&bdt=51&idt=191&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3427942613445&frm=20&pv=2&ga_vid=443981778.1624026380&ga_sid=1624026380&ga_hid=980407424&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=3065573667204820&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://mail.seven9three.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mail.seven9three.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Fri, 18 Jun 2021 14:26:20 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Fri, 18-Jun-2021 14:41:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 28 KB	34ms 13ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1623842926269324" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28241 x-xss-protection 0 expires Fri, 18 Jun 2021 14:26:20 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	39ms 38ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-4818168227460749&c=15&e=2570847921467975139&n=0&t=0&w=273&x=0 Requested by Host: mail.seven9three.com URL: https://mail.seven9three.com/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 18 Jun 2021 14:26:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	sodar Show response pagead2.googlesyndication.com/getconfig/	10 KB 8 KB	54ms 38ms	XHR application/json	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ee47b084de5eec559f2f7b5daf7e4fab3d66f546bad9e0555e5326b9e4e4a4d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7859 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	13ms 13ms	Script text/javascript	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4818168227460749&plah=mail.seven9three.com&amaexp=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 14:26:20 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1622653785071769" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6437 x-xss-protection 0 expires Fri, 18 Jun 2021 14:26:20 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/223/ Frame 1ABA	12 KB 5 KB	16ms 15ms	Document text/html	2a00:1450:4001:827::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/223/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://mail.seven9three.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mail.seven9three.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5022 date Fri, 18 Jun 2021 14:26:04 GMT expires Sat, 18 Jun 2022 14:26:04 GMT last-modified Wed, 17 Mar 2021 18:24:30 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 16 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 3E79	783 B 759 B	25ms 24ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2687c61fd450aab45ca3fb732269fa566ca22bb8a3644470741e36585273803b Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-AnsfdrwXmAHqHX+4iN1DnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://mail.seven9three.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mail.seven9three.com/ Response headers expires Fri, 18 Jun 2021 14:26:20 GMT date Fri, 18 Jun 2021 14:26:20 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-AnsfdrwXmAHqHX+4iN1DnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 511 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response pagead2.googlesyndication.com/bg/ Frame 1ABA	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 18 Jun 2021 10:56:27 GMT content-encoding br x-content-type-options nosniff age 12593 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5759 x-xss-protection 0 last-modified Mon, 14 Jun 2021 13:18:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 18 Jun 2022 10:56:27 GMT
GET H3-29	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=3065573667204820&bg=!DwylDEjNAAZktE7iZLQ7ACkAdvg8WoyAaCCpFkb2QuDZ872Vdgx4Ncgc_Ybz8sfzYpePUlIHbBNxlAIAAABXUgAAAA1oAQcKAH9SmxoxOYGPVsVcqQCro5tF9hIe4JPOF2j6OMLefWWU-FmGCSxpky_-Ceof0ZCbwiqCRq_5iyT8RPk_ORwOeenfBTmlx4BAniLmE8bjNqeuPzfX0Y72xKVkwmp-3Q9mCz4fJR5hF-ulzqTIXc7aJeNk_q3gvuPMdJHZakDjqDjjmQJ0Z6WgnfkYpIItUwtad8q8TVb8l1N0ngdY1zNj68naem1W56qrO8GW0sRiYgKXDXdeoOTIxBjEJ2m2zf_kRiFXJT22kE8ZJVDRRul5dCvkUhNofZTeaUwUl8VEUQixM0XaZKoqZC_IBUX6Gp7weV9RCQHEAI8dvOgJzHeAsnFA5A_qr3PlSdNnX5APici8DePgdNzxzTQvhzG1naaGIQG521QyQXOZcUIZLUNEcugZJ3gPN1zCTnnEjahgHxtGpC_D85UdenwXj2i-RLt6ozdEndkm-HZJ5V07kAR_-w8kF6BtmzGxx31R1Fu3yjRjdd_FixQn1TJhoC3heuh2p79lnO_BkmH04egb8yzqOGTYi1veH8ZDNlorxrtASZqm-Hz5Y12orCDa6E4E9UJsBKiQehnC54kKnF38GIYXb0EvNrvPSaWCxa0FBS5BrEpvd25ucYVwe9jqHa7bClHqTyNQ0ZYgVKSTLhGUHDb2UEYYCfAKNDWlkTIo4CoX3j_2_WYMu15aOny8BsupSAdP_7NAURLTP3mITDRjfBHf7oqg-gv8AvhFnUHrNwqpmPgJu2_3x9Bj56d0PmRZXLzbYLKKhHQXZKJ9S4ocL8WDmhO3dT0PQuvSRAoaztp0SfQy4i4rzrtwxupwyQgC2QBiIN2emgCpJ-axzLwhjNjJ8r563yg4IlEe96Kix35answhtNptQosGMjnRtNnLJ8NHVQm_JRKUOHaTukcqxPPAk2WrbfPZcYfmv5-jLsOJ-tAr3vuX4TTC0VyCEUgnQc0I4pRXBAC377NXdING7OEKqtttVZKlFIwksnSNhpXmCq2iSi0ke2rQ3Q Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mail.seven9three.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 18 Jun 2021 14:26:20 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint function| myFunction function| google_spfd number| google_unique_id object| google_sv_map function| $ function| jQuery function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 19:07:07	Name: test_cookie Value: CheckForPermission
			.seven9three.com/	1970-01-20 04:28:42	Name: __gads Value: ID=e175c5eb9db23810-227ca22bffc80061:T=1624026380:RT=1624026380:S=ALNI_MbB2Ou5h4JuhQWMVDA3TSSr77jFGg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
googleads.g.doubleclick.net
mail.seven9three.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.reliablesoft.net
www.theemailshop.co.uk
185.119.110.12
185.119.111.6
216.58.212.162
2606:4700:20::ac43:4720
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
18cb1c9a336ce8c6d9bd71b61d18cfdcca5d386997bf4efc491807eccef6dcc7
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24001daf39ee658f315caa09fe617b4449ee3971860601dbb7613c06137c0423
2687c61fd450aab45ca3fb732269fa566ca22bb8a3644470741e36585273803b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3796cf12ca9b6f5f93255046f5bf7d70a82c6b389698ed6c007903940c17c5ad
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
6745409d5fe6a26748a3c15c6a0fc0cc04c94a9525fbf5ddbe8f13a4d12b239a
7132227e103364fa0446b4f3eab2bd74b9bdcfe4d3e041644b437da8d24473f6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80ac7025121cb94cdbbcd2f3dc0661c13078526653675204540d903a3e28b11d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ade167feb0131dd3a04d25853ef80de3dc987252ca99b0545b04fb5d06b831b3
c567912a3cf283a6dea7d0f502c1f350f1161db58cce545cf38674686fadca6b
dc1012ff5f229652650767db463cb78068fd1a4368391b0553667b30ec115bba
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ee47b084de5eec559f2f7b5daf7e4fab3d66f546bad9e0555e5326b9e4e4a4d1
fde83510faf8f3502b664cd3ae0397aa0aacdf4bb33e393d30f5bb2c470052a1