phishcheck.me Open in urlscan Pro
142.93.23.27  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

• https://googleads.g.doubleclick.net/pagead/adview?ai=CzQzWXP1kZdPGNo-17OsPoOGQ-AiPyc_6cp__vJL3EAoQASCd8OogYKmwvoDMAaAB7LPywAHIAQmoAwHIA8uEgIAEqgTJAU_Qyfeh9db__gyjNYkWuGqb_7kDrWMneMD_GH0IXMd_G8ZB5u_Bw25aASKKa6isvJb5bvjT4-uqWFYgY3Jp2zQfU1zsJk53a6fnyYk0qOHB_OEQbR8dlZA1P5W-eG-nAfmwkPfj-q5Aw7-U6kDSFSmB9OBXPuvFvbeQ3dn9wt5iPHX5MeFZqTIZetSr9par3dIMEnXU63sGr_TIOPCca-i8p1kvPY5tLAJlf5DI34X1nBqs3_MTPffIIaFdbEDW5kkF-Ux3UFSMocAE09_ctpwEiAWUudWySJIFBAgEGAGSBQQIBRgEoAYugAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPy4CtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAaIMECoOCgzktLEC7rWxArW4sQK4E-QD2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTU2MjUzNzk4Mjk3OTA2MDYYAA&sigh=vutcVHhgHWo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNCeKtEo2uPPWzBTGB60f2lkszQtG0G9hkouFvY1zuy1B49Dr0D4lhrSCZFeq8m7teT1hRAapdsd_YqUrN47ziChfix8NoX1P0z0wYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22311688634612201589%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22639380821217484609%22}&andc=true

Request Chain 92

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

• https://googleads.g.doubleclick.net/pagead/adview?ai=CpCq3XP1kZY3aN_uY7OsPpZOvyAjQk9z5c-vAlfaEErLUqtrrDhABIJ3w6iBgqbC-gMwBoAHY5_6qKsgBAagDAcgDywSqBNUBT9AELddR-xrkWpbPKt0qmfu1-vGKBWGQDJiU8kkrH6Ojm1StzXxW5qp9RVTs6eo-eYjiiOmK1rv0_ZevbSUD7PZ4eoLWspNKIXWZLD52GuQguzGhqujipv-r-kOCaK2tWwN-0sfxksQ3067kHAyi87QTWIUtRPc22wSGRshJF-1lVZqpOLo1jaVZcWJ7aPu1vri5nZ9bqOjZjoVPLTTHIrmGj4a0r7x1aH6cRmB-c9AoldNJQIjjaGARpaztLI72wggJsr-mhomw_CHN5emaVuVvZcWfwASXvMnIwASIBZvI0PFMkgUECAQYAZIFBAgFGASAB9ifz4oFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ7YUD0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJQmh0dHBzOi8vc2lkZXIuYWkvbHAvdHJhbnNsYXRlMT9zb3VyY2U9Z2cmcDE9ZHRyYW5zbGF0ZS0zJnAyPXNlYXJjaIAKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEw3QFQGAFwGyFxwKGggAEhRwdWItNTYyNTM3OTgyOTc5MDYwNhgA&sigh=g9aIZzQvjF4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNi1nu747pkHNfnIhUGlG4O1hSoWWtgP5PkJSUj1e7RNl5zoscdbfsVWiLe2ntRPTp20N3B8VgRU1VUyTADzLuIvTRt3tTU-S-QgkYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223993701910426356553%22,%22debug_reporting%22:true,%22destination%22:%22https://sider.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211364447192%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225223645958264884881%22}&andc=true

Request Chain 108

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a83af31c-eaf1-48c6-9fa4-43235b636007&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=977839b3-2d95-4f63-8f1d-4844b1adc177&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D168d81b05b2a4b3da35551e6735198e9%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_fs_gbxra_yvfg&aid=8758302396775287807 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=168d81b05b2a4b3da35551e6735198e9&SNR=1&GV=2&med=10

Request Chain 115

• https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b05f5650-796e-45a8-9d07-c9e262bc4b1a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=b316da81-21e3-442f-a03e-a93721d9b2ff&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Dc8227cdf5c7e414a85e2a7556afdbe2f%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_gvrq-pbageby&aid=790489629037743462 HTTP 303
• https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c8227cdf5c7e414a85e2a7556afdbe2f&SNR=1&GV=2&med=10

Request Chain 132

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cver=1&google_push=AXcoOmS5OFXh904N3n7Bt1WwvT9roHxleX88fLpEO8c2QhzW6bisjokmcaEPnVZJymWnUXNcv1gvm5wOKRp01gjjlq12oIpkZNqtUQJhgqyVd9Rmtzd1M7QdYGV-7S4IiichyMlCWE7tssJSguZ6NzSmf0no HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cver=1&google_push=AXcoOmS5OFXh904N3n7Bt1WwvT9roHxleX88fLpEO8c2QhzW6bisjokmcaEPnVZJymWnUXNcv1gvm5wOKRp01gjjlq12oIpkZNqtUQJhgqyVd9Rmtzd1M7QdYGV-7S4IiichyMlCWE7tssJSguZ6NzSmf0no HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cver=1&google_push=AXcoOmS5OFXh904N3n7Bt1WwvT9roHxleX88fLpEO8c2QhzW6bisjokmcaEPnVZJymWnUXNcv1gvm5wOKRp01gjjlq12oIpkZNqtUQJhgqyVd9Rmtzd1M7QdYGV-7S4IiichyMlCWE7tssJSguZ6NzSmf0no

Request Chain 134

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_JsjMWJ7g8pl3BPAKN6S8&google_cver=1&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii8_SXd1_yLniZ2T6RkD0-tbUFHpYmK2K6z7Nk8wvo3EFe6ew_GhEkly6gpqef4ca1IQ HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_JsjMWJ7g8pl3BPAKN6S8&google_cver=1&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii8_SXd1_yLniZ2T6RkD0-tbUFHpYmK2K6z7Nk8wvo3EFe6ew_GhEkly6gpqef4ca1IQ HTTP 302
• https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle

Request Chain 135

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIz1rOyEohyhBA4UBkTI52c&google_cver=1&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGSjyU5Fj-qDJxWwIehBCMMR-qNkiVFp855LXMdmE8GkCWOPlSZLgnsC5ffFhm8vSSF9IbMkRxVVAUlrhbA HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIz1rOyEohyhBA4UBkTI52c&google_cver=1&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGSjyU5Fj-qDJxWwIehBCMMR-qNkiVFp855LXMdmE8GkCWOPlSZLgnsC5ffFhm8vSSF9IbMkRxVVAUlrhbA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MTM3NjYzNjM5MjcwNTQzNQ&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGSjyU5Fj-qDJxWwIehBCMMR-qNkiVFp855LXMdmE8GkCWOPlSZLgnsC5ffFhm8vSSF9IbMkRxVVAUlrhbA

Request Chain 136

• https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGH1za-NEedWdDCUNdlDFwY&google_cver=1&google_push=AXcoOmS4-seRF3qaoiGRPe4dmoKxprZrmbAPMfNM9bVqcTxOUm2YAlBYCkM2BwtT9U5t3Eelf5MKIy08bsSE65HIwOkaGGODaqmsS4KcX1Vf8qINkfoFfVUXzTsNLH8i08v-lsfQDuqG8A8_tTVWj2ZcVVzsYg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS4-seRF3qaoiGRPe4dmoKxprZrmbAPMfNM9bVqcTxOUm2YAlBYCkM2BwtT9U5t3Eelf5MKIy08bsSE65HIwOkaGGODaqmsS4KcX1Vf8qINkfoFfVUXzTsNLH8i08v-lsfQDuqG8A8_tTVWj2ZcVVzsYg

Request Chain 138

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGdgzDqcV9WJANiyatIO2Y0&google_cver=1&google_push=AXcoOmRLm2OuKCuRtlalEJCLUtcY-rQwQ70GDPoOSzeanm6MG9uRM7vXJmhQdWUN7GCiBC1awCe-pkAA0Rl6NFJX6gVV7KMt1_xdrmqtCIlbo-hGQWLxuoR_bxzxSonP6VRc_WIWxs8Aq705QJxmipu_U8Baig HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk4NTYwMzYyOTE5Mjg0NjM2NA==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGdgzDqcV9WJANiyatIO2Y0&google_cver=1

Request Chain 139

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cver=1&google_push=AXcoOmTLDvvjiA0Gaep-yCCeCAvAtG5h728RgUqccn1stQaRDB4HOFIL08lPwZZdG7034jJQ7BgorwmZhN7tg4bMr7i7yp3wAZi9wMElYjcDnAOU5zOtNb1KJMbyob0_utk5PUI3v6h9uA3PbehFHS5Yq-qY6A HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cver=1&google_push=AXcoOmTLDvvjiA0Gaep-yCCeCAvAtG5h728RgUqccn1stQaRDB4HOFIL08lPwZZdG7034jJQ7BgorwmZhN7tg4bMr7i7yp3wAZi9wMElYjcDnAOU5zOtNb1KJMbyob0_utk5PUI3v6h9uA3PbehFHS5Yq-qY6A HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cver=1&google_push=AXcoOmTLDvvjiA0Gaep-yCCeCAvAtG5h728RgUqccn1stQaRDB4HOFIL08lPwZZdG7034jJQ7BgorwmZhN7tg4bMr7i7yp3wAZi9wMElYjcDnAOU5zOtNb1KJMbyob0_utk5PUI3v6h9uA3PbehFHS5Yq-qY6A

Request Chain 140

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEHNpkgliO3faYMEeHcnyBbo&google_cver=1&google_push=AXcoOmRqIxxuzWpMJVmeAVUanFo6iCKRa87pTVn45-TINJ7ZuqcCFAVs3t92xSpoT8m5ow6qkPGEqhbbBBOm-JbQNCLO3W5QkBXO_se1n1XaxKvhVVrIr-niF9WaDCtEUL7wYeVrKZU4OIMJKdCKhUppA_43jQ HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WNjHWIQiSHkbUu_AyEueyQ&google_push=AXcoOmRqIxxuzWpMJVmeAVUanFo6iCKRa87pTVn45-TINJ7ZuqcCFAVs3t92xSpoT8m5ow6qkPGEqhbbBBOm-JbQNCLO3W5QkBXO_se1n1XaxKvhVVrIr-niF9WaDCtEUL7wYeVrKZU4OIMJKdCKhUppA_43jQ

Request Chain 141

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEImYyDhagEWEP7KcdmD86b8&google_cver=1&google_push=AXcoOmSHJEYr6pKdBmL0UlADF3rRWMr9bhChw4bXzJxLRcNRDzKu68N_SsIC_cCBqms3Z_YJhzZQQhi5doOXQACriNsMm9fjWtLBePByTJ1MGdHfs2d-YerjUUxHntHTl5Xi7J12-E5_ZZ7H9oUQeojK32Zv9g HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEImYyDhagEWEP7KcdmD86b8&google_cver=1&google_push=AXcoOmSHJEYr6pKdBmL0UlADF3rRWMr9bhChw4bXzJxLRcNRDzKu68N_SsIC_cCBqms3Z_YJhzZQQhi5doOXQACriNsMm9fjWtLBePByTJ1MGdHfs2d-YerjUUxHntHTl5Xi7J12-E5_ZZ7H9oUQeojK32Zv9g HTTP 302
• https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=21d86de8-394b-4cba-a777-8e8079b29254 HTTP 302
• https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=21d86de8-394b-4cba-a777-8e8079b29254 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ce78cd80-7051-406b-9a07-307f9b1da002&user_group=1&ssp=google&bsw_param=21d86de8-394b-4cba-a777-8e8079b29254 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii8_SXd1_yLniZ2T6RkD0-tbUFHpYmK2K6z7Nk8wvo3EFe6ew_GhEkly6gpqef4ca1IQ&google_hm=Idht6DlLTLqnd46AebKSVA==

Request Chain 142

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPiokkzRIyO6213lNqsUAn8&google_cver=1&google_push=AXcoOmQx6HmFIdop3aL-US6eCnWzzXFUU_sCu2FLtquPY1HlfSmHogTWRLpT4WF665b1LCmamg3gScZGh1QKLTK31MtTzQX9hrJfY2h0PTT6-TiaJ2IVKE3yOXT8XJPiuc9Ah0P876NmbWTe91dHHU9nf8iOnQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQx6HmFIdop3aL-US6eCnWzzXFUU_sCu2FLtquPY1HlfSmHogTWRLpT4WF665b1LCmamg3gScZGh1QKLTK31MtTzQX9hrJfY2h0PTT6-TiaJ2IVKE3yOXT8XJPiuc9Ah0P876NmbWTe91dHHU9nf8iOnQ&google_hm=eS1ZMVF1RWN0RTJwR3lEbXhVNWtGYVFtdENDa2dQVlllWn5B

Request Chain 144

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJA4iD-BhmK8ERYZO4NfE3o&google_cver=1&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0yB7L0ZsB1iADo-JIkr2iL4oUQP_hP69VsE2ICAN8n6IaM6P0n5_p0-FWePu38SzMfwcrgIf7umYXdqZA HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJA4iD-BhmK8ERYZO4NfE3o&google_cver=1&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0yB7L0ZsB1iADo-JIkr2iL4oUQP_hP69VsE2ICAN8n6IaM6P0n5_p0-FWePu38SzMfwcrgIf7umYXdqZA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3NzI0Njc4ODQxODYwMzc1OA&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0yB7L0ZsB1iADo-JIkr2iL4oUQP_hP69VsE2ICAN8n6IaM6P0n5_p0-FWePu38SzMfwcrgIf7umYXdqZA

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response phishcheck.me/	18 KB 5 KB	849ms 420ms	Document text/html	142.93.23.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phishcheck.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 142.93.23.27 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e238fe4a4edd0cdd4a9e2bcce7a0bd85d54be8f16acc5b3c3aadec0894f467fc Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Mon, 27 Nov 2023 20:34:35 GMT Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Vary Cookie X-Frame-Options SAMEORIGIN
GET H2	200	css fonts.googleapis.com/	2 KB 959 B	117ms 39ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Nunito Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash 39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:35 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 20:21:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:35 GMT
GET H2	200	bootstrap.min.css netdna.bootstrapcdn.com/bootstrap/3.3.1/css/	111 KB 19 KB	81ms 36ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d699f303990ce9bd7d7c97e9bd3cad6a46ecf2532f475cf22ae58213237821b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 756 age 2385241 cdn-cachedat 12/27/2021 16:05:23 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:58 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 2fc14f032e96d80c2a970b6638be897f timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 82cd271d68005ba7-VIE cdn-requestpullsuccess True
GET H/1.1	200 OK	main.css phishcheck.me/css/	5 KB 5 KB	183ms 177ms	Stylesheet text/css	142.93.23.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phishcheck.me/css/main.css Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 142.93.23.27 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash 26f64f8bbe24fd08534113bcb1e61988c2e941edf55834661e776ac266cecb68 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 20:34:35 GMT Last-Modified Monday, 27-Nov-2023 20:34:35 GMT Server nginx/1.14.0 (Ubuntu) Content-Type text/css Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 4914
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.0/	94 KB 33 KB	104ms 31ms	Script text/javascript	142.250.185.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.234 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f10.1e100.net Software sffe / Resource Hash b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 00:18:52 GMT content-encoding gzip x-content-type-options nosniff age 418543 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33576 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 00:18:52 GMT
GET H2	200	bootbox.min.js Show response cdnjs.cloudflare.com/ajax/libs/bootbox.js/4.4.0/	10 KB 4 KB	66ms 30ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/bootbox.js/4.4.0/bootbox.min.js Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e05edee09b002722d47693fb43c49a87ceba8c23a1bfbdb353913c948444478c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:35 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1689523 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3213 last-modified Mon, 04 May 2020 16:06:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d8d-27d9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKGQLvWAAGS9buK4wT5LEcl%2FDd95YO5KMuJjGfKJhX%2FE%2Fi35n4ZAMnZYYoXc9EE3Z1Dwq%2FsnSMolYzbUGPMRH6bLLT3B1v%2FoH%2BxriCjzCDTWtaz2GS38RzjmnXtpgLcg8sUnYytf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 82cd271d6cb75b7b-VIE expires Sat, 16 Nov 2024 20:34:35 GMT
GET H/1.1	200 OK	phishcheck.js Show response phishcheck.me/js/	7 KB 8 KB	361ms 178ms	Script application/javascript	142.93.23.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://phishcheck.me/js/phishcheck.js Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 142.93.23.27 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash c88f2bfe24b1ea2b1edf5c3b678de67ae68b5b457e8001eba865be15b6e126d5 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 20:34:35 GMT Last-Modified Fri, 02 Jul 2021 04:37:43 GMT Server nginx/1.14.0 (Ubuntu) ETag "60de9817-1dff" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 7679
GET H/1.1	200 OK	navbarlogo3-reversed.png phishcheck.me/images/	5 KB 5 KB	522ms 174ms	Image image/png	142.93.23.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://phishcheck.me/images/navbarlogo3-reversed.png Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 142.93.23.27 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash c8c38714236c1b847b96fbebaba10af1574a7f4d567f8cfbdb3dfe2997ab18fb Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 20:34:36 GMT Last-Modified Thu, 02 May 2019 17:44:56 GMT Server nginx/1.14.0 (Ubuntu) ETag "5ccb2c98-13f4" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 5108
GET H/1.1	200 OK	phishchecklogo3-vert.png phishcheck.me/images/	20 KB 20 KB	684ms 336ms	Image image/png	142.93.23.27 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://phishcheck.me/images/phishchecklogo3-vert.png Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 142.93.23.27 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash db3df22768fe7273aa43d8f6cf193b406b1cb15f5d4a26ad36f73e5fdf86a331 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Mon, 27 Nov 2023 20:34:36 GMT Last-Modified Thu, 02 May 2019 17:44:56 GMT Server nginx/1.14.0 (Ubuntu) ETag "5ccb2c98-4fa7" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 20391
GET H2	200	btn_donateCC_LG.gif www.paypalobjects.com/en_US/i/btn/	3 KB 3 KB	188ms 43ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lpl/EF5A) / Resource Hash 33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:36 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-cache HIT paypal-debug-id f42b14747710f dc ccg11-origin-www-1.paypal.com content-length 3099 last-modified Thu, 27 May 2021 14:20:07 GMT server ECAcc (lpl/EF5A) traceparent 00-0000000000000000000f42b14747710f-8b4868ec1f4b8f85-01 etag "60afaa97-c1b" content-type image/gif cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com expires Mon, 27 Nov 2023 21:34:36 GMT
GET H2	200	pixel.gif www.paypalobjects.com/en_US/i/scr/	43 B 143 B	186ms 44ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/en_US/i/scr/pixel.gif Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (lpl/EF32) / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:36 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff last-modified Fri, 16 Aug 2019 04:57:34 GMT server ECAcc (lpl/EF32) etag "5d5637be-2b" x-cache HIT content-type image/gif paypal-debug-id d1c4cfe1ff620 cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes dc ccg11-origin-www-1.paypal.com timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com content-length 43 expires Mon, 27 Nov 2023 21:34:36 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	152 KB 52 KB	198ms 113ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 6d0447e2ef1ea8f1e1c5a204c5c6fa10373ffd24c6a07176826dc5a19709845e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53015 x-xss-protection 0 server cafe etag 381960279830625069 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Mon, 27 Nov 2023 20:34:36 GMT
GET H2	200	bootstrap.min.js Show response netdna.bootstrapcdn.com/bootstrap/3.1.1/js/	28 KB 8 KB	36ms 32ms	Script application/javascript	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 1079 age 2387112 cdn-cachedat 08/09/2023 18:11:20 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:57 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"ba847811448ef90d98d272aeccef2a95" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 0923d7bbbfcb57f0c69c167f9a6fc8f0 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 82cd271f7cba5ba7-VIE cdn-requestpullsuccess True
GET H2	200	XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 fonts.gstatic.com/s/nunito/v26/	16 KB 16 KB	103ms 31ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Nunito Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://phishcheck.me accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 23 Nov 2023 18:19:17 GMT x-content-type-options nosniff age 353719 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16292 x-xss-protection 0 last-modified Thu, 14 Sep 2023 00:41:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Nov 2024 18:19:17 GMT
GET H3	200	glyphicons-halflings-regular.woff netdna.bootstrapcdn.com/bootstrap/3.3.1/fonts/	23 KB 23 KB	43ms 25ms	Font font/woff	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netdna.bootstrapcdn.com/bootstrap/3.3.1/fonts/glyphicons-halflings-regular.woff Requested by Host: netdna.bootstrapcdn.com URL: https://netdna.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://netdna.bootstrapcdn.com/bootstrap/3.3.1/css/bootstrap.min.css Origin https://phishcheck.me accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:36 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723 age 78176 cdn-cachedat 08/20/2022 03:02:09 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 23320 last-modified Mon, 25 Jan 2021 22:03:58 GMT cdn-proxyver 1.02 cdn-requestpullcode 200 server cloudflare etag "68ed1dac06bf0409c18ae7bc62889170" vary Accept-Encoding content-type font/woff access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid b5df6e6cbf7195262751be7c70fea88c accept-ranges bytes timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 82cd271faa763258-VIE cdn-requestpullsuccess True
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/	400 KB 136 KB	96ms 95ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 28ee4ab308085ca1ac602291180e04814d207078d8a888b84455e04d0a143156 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:36 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138604 x-xss-protection 0 server cafe etag 2312192442688979394 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 27 Nov 2023 20:34:36 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame B138	9 KB 4 KB	102ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 46451 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 07:40:25 GMT etag 16674218716276178799 expires Mon, 11 Dec 2023 07:40:25 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9603	673 KB 117 KB	882ms 881ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&adk=1812271804&adf=3025194257&lmt=1701117276&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~6&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276338&bpp=21&bdt=649&idt=349&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1375988515148&frm=20&pv=2&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=380 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash da8ac41003ba4650eaf59ab95558b6e0861ad0b1d8753f4d2d0696369931b90b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 119605 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:37 GMT expires Mon, 27 Nov 2023 20:34:37 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	64ms 63ms	Image image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:36 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0D30	118 KB 39 KB	1175ms 1174ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 5983062f427a13507de4bae920283cc9785ebfbd963077f7fd6aee08154c9b78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 40152 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:37 GMT expires Mon, 27 Nov 2023 20:34:37 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/	160 KB 55 KB	126ms 126ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js?bust=31079653 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 817025fda9208aac0cf40e50cb687778f174cdc73efced07d91e9179fc99bfb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55796 x-xss-protection 0 server cafe etag 3398246796627497323 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 27 Nov 2023 20:34:37 GMT
GET H2	200	ca-pub-5625379829790606 Show response fundingchoicesmessages.google.com/i/	161 KB 53 KB	155ms 56ms	Script application/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-5625379829790606?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash 770895f0178d5cf727f00ae7cd9c8dd7c41764faba3bdb0010d482f598d6f0b5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oQmovAVqhXxCGZrZh7eVCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:37 GMT content-security-policy script-src 'report-sample' 'nonce-oQmovAVqhXxCGZrZh7eVCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css fonts.googleapis.com/ Frame 0D30	4 KB 751 B	40ms 39ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:37 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 19:52:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:37 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0D30	2 KB 903 B	118ms 34ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0D30	23 KB 9 KB	113ms 35ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0D30	3 KB 1 KB	123ms 44ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0D30	20 KB 9 KB	116ms 32ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 0D30	202 KB 64 KB	164ms 81ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 0D30	37 KB 16 KB	100ms 31ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 10:09:15 GMT content-encoding gzip x-content-type-options nosniff age 555923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 19 Feb 2024 10:09:15 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame A700	722 B 382 B	719ms 718ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=3399761335&adf=1116380410&pi=t.aa~a.768063588~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280&nras=3&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1457&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=49 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 51cca69102cf7795e41b97a6e0108b94bdf264f4bacba9b13c5593ea7ea130f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 357 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 97B5	60 KB 21 KB	718ms 717ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 0b5e6a4421703748adb3f5b623028cfd16e0accb03d8fa3a7d2b5e5303a02ece Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 21215 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3733	60 KB 21 KB	858ms 857ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 87949a6cdec5a5538ce4d12fb92323b1cad8c59c1f22726820cbf41ec089f084 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 21266 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame EE28	9 KB 4 KB	31ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 46448 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 07:40:29 GMT etag 16674218716276178799 expires Mon, 11 Dec 2023 07:40:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 39A6	9 KB 4 KB	31ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 46448 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 07:40:29 GMT etag 16674218716276178799 expires Mon, 11 Dec 2023 07:40:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame BC10	9 KB 4 KB	30ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 46449 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 07:40:29 GMT etag 16674218716276178799 expires Mon, 11 Dec 2023 07:40:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 5023	9 KB 4 KB	31ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 46449 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4118 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 07:40:29 GMT etag 16674218716276178799 expires Mon, 11 Dec 2023 07:40:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/15362233715595559394/ Frame 0D30	55 KB 55 KB	56ms 50ms	Image image/jpeg	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15362233715595559394/14763004658117789537?w=600&h=314&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 7251f4ab91f560e0323a2bd08ed126ae06dc8bb815ec44ee66779ad48fd0ceee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 17:54:14 GMT x-content-type-options nosniff age 268824 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56216 x-xss-protection 0 last-modified Fri, 30 Dec 2022 16:56:03 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sat, 23 Nov 2024 17:54:14 GMT
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/841723605272191041/ Frame 0D30	4 KB 4 KB	73ms 67ms	Image image/png	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/841723605272191041/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash fbfd058691453a9d65e85f433927efc6f846b896695d63fda286a0f36e0cbe2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 07:37:42 GMT x-content-type-options nosniff age 565016 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3654 x-xss-protection 0 last-modified Fri, 09 Dec 2022 14:18:16 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 20 Nov 2024 07:37:42 GMT
GET H2	200	AGSKWxXUnP7HAVyjcnh-ZXJ8M9yukQBShn9rvgQrr1G6P7WDjHxlBBgraFF0uMHPeqTAGEawTpc5Bm1-63kBlbTZxdaSPQVXnUnojsebLE3SQ64PmTHTksHFv9SOh9GqX6EIh8A3tAOfnA== Show response fundingchoicesmessages.google.com/f/	4 KB 3 KB	60ms 59ms	Script application/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXUnP7HAVyjcnh-ZXJ8M9yukQBShn9rvgQrr1G6P7WDjHxlBBgraFF0uMHPeqTAGEawTpc5Bm1-63kBlbTZxdaSPQVXnUnojsebLE3SQ64PmTHTksHFv9SOh9GqX6EIh8A3tAOfnA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTE3Mjc4LDYwMDAwMDBdLG51bGwsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcGhpc2hjaGVjay5tZS8iLG51bGwsW1s4LCJOdHM1THZZSW9iayJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash ac8143a277f2bece10195b89d869cde053fa6f0eab4008f56c0c5117034adf38 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-r4JeuL-zNvKJAFTl4rVFLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-r4JeuL-zNvKJAFTl4rVFLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame EE28	4 KB 671 B	46ms 45ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 20:22:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame EE28	205 B 520 B	33ms 31ms	Image image/png	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 07:42:07 GMT x-content-type-options nosniff age 564751 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 20 Nov 2024 07:42:07 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame EE28	604 B 694 B	33ms 31ms	Image image/png	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 18:12:33 GMT x-content-type-options nosniff age 8525 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 26 Nov 2024 18:12:33 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EE28	15 KB 7 KB	35ms 33ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 07:40:29 GMT content-encoding br x-content-type-options nosniff age 46449 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6702 x-xss-protection 0 server cafe etag 11213825687312121238 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 07:40:29 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame EE28	21 KB 9 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8781 x-xss-protection 0 server cafe etag 9666818975682992898 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response www.gstatic.com/mysidia/ Frame 39A6	9 KB 4 KB	32ms 31ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:04:29 GMT content-encoding gzip x-content-type-options nosniff age 282609 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4046 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 22 Feb 2024 14:04:29 GMT
GET H2	200	78b00c21e40332afd18050ebd59c6b08.js Show response www.gstatic.com/mysidia/ Frame 39A6	11 KB 5 KB	32ms 32ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:13:18 GMT content-encoding gzip x-content-type-options nosniff age 332480 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4753 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 22 Feb 2024 00:13:18 GMT
GET H3	200	css fonts.googleapis.com/ Frame 39A6	14 KB 1 KB	47ms 46ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 20:25:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 39A6	2 KB 856 B	34ms 32ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 39A6	23 KB 9 KB	34ms 33ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 39A6	3 KB 1 KB	34ms 33ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 39A6	20 KB 8 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 39A6	202 KB 64 KB	96ms 96ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 39A6	37 KB 15 KB	31ms 31ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 10:09:15 GMT content-encoding gzip x-content-type-options nosniff age 555923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 19 Feb 2024 10:09:15 GMT
GET H2	200	38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response www.gstatic.com/mysidia/ Frame BC10	9 KB 4 KB	37ms 36ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:04:29 GMT content-encoding gzip x-content-type-options nosniff age 282609 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4046 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 22 Feb 2024 14:04:29 GMT
GET H2	200	78b00c21e40332afd18050ebd59c6b08.js Show response www.gstatic.com/mysidia/ Frame BC10	11 KB 5 KB	38ms 38ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:13:18 GMT content-encoding gzip x-content-type-options nosniff age 332480 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4753 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 22 Feb 2024 00:13:18 GMT
GET H3	200	css fonts.googleapis.com/ Frame BC10	14 KB 1 KB	43ms 43ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 19:54:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BC10	2 KB 856 B	32ms 31ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame BC10	23 KB 9 KB	33ms 31ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BC10	3 KB 1 KB	33ms 32ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame BC10	20 KB 8 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame BC10	202 KB 64 KB	159ms 158ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame BC10	37 KB 15 KB	37ms 36ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 10:09:15 GMT content-encoding gzip x-content-type-options nosniff age 555923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 19 Feb 2024 10:09:15 GMT
GET H2	200	38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response www.gstatic.com/mysidia/ Frame 5023	9 KB 4 KB	41ms 40ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 14:04:29 GMT content-encoding gzip x-content-type-options nosniff age 282609 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4046 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 22 Feb 2024 14:04:29 GMT
GET H2	200	78b00c21e40332afd18050ebd59c6b08.js Show response www.gstatic.com/mysidia/ Frame 5023	11 KB 5 KB	42ms 42ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:13:18 GMT content-encoding gzip x-content-type-options nosniff age 332480 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4753 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Thu, 22 Feb 2024 00:13:18 GMT
GET H3	200	css fonts.googleapis.com/ Frame 5023	14 KB 1 KB	40ms 40ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 19:54:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5023	2 KB 856 B	34ms 32ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5023	23 KB 9 KB	34ms 33ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5023	3 KB 1 KB	35ms 34ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5023	20 KB 8 KB	32ms 31ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 5023	202 KB 64 KB	163ms 162ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 5023	37 KB 15 KB	41ms 41ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 10:09:15 GMT content-encoding gzip x-content-type-options nosniff age 555923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 19 Feb 2024 10:09:15 GMT
GET DATA	200 OK	truncated / Frame 0D30	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f9c7a79a1840f46b2f81e7b840a3dedfa7ffeaa9460207d0b91536cfb0c263c3 Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
POST H3	204	AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Show response fundingchoicesmessages.google.com/el/	0 28 B	106ms 43ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-FISgz3dCvMymd0wi3nUvew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-security-policy script-src 'report-sample' 'nonce-FISgz3dCvMymd0wi3nUvew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://phishcheck.me content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxWMIyIRzdYsMJoqXgnJUuuVFdEuVqBEyJdtf38U_g8QHVK1D7zw0zf9EvKBb8R8b1W9yEkPLxDpAymet49QvBBUZ6I0Bl_lwm4KZxBb0c6YfKgFGffqajsuN9FwI1PKiV2sLmEchg== Show response fundingchoicesmessages.google.com/f/	13 KB 6 KB	77ms 70ms	Script application/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWMIyIRzdYsMJoqXgnJUuuVFdEuVqBEyJdtf38U_g8QHVK1D7zw0zf9EvKBb8R8b1W9yEkPLxDpAymet49QvBBUZ6I0Bl_lwm4KZxBb0c6YfKgFGffqajsuN9FwI1PKiV2sLmEchg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTE3Mjc4LDg5MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMF1dLCJodHRwczovL3BoaXNoY2hlY2subWUvIixudWxsLFtbOCwiTnRzNUx2WUlvYmsiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash 5342731117573e91084be6bc4339a886d5a72a06314f45dccac116f961afb2a9 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IRCu9UMpc2PZG0zI36FM3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IRCu9UMpc2PZG0zI36FM3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2244	143 B 166 B	30ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 1816 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:04:22 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 33F1	143 B 166 B	30ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 1816 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:04:22 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame 0A6A	14 KB 1 KB	39ms 39ms	Stylesheet text/css	142.250.186.42 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.42 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 27 Nov 2023 18:47:02 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 27 Nov 2023 20:34:38 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0A6A	2 KB 822 B	30ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0A6A	23 KB 9 KB	30ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 10:09:15 GMT content-encoding br x-content-type-options nosniff age 37523 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9282 x-xss-protection 0 server cafe etag 14645652906762492339 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 10:09:15 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame DBA5	143 B 166 B	32ms 31ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 1816 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:04:22 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0A6A	3 KB 1 KB	30ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0A6A	20 KB 8 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 0A6A	202 KB 64 KB	126ms 125ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H3	200	a6de5423b7c632060e8f86136bd5d27a.js Show response www.gstatic.com/mysidia/ Frame 0A6A	37 KB 15 KB	32ms 31ms	Script text/javascript	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f3.1e100.net Software sffe / Resource Hash 0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 10:09:15 GMT content-encoding gzip x-content-type-options nosniff age 555923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15478 x-xss-protection 0 last-modified Tue, 14 Nov 2023 14:10:21 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 19 Feb 2024 10:09:15 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/16603060179128237956/ Frame 5023	3 KB 3 KB	31ms 31ms	Image image/jpeg	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16603060179128237956/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 8d15ededf521aca89dc8902ede798b6cab243a5e34bab5b4fc897410feed8505 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 18:14:03 GMT x-content-type-options nosniff age 440435 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2965 x-xss-protection 0 last-modified Tue, 10 Oct 2023 04:33:27 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 21 Nov 2024 18:14:03 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 295A	143 B 166 B	31ms 30ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 1816 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:04:22 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 0D30	16 KB 16 KB	35ms 35ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 08:19:38 GMT x-content-type-options nosniff age 216900 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 08:19:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 0D30	15 KB 15 KB	56ms 56ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Sat, 25 Nov 2023 13:37:09 GMT x-content-type-options nosniff age 197849 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Nov 2024 13:37:09 GMT
GET DATA	200 OK	truncated / Frame 5023	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 33334078d0540e1a45fa5155369d8e581c86bd3ebf2f691d5cce9c704f677ce1 Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2244 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	46ms 45ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 33F1 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	45ms 44ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 0D30 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CzQzWXP1kZdPGNo-17OsPoOGQ-AiPyc_6cp__vJL3EAoQASCd8OogYKmwvoDMAaAB7LPywAHIAQmoAwHIA8uEgIAEqgTJAU_Qyfeh9db__gyjNYkWuGqb_7kDrWMneMD_GH0IXMd_G8ZB5u_... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22311688634612201589%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:...	0 0	65ms 65ms	Fetch text/css	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22311688634612201589%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22639380821217484609%22}&andc=true Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"311688634612201589","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"639380821217484609"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 27 Nov 2023 20:34:38 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 27 Nov 2023 20:34:38 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"311688634612201589","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"639380821217484609"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 5023	33 KB 33 KB	32ms 32ms	Font font/woff2	142.250.185.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f3.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 21:01:51 GMT x-content-type-options nosniff age 430367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 21 Nov 2024 21:01:51 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame DBA5 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	52ms 51ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response pagead2.googlesyndication.com/bg/ Frame 88AC	39 KB 15 KB	31ms 31ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5625379829790606&output=html&h=280&adk=2508842873&adf=1801062927&pi=t.aa~a.768063588~rp.1&w=1155&fwrn=4&fwrnh=100&lmt=1701117276&rafmt=1&to=qs&pwprc=1402822305&format=1155x280&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117276359&bpp=2&bdt=670&idt=366&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=368 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:36:09 GMT content-encoding br x-content-type-options nosniff age 331109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15097 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 00:36:09 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 295A Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	49ms 49ms	Document text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT expires Mon, 27 Nov 2023 20:34:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:38 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	148ms 65ms	Preflight text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22311688634612201589%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22639380821217484609%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 27 Nov 2023 20:34:38 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 5023 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CpCq3XP1kZY3aN_uY7OsPpZOvyAjQk9z5c-vAlfaEErLUqtrrDhABIJ3w6iBgqbC-gMwBoAHY5_6qKsgBAagDAcgDywSqBNUBT9AELddR-xrkWpbPKt0qmfu1-vGKBWGQDJiU8kkrH6Ojm1S... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223993701910426356553%22,%22debug_reporting%22:true,%22destination%22:%22https://sider.ai%22,%22event_report_window%22:%2225...	0 0	68ms 68ms	Fetch text/css	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223993701910426356553%22,%22debug_reporting%22:true,%22destination%22:%22https://sider.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211364447192%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225223645958264884881%22}&andc=true Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H3 Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"3993701910426356553","debug_reporting":true,"destination":"https://sider.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11364447192"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"5223645958264884881"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 27 Nov 2023 20:34:38 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 27 Nov 2023 20:34:38 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3993701910426356553","debug_reporting":true,"destination":"https://sider.ai","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11364447192"],"4":["11-27"],"6":["true"]},"priority":"500","source_event_id":"5223645958264884881"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response pagead2.googlesyndication.com/bg/ Frame F473	39 KB 15 KB	30ms 30ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:36:09 GMT content-encoding br x-content-type-options nosniff age 331109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15097 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 00:36:09 GMT
GET H3	200	6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response pagead2.googlesyndication.com/bg/ Frame B702	39 KB 15 KB	30ms 30ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:36:09 GMT content-encoding br x-content-type-options nosniff age 331109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15097 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 00:36:09 GMT
GET H3	200	6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response pagead2.googlesyndication.com/bg/ Frame 5A23	39 KB 15 KB	32ms 32ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:36:09 GMT content-encoding br x-content-type-options nosniff age 331109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15097 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 00:36:09 GMT
GET H3	200	6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response pagead2.googlesyndication.com/bg/ Frame 3BC4	39 KB 15 KB	35ms 35ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Requested by Host: phishcheck.me URL: https://phishcheck.me/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Fri, 24 Nov 2023 00:36:09 GMT content-encoding br x-content-type-options nosniff age 331109 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15097 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Nov 2024 00:36:09 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	67ms 66ms	Preflight text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223993701910426356553%22,%22debug_reporting%22:true,%22destination%22:%22https://sider.ai%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211364447192%22],%224%22:[%2211-27%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225223645958264884881%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 27 Nov 2023 20:34:38 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame 7739	91 KB 36 KB	125ms 23ms	Script application/javascript	13.107.213.45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Mon, 27 Nov 2023 20:34:38 GMT content-encoding br last-modified Fri, 10 Nov 2023 19:05:36 GMT vary Accept-Encoding x-azure-ref 20231127T203438Z-pht9kcmet50ut4c7erryv4cmf8000000012g000000030kg7 content-type application/javascript access-control-allow-origin * x-ms-request-id 551ad05e-d01e-00ca-4f09-14e0ef000000 cache-control private, max-age=3600 x-cache TCP_HIT x-ms-version 2009-09-19
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/240/ Frame 7739	80 KB 28 KB	52ms 12ms	Script application/x-javascript	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/240/trk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Expires Thu, 14 Nov 2024 14:07:00 GMT Date Mon, 27 Nov 2023 20:34:38 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 1060058 X-Cache HIT, HIT Connection keep-alive Content-Length 27680 X-Served-By cache-lga21956-LGA, cache-vie6357-VIE Last-Modified Wed, 15 Nov 2023 14:06:46 GMT Server AkamaiNetStorage X-Timer S1701117279.745615,VS0,VE0 ETag "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 8, 1230435
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7739	3 KB 1 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 7739	20 KB 8 KB	32ms 31ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 7739	0 0	39ms 38ms	Image text/html	142.250.186.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKj1_idnCuh4GhGuKK2-cwzLbtWmEjUfSWjubEqrt1sLqIX7-lA5MVA_biFzbYDmqTgb4DSKxGvqGToLU9XJ9dl-0fxQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 7739	202 KB 64 KB	92ms 91ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	c.gif www.bing.com/aes/ Frame 7739 Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=a83af31c-eaf1-48c6-9fa4-43235b636007&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=977839b3-2d95-4f63... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=168d81b05b2a4b3da35551e6735198e9&SNR=1&GV=2&med=10	0 243 B	48ms 48ms	Image text/plain	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=168d81b05b2a4b3da35551e6735198e9&SNR=1&GV=2&med=10 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:38 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 967AD2BE743D4F54AC8ECB9D033C2B60 Ref B: VIEEDGE4116 Ref C: 2023-11-27T20:34:38Z vary Origin x-cache CONFIG_NOCACHE p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Mon, 27 Nov 2023 20:34:38 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0C15CA7C389946A0833294DF19DB119C Ref B: VIEEDGE4116 Ref C: 2023-11-27T20:34:38Z vary Origin x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=168d81b05b2a4b3da35551e6735198e9&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate content-length 154 expires 0
GET H2	200	sdk.js Show response adsdk.microsoft.com/native-to-display/ Frame 5E7F	91 KB 36 KB	19ms 18ms	Script application/javascript	13.107.213.45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://adsdk.microsoft.com/native-to-display/sdk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.213.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Mon, 27 Nov 2023 20:34:38 GMT content-encoding br last-modified Fri, 10 Nov 2023 19:05:36 GMT vary Accept-Encoding x-azure-ref 20231127T203438Z-pht9kcmet50ut4c7erryv4cmf8000000012g000000030kgg content-type application/javascript access-control-allow-origin * x-ms-request-id 551ad05e-d01e-00ca-4f09-14e0ef000000 cache-control private, max-age=3600 x-cache TCP_HIT x-ms-version 2009-09-19
GET H/1.1	200 OK	trk.js Show response cdn.adnxs.com/v/s/240/ Frame 5E7F	80 KB 28 KB	13ms 12ms	Script application/x-javascript	151.101.65.108 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.adnxs.com/v/s/240/trk.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.65.108 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AkamaiNetStorage / Resource Hash 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Expires Thu, 14 Nov 2024 14:07:00 GMT Date Mon, 27 Nov 2023 20:34:38 GMT Content-Encoding gzip Via 1.1 varnish, 1.1 varnish Age 1060058 X-Cache HIT, HIT Connection keep-alive Content-Length 27680 X-Served-By cache-lga21956-LGA, cache-vie6357-VIE Last-Modified Wed, 15 Nov 2023 14:06:46 GMT Server AkamaiNetStorage X-Timer S1701117279.847101,VS0,VE0 ETag "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562" Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Accept-Ranges bytes X-Cache-Hits 8, 1230436
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5E7F	3 KB 1 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 13:27:03 GMT content-encoding br x-content-type-options nosniff age 25655 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 13:27:03 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5E7F	20 KB 8 KB	31ms 30ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software cafe / Resource Hash 3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:17:19 GMT content-encoding br x-content-type-options nosniff age 15439 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8541 x-xss-protection 0 server cafe etag 737174102934380276 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 16:17:19 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 5E7F	0 0	40ms 39ms	Image text/html	142.250.186.164 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6g-1br7E_bTYKi5DabjwfEzLPlrJCwD9h7hzKqYHelPSVo6QuFtjUcnXk6kwJjgeJcDB32NDuV-qim_qFS0QXgiBTzw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f4.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 5E7F	202 KB 64 KB	73ms 73ms	Script text/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software sffe / Resource Hash d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65070 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1700193896630564" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 27 Nov 2023 20:34:38 GMT
GET H2	200	c.gif www.bing.com/aes/ Frame 5E7F Redirect Chain https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=b05f5650-796e-45a8-9d07-c9e262bc4b1a&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=b316da81-21e3-442f... https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c8227cdf5c7e414a85e2a7556afdbe2f&SNR=1&GV=2&med=10	0 184 B	48ms 47ms	Image text/plain	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c8227cdf5c7e414a85e2a7556afdbe2f&SNR=1&GV=2&med=10 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H2 Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:38 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: ADC4DF6372E14AFEBD2579D5BDE05F9F Ref B: VIEEDGE4116 Ref C: 2023-11-27T20:34:38Z vary Origin x-cache CONFIG_NOCACHE p3p CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo cache-control private,no-store content-length 0 Redirect headers pragma no-cache strict-transport-security max-age=15724800; includeSubDomains date Mon, 27 Nov 2023 20:34:38 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: CE59DE90F86D4054ABABDDC659BD05C7 Ref B: VIEEDGE4116 Ref C: 2023-11-27T20:34:38Z vary Origin x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 location https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=c8227cdf5c7e414a85e2a7556afdbe2f&SNR=1&GV=2&med=10 cache-control no-cache, no-store, must-revalidate content-length 154 expires 0
GET H2	200	th www.bing.com/ Frame 7739	9 KB 10 KB	18ms 18ms	Image image/jpeg	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OADD2.7559465607728_1QWIVUEFUW05IQT3X8&pid=21.2&c=16&roil=0.0008&roit=0&roir=0.9975&roib=1&w=200&h=105&qlt=90 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash 862aba1a696e602be176d073e84d159511ff5041cc3cf1cf8f9b1b886e734c3f Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: BC7AE792C56042B48051A30821CEB234 Ref B: VIEEDGE4116 Ref C: 2023-11-27T20:34:38Z access-control-allow-methods GET, POST, OPTIONS x-cache TCP_HIT access-control-allow-origin * report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 9431
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame 7739	0 532 B	99ms 30ms	Script text/html	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fphishcheck.me&e=wqT_3QLpA-jpAQAAAwDWAAUBCN76k6sGEP-X-dmFtO_FeRgAKjYJTO2SM10sqz8Rvi0LJVNzqj8ZAAAAQOF68D8hvg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_PMFgAEBigEDVVNEkgUG8JqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vcGhpc2hjaGVjay5tZYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAW9WIgFAZgFAKAF9YvY7bfa9-BkwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXujU76BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgH_PMF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8Afr6wqKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=89eb8246276d807da58746d8db0ae24d078615fc&bdref=https%3A%2F%2Fphishcheck.me%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fphishcheck.me%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5625379829790606%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D3132389021%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701117277%26rafmt%3D1%26to%3Dqs%26pwprc%3D1402822305%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fphishcheck.me%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701117277891%26bpp%3D1%26bdt%3D2202%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1155x280%252C1155x90%26nras%3D4%26correlator%3D1375988515148%26frm%3D20%26pv%3D1%26ga_vid%3D519375954.1701117277%26ga_sid%3D1701117277%26ga_hid%3D1901096425%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2029%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42532599%252C44809315%252C31078297%252C31079653%252C44807764%252C44808148%252C44808285%252C44809055%26oid%3D2%26pvsid%3D4273893573988124%26tmod%3D990909807%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D52,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5625379829790606%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D3132389021%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701117277%26rafmt%3D1%26to%3Dqs%26pwprc%3D1402822305%26format%3D1200x90%26url%3Dhttps%253A%252F%252Fphishcheck.me%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701117277891%26bpp%3D1%26bdt%3D2202%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1155x280%252C1155x90%26nras%3D4%26correlator%3D1375988515148%26frm%3D20%26pv%3D1%26ga_vid%3D519375954.1701117277%26ga_sid%3D1701117277%26ga_hid%3D1901096425%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D200%26ady%3D2029%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42532599%252C44809315%252C31078297%252C31079653%252C44807764%252C44808148%252C44808285%252C44809055%26oid%3D2%26pvsid%3D4273893573988124%26tmod%3D990909807%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D52& Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:38 GMT an-x-request-uuid 789c11e1-b853-483b-bbb1-a2ed8bd3d587 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 194.35.121.53; 194.35.121.53; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	th www.bing.com/ Frame 5E7F	9 KB 9 KB	18ms 17ms	Image image/jpeg	204.79.197.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.bing.com/th?id=OADD2.7559465607728_1QWIVUEFUW05IQT3X8&pid=21.2&c=16&roil=0.0008&roit=0&roir=0.9975&roib=1&w=200&h=105&qlt=90 Requested by Host: adsdk.microsoft.com URL: https://adsdk.microsoft.com/native-to-display/sdk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0001.a-msedge.net Software / Resource Hash 862aba1a696e602be176d073e84d159511ff5041cc3cf1cf8f9b1b886e734c3f Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:38 GMT nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: C4DBEF5F7FBD452E9E60490F29AEE919 Ref B: VIEEDGE4116 Ref C: 2023-11-27T20:34:38Z access-control-allow-methods GET, POST, OPTIONS x-cache TCP_HIT access-control-allow-origin * report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]} content-type image/jpeg cache-control public, max-age=2592000 timing-allow-origin * access-control-allow-headers * content-length 9431
GET H2	200	rd_log Show response ams3-ib.adnxs.com/ Frame 5E7F	0 530 B	78ms 31ms	Script text/html	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fphishcheck.me&e=wqT_3QLpA-jpAQAAAwDWAAUBCN76k6sGEOaas4uSxJj8ChgAKjYJhnPhLl3NqD8RN6TWjXgkqD8ZAAAAQOF68D8hNw0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR48vMFgAEBigEDVVNEkgUG8JqYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCFWh0dHBzOi8vcGhpc2hjaGVjay5tZYADAIgDAZADAJgDCaADAaoDAMAD2ATIAwDYAwDgAwDoAwD4AwOABACSBAQvdWFwmAQAqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBAHwBAW9WIgFAZgFAKAFoqi3ttSfyOdewAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AXujU76BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQEBi2DgBgHyBgIIAIAHAYgHAKAHAcgH8vMF0gcNFWUBJgjaBwYBXqQYAOAHAOoHAggA8Afr6wqKCAIQAJUIAACAP5gIAcAI8AbSCAYIABAAGAA.&s=b451ec72d65362f5b24aa3b8e5cd5c00ddc37e8f&bdref=https%3A%2F%2Fphishcheck.me%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fphishcheck.me%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5625379829790606%26output%3Dhtml%26h%3D90%26adk%3D2375351246%26adf%3D4099543842%26pi%3Dt.aa~a.3434894028~rp.4%26w%3D1155%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701117277%26rafmt%3D1%26to%3Dqs%26pwprc%3D1402822305%26format%3D1155x90%26url%3Dhttps%253A%252F%252Fphishcheck.me%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701117277891%26bpp%3D1%26bdt%3D2202%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1155x280%252C1155x90%252C1200x90%26nras%3D5%26correlator%3D1375988515148%26frm%3D20%26pv%3D1%26ga_vid%3D519375954.1701117277%26ga_sid%3D1701117277%26ga_hid%3D1901096425%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D215%26ady%3D1909%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42532599%252C44809315%252C31078297%252C31079653%252C44807764%252C44808148%252C44808285%252C44809055%26oid%3D2%26pvsid%3D4273893573988124%26tmod%3D990909807%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D55,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fus_privacy%3D1---%26client%3Dca-pub-5625379829790606%26output%3Dhtml%26h%3D90%26adk%3D2375351246%26adf%3D4099543842%26pi%3Dt.aa~a.3434894028~rp.4%26w%3D1155%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701117277%26rafmt%3D1%26to%3Dqs%26pwprc%3D1402822305%26format%3D1155x90%26url%3Dhttps%253A%252F%252Fphishcheck.me%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701117277891%26bpp%3D1%26bdt%3D2202%26idt%3D-M%26shv%3Dr20231109%26mjsv%3Dm202311090101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1155x280%252C1155x90%252C1200x90%26nras%3D5%26correlator%3D1375988515148%26frm%3D20%26pv%3D1%26ga_vid%3D519375954.1701117277%26ga_sid%3D1701117277%26ga_hid%3D1901096425%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D215%26ady%3D1909%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42532599%252C44809315%252C31078297%252C31079653%252C44807764%252C44808148%252C44808285%252C44809055%26oid%3D2%26pvsid%3D4273893573988124%26tmod%3D990909807%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D55& Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:38 GMT an-x-request-uuid 80ccebb0-0e24-4464-b824-ae46a10da419 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 194.35.121.53; 194.35.121.53; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 187F	1 KB 643 B	31ms 30ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 15388 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 16:18:10 GMT etag 48472445140208031 expires Tue, 28 Nov 2023 16:18:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 7739	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6b9bb062e8ac98d28a70f9d7f688aa4895ee5008beedc7c3217db00fd12a1cab Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 7739	0 19 B	76ms 75ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CbWQaXv1kZfWiA7fykPIPk7uQyA7S4Nfgbo-ktpOTCsCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi01NjI1Mzc5ODI5NzkwNjA2yAEJqAMByAMCqgTBAU_QYtufG0hsyVzJA2oUHAPMbYdhyWH5gLac5Cr5bbgIlKq8VS8CHI7-z2Y7Ipm49v-reLKOqmNMJJLrTOvofcjNVxaHgEM4arT1o8hvChsKwX7of2lL7Ll4ZwHCLgf8lw1KjXyTfdcTYpArsR2QeDloROaJBxPblt4jdbq8A5R9sQfQO6VavyL500roxVHN1yWMCq7hK88Htgj7Q_Weu-5eCppYKAxHpHxPX3Og1VziGa1zGOnVsoRN5_mOSOmMyOuABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTYyNTM3OTgyOTc5MDYwNhgA&sigh=zxv2rkOlQ2g&uach_m=%5BUACH%5D&cid=CAQSOwDICaaN-k2fTZaJe59AMcw6O_To2kYe0DkPzl6l_k7uLca9S_cO-Dz59LMfjFP0kvugMdHBONckflwIGAE&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 27 Nov 2023 20:34:39 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	it ams3-ib.adnxs.com/ Frame 7739	0 531 B	31ms 30ms	Image text/html	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fphishcheck.me&e=wqT_3QKbB-ibAwAAAwDWAAUBCN76k6sGEP-X-dmFtO_FeRgAKjYJTO2SM10sqz8Rvi0LJVNzqj8ZAAAAQOF68D8hvg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_PMFgAEBigEDVVNEkgUG8FuYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIVaHR0cHM6Ly9waGlzaGNoZWNrLm1lgAMAiAMBkAMAmAMJoAMBqgOvAwrFAmh0dAUr8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9OTc3ODM5YjMtMmQ5NS00ZjYzLThmMWQtNDg0NGIxYWRjMTc3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA5jnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9BcBX2ZzX2dieHJhX3l2ZmcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4NzU4MzAyMzk2Nzc1Mjg3ODA3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETTBPVFExTXpZNU5URXhOeklqTWpNek5USTVNemszT0RJeE1qRXdNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfWL2O232vfgZMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe6NTvoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH_PMF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8Afr6wqKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=bfacdbab6de5221a21a63d9b08150d5d6e137a82&pp=ZWT9XgAA0XUIRDk3AAQdk_wZgwMbRF3qge_3CA&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCNIvyXv1kZfWiA7fykPIPk7uQyA7S4Nfgbo-ktpOTCsCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi01NjI1Mzc5ODI5NzkwNjA2yAEJqAMByAMCqgTEAU_QYtufG0hsyVzJA2oUHAPMbYdhyWH5gLac5Cr5bbgIlKq8VS8CHI7-z2Y7Ipm49v-reLKOqmNMJJLrTOvofcjNVxaHgEM4arT1o8hvChsKwX7of2lL7Ll4ZwHCLgf8lw1KjXyTfdcTYpArsR2QeDloROaJBxPblt4jdbq8A5R9sQfQO6VavyL500roxVHN1yWMCq7hK88Htgj7Afe_KSz68PfM0njyOiXL6XeD39jrN7Wqum-MNjjNzdWWiGhupX-kwBqABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SWFVISKsGoZnoeN7TDutor2sGeg%26client%3Dca-pub-5625379829790606%26adurl%3D&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT an-x-request-uuid 1320d816-3813-46e4-a9b0-aa535b26107e server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 194.35.121.53; 194.35.121.53; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 7739	0 555 B	160ms 159ms	Ping text/html	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fphishcheck.me&e=wqT_3QKbB-ibAwAAAwDWAAUBCN76k6sGEP-X-dmFtO_FeRgAKjYJTO2SM10sqz8Rvi0LJVNzqj8ZAAAAQOF68D8hvg0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4_PMFgAEBigEDVVNEkgUG8FuYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIVaHR0cHM6Ly9waGlzaGNoZWNrLm1lgAMAiAMBkAMAmAMJoAMBqgOvAwrFAmh0dAUr8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9OTc3ODM5YjMtMmQ5NS00ZjYzLThmMWQtNDg0NGIxYWRjMTc3JmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgA5jnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f9BcBX2ZzX2dieHJhX3l2ZmcmYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM4NzU4MzAyMzk2Nzc1Mjg3ODA3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ETTBPVFExTXpZNU5URXhOeklqTWpNek5USTVNemszT0RJeE1qRXdNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBfWL2O232vfgZMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe6NTvoFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AGwo0E2gYWChAJEhkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH_PMF0gcNCREoASYM2gcGCAUJqOAHAOoHAggA8Afr6wqKCAIQAJUIAACAP5gIAcAI8AbSCAkI____PxACGAA.&s=bfacdbab6de5221a21a63d9b08150d5d6e137a82&type=nv&nvt=5&jm=1003&px=236&py=0&bw=182&bh=90&sid=5937208981853484552&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1200&ph=90&ww=1200&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/240/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT an-x-request-uuid 89a354a9-833e-494f-ae9b-941d1539586c server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 194.35.121.53; 194.35.121.53; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame E2B7	1 KB 643 B	30ms 30ms	Document text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers age 15389 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 16:18:10 GMT etag 48472445140208031 expires Tue, 28 Nov 2023 16:18:10 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 5E7F	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6eefb323e5e471c726477f3d795bb9a34f07788d2a68599c3802ef9597e3db2d Request headers accept-language de-AT,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 5E7F	0 19 B	77ms 77ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CStydXv1kZfy3A8z4kPIPvLu42AfS4Nfgbo-ktpOTCsCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi01NjI1Mzc5ODI5NzkwNjA2yAEJqAMByAMCqgTBAU_Qp46oI7HedWrs1s9BiB3Zk1uInGAk4VL14G4XbTo5xiL4NGjSRjju_Tmp5GOiBgzohnz8fI1e5iTvnRy6tSlTW-lhqF-FvrND6FCzDiFFbw3bOAm-es2PqfsHlNZHA-TPyUq9ZljQ81d8fJ6_TDdGoirG1SNc2vR0R6saeFFJJ-v1Gt69frPh4cDDo8shP95KV97KKK-ZIYymEEmxBb5pZRN-jvNd_4cr-aPgulJQAvZnGAo7ZJA63BUn9K8cNtmABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTYyNTM3OTgyOTc5MDYwNhgA&sigh=uFFeYnKMVTk&uach_m=%5BUACH%5D&cid=CAQSPADICaaNNyCb2zm4Z-SjY-sH07So6Cf3RcnPgymTpnx1NEMjQv7UQxnGB00ielXteBVNc36Tr69xM4tRrxgB&cbvp=2&vis=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 27 Nov 2023 20:34:39 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	it ams3-ib.adnxs.com/ Frame 5E7F	0 531 B	31ms 31ms	Image text/html	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fphishcheck.me&e=wqT_3QKZB-iZAwAAAwDWAAUBCN76k6sGEOaas4uSxJj8ChgAKjYJhnPhLl3NqD8RN6TWjXgkqD8ZAAAAQOF68D8hNw0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR48vMFgAEBigEDVVNEkgUG8FuYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIVaHR0cHM6Ly9waGlzaGNoZWNrLm1lgAMAiAMBkAMAmAMJoAMBqgOtAwrEAmh0dAUr8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjMxNmRhODEtMjFlMy00NDJmLWEwM2UtYTkzNzIxZDliMmZmJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBijnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8EZfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNzkwNDg5NjI5MDM3NzQzNDYyIgkzODE4NDY3MTQqBCFg8N46OFUyVmhjbU5vUVdRak9ETTBPVFExTXpZNU5URXhOeklqTWpNek5USTVNemszT0RJeE1qRXdNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBaKot7bUn8jnXsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe6NTvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfy8wXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAH6-sKiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=50067228f87b0fd402a8845ca9e656ed95c24c21&pp=ZWT9XgAA2_wIRDxMAA4dvM3br_j_rW-uR6Ygzg&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCG8MOXv1kZfy3A8z4kPIPvLu42AfS4Nfgbo-ktpOTCsCNtwEQASAAYKmwvoDMAYIBF2NhLXB1Yi01NjI1Mzc5ODI5NzkwNjA2yAEJqAMByAMCqgTEAU_Qp46oI7HedWrs1s9BiB3Zk1uInGAk4VL14G4XbTo5xiL4NGjSRjju_Tmp5GOiBgzohnz8fI1e5iTvnRy6tSlTW-lhqF-FvrND6FCzDiFFbw3bOAm-es2PqfsHlNZHA-TPyUq9ZljQ81d8fJ6_TDdGoirG1SNc2vR0R6saeFFJJ-v1Gt69frPh4cDDo8shP95KV97KKK-ZIYymUkuQl3zNn37qdIfoYd6vT6fDsNZZLO6-uoxi4Cy69jk_NC7-W01DtT-ABsDSn4bIuLH48QGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3PTba4P9xi-AGO8hWicJ4BG_1ysQ%26client%3Dca-pub-5625379829790606%26adurl%3D&cbvp=2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT an-x-request-uuid 9c7ede55-4e0a-4bbd-a3cf-f0099cd3c165 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 194.35.121.53; 194.35.121.53; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	vevent ams3-ib.adnxs.com/ Frame 5E7F	0 555 B	31ms 30ms	Ping text/html	185.89.210.20 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fphishcheck.me&e=wqT_3QKZB-iZAwAAAwDWAAUBCN76k6sGEOaas4uSxJj8ChgAKjYJhnPhLl3NqD8RN6TWjXgkqD8ZAAAAQOF68D8hNw0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR48vMFgAEBigEDVVNEkgUG8FuYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2ALwBuACoqgx6gIVaHR0cHM6Ly9waGlzaGNoZWNrLm1lgAMAiAMBkAMAmAMJoAMBqgOtAwrEAmh0dAUr8IZ3d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjMxNmRhODEtMjFlMy00NDJmLWEwM2UtYTkzNzIxZDliMmZmJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVW4ZXCBwdWJsaXNoZXIBOCA2MjY0NTMzMCYBDgBijnEAuHJ0eXBlPW51cmwmdGFnSWQ9NjkyOTQ5OSZ0cmFmZmljR3JvdXA9a25hcWVfM2MmDRYIU3ViCRkYenpmJTNBaw0f8EZfZ3ZycS1wYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSNzkwNDg5NjI5MDM3NzQzNDYyIgkzODE4NDY3MTQqBCFg8N46OFUyVmhjbU5vUVdRak9ETTBPVFExTXpZNU5URXhOeklqTWpNek5USTVNemszT0RJeE1qRXdNZz09wAPYBMgDANgDAOADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBaKot7bUn8jnXsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBe6NTvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAABUQVAQGLYOAGAfIGAggAgAcBiAcAoAcByAfy8wXSBw0VZQEmDNoHBggFCajgBwDqBwIIAPAH6-sKiggCEACVCAAAgD-YCAHACPAG0ggJCP___z8QAhgA&s=50067228f87b0fd402a8845ca9e656ed95c24c21&type=nv&nvt=5&jm=1003&px=214&py=0&bw=182&bh=90&sid=5937208981853484552&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=1155&ph=90&ww=1155&wh=90&ft=3 Requested by Host: cdn.adnxs.com URL: https://cdn.adnxs.com/v/s/240/trk.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT an-x-request-uuid b244a940-85f0-472c-aee7-f307f248971c server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 194.35.121.53; 194.35.121.53; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 187F	35 B 464 B	116ms 33ms	Image image/gif	91.228.74.200 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA87U1fjaY7HzNP4eWItKQo&google_cver=1&google_push=AXcoOmQ1APLk57_CTM1wfyqAqfekQhSRcwB33CbdrQPCdR5zS-pEVfArQAGz4xCJhpqFQncED3k5_O92JgmY8vC9CPKDnWYn7UuCkI7XHfAyL2r3jhRBpMS2jWSx-L9VsxPMAxGWf0J8x3KCFpQxjcaYYnSw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 187F	0 104 B	187ms 91ms	Image text/plain	63.215.202.140 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECiFXaG6GUaPFylusM0rH7s&google_cver=1&google_push=AXcoOmRRHySQPg1p7PTk7uhT2rqHL2vZ4MpxW6-2eFKefvl28hOIdUm4bP4pL_kffPKAvd7xRbu_W9klNQ7gYzWXJvAhpnn4BAR0_3Y818t__wEOBfr5GUaD6Qwgv8rCjc2W04S1WVZk5nB03kcJp2vYS-RwCw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.215.202.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US), Reverse DNS ams01-nessy-float2.dotomi.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 187F Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cver=1&google_push=AXcoOmS5OFXh904N3n7Bt1WwvT9roHxleX88fLpEO8c2Qhz...	170 B 188 B	41ms 41ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cver=1&google_push=AXcoOmS5OFXh904N3n7Bt1WwvT9roHxleX88fLpEO8c2QhzW6bisjokmcaEPnVZJymWnUXNcv1gvm5wOKRp01gjjlq12oIpkZNqtUQJhgqyVd9Rmtzd1M7QdYGV-7S4IiichyMlCWE7tssJSguZ6NzSmf0no Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 27 Nov 2023 20:34:38 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEOb53GvMypLGa6-9lsn1Ea8&google_cver=1&google_push=AXcoOmS5OFXh904N3n7Bt1WwvT9roHxleX88fLpEO8c2QhzW6bisjokmcaEPnVZJymWnUXNcv1gvm5wOKRp01gjjlq12oIpkZNqtUQJhgqyVd9Rmtzd1M7QdYGV-7S4IiichyMlCWE7tssJSguZ6NzSmf0no Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame 187F	70 B 149 B	163ms 53ms	Image image/gif	52.223.40.198 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJeZRmWDKUxN_8NfuM4XgWo&google_cver=1&google_push=AXcoOmQjMRBKwX6T7pLcfslF8zpMWblVAbCB4JSSGSkK3ii81yhV3e-fQyI0ZrYRfrSi8X16sR8w-JiS983aud_REcXVBduvmoK9AsSQ3qb8Hgj9p3C4gWwnJgQTlrnPaZDedqxQMw0DsRwSlwVoCRs9Eqrh2A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.40.198 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a6370ebea231e0c9a.awsglobalaccelerator.com Software Kestrel / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT server Kestrel content-length 70 content-type image/gif
GET		getuid ads.avct.cloud/ Frame 187F Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_JsjMWJ7g8pl3BPAKN6S8&google_cver=1&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_JsjMWJ7g8pl3BPAKN6S8&google_cver=1&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51S... https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle	0 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 187F Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIz1rOyEohyhBA4UBkTI52c&google_cver=1&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGSjy... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIz1rOyEohyhBA4UBkTI52c&google_cver=1&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWsza... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MTM3NjYzNjM5MjcwNTQzNQ&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGS...	170 B 188 B	53ms 51ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MTM3NjYzNjM5MjcwNTQzNQ&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGSjyU5Fj-qDJxWwIehBCMMR-qNkiVFp855LXMdmE8GkCWOPlSZLgnsC5ffFhm8vSSF9IbMkRxVVAUlrhbA Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzU4MTM3NjYzNjM5MjcwNTQzNQ&google_push=AXcoOmS-VL9cZO4WwkhcaYyD3tfGA154Q_6v51mZCazhPXU5snUoEhlUBAOlwLpgbq_1KIfWszakGSjyU5Fj-qDJxWwIehBCMMR-qNkiVFp855LXMdmE8GkCWOPlSZLgnsC5ffFhm8vSSF9IbMkRxVVAUlrhbA access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 187F Redirect Chain https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEGH1za-NEedWdDCUNdlDFwY&google_cver=1&google_push=AXcoOmS4-seRF3qaoiGRPe4dmoKxprZrmbAPMfNM9bVqcTxOUm2YAlBYCkM2BwtT9U5t3Eelf5MKIy08bsSE... https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS4-seRF3qaoiGRPe4dmoKxprZrmbAPMfNM9bVqcTxOUm2YAlBYCkM2BwtT9U5t3Eelf5MKIy08bsSE65HIwOkaGGODaqmsS4KcX1Vf8qINkfoFfVUX...	170 B 188 B	47ms 46ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS4-seRF3qaoiGRPe4dmoKxprZrmbAPMfNM9bVqcTxOUm2YAlBYCkM2BwtT9U5t3Eelf5MKIy08bsSE65HIwOkaGGODaqmsS4KcX1Vf8qINkfoFfVUXzTsNLH8i08v-lsfQDuqG8A8_tTVWj2ZcVVzsYg Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS4-seRF3qaoiGRPe4dmoKxprZrmbAPMfNM9bVqcTxOUm2YAlBYCkM2BwtT9U5t3Eelf5MKIy08bsSE65HIwOkaGGODaqmsS4KcX1Vf8qINkfoFfVUXzTsNLH8i08v-lsfQDuqG8A8_tTVWj2ZcVVzsYg strict-transport-security max-age=15552000 cache-control no-transform, no-cache alt-svc h3=":443"; ma=900, h3-29=":443"; ma=900 content-length 0 p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 187F	0 69 B	54ms 39ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K0vDDLE8wHYpUiskjG3N5a3iZB6lkPKBfq2bMNbFi5sc4NzIrHOXgzqY-XzmPYohHVGHYq Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2743202993&adf=3132389021&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1200x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90&nras=4&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=52 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E2B7 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGdgzDqcV9WJANiyatIO2Y0&google_cver=1&google_push=AXcoOmRLm2OuKCuRtlalEJCLUtcY-rQwQ70GDPoOSzeanm6MG9uRM7vXJmhQdWUN7GCiBC1awCe-pkAA0Rl6NFJX6gVV7KMt1_xdr... https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk4NTYwMzYyOTE5Mjg0NjM2NA==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGdgzDqcV9WJANiyatIO2Y0&google_cver=1	43 B 398 B	64ms 31ms	Image image/gif	46.228.164.11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGdgzDqcV9WJANiyatIO2Y0&google_cver=1 Protocol H2 Server 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type image/gif pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGdgzDqcV9WJANiyatIO2Y0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E2B7 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cver=1&google_push=AXcoOmTLDvvjiA0Gaep-yCCeCAvAtG5h728RgUqccn1stQa...	170 B 188 B	49ms 48ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cver=1&google_push=AXcoOmTLDvvjiA0Gaep-yCCeCAvAtG5h728RgUqccn1stQaRDB4HOFIL08lPwZZdG7034jJQ7BgorwmZhN7tg4bMr7i7yp3wAZi9wMElYjcDnAOU5zOtNb1KJMbyob0_utk5PUI3v6h9uA3PbehFHS5Yq-qY6A Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Mon, 27 Nov 2023 20:34:38 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-091a6d662d9a132c7@eu-central-1a@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WFN0cWQ4dGoxUjdJanQ1&google_gid=CAESEG1sLinY-TLRpTYTfLp_ZGM&google_cver=1&google_push=AXcoOmTLDvvjiA0Gaep-yCCeCAvAtG5h728RgUqccn1stQaRDB4HOFIL08lPwZZdG7034jJQ7BgorwmZhN7tg4bMr7i7yp3wAZi9wMElYjcDnAOU5zOtNb1KJMbyob0_utk5PUI3v6h9uA3PbehFHS5Yq-qY6A Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E2B7 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEHNpkgliO3faYMEeHcnyBbo&google_cver=1&google_push=AXcoOmRqIxxuzWpMJVmeAVUanFo6iCKRa87pTVn45-TINJ7ZuqcCFAVs3t92xSpoT8m5ow6qkPGEqhbbBBOm-JbQ... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WNjHWIQiSHkbUu_AyEueyQ&google_push=AXcoOmRqIxxuzWpMJVmeAVUanFo6iCKRa87pTVn45-TINJ7ZuqcCFAVs3t92xSpoT8m5ow6qkPGEqhbbBBOm-JbQNCLO3W5QkBXO_se...	170 B 188 B	43ms 43ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WNjHWIQiSHkbUu_AyEueyQ&google_push=AXcoOmRqIxxuzWpMJVmeAVUanFo6iCKRa87pTVn45-TINJ7ZuqcCFAVs3t92xSpoT8m5ow6qkPGEqhbbBBOm-JbQNCLO3W5QkBXO_se1n1XaxKvhVVrIr-niF9WaDCtEUL7wYeVrKZU4OIMJKdCKhUppA_43jQ Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 27 Nov 2023 20:34:39 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=WNjHWIQiSHkbUu_AyEueyQ&google_push=AXcoOmRqIxxuzWpMJVmeAVUanFo6iCKRa87pTVn45-TINJ7ZuqcCFAVs3t92xSpoT8m5ow6qkPGEqhbbBBOm-JbQNCLO3W5QkBXO_se1n1XaxKvhVVrIr-niF9WaDCtEUL7wYeVrKZU4OIMJKdCKhUppA_43jQ x-host tde-deliveryengine-production-6987bbc57b-cjj2l alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame E2B7 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEImYyDhagEWEP7KcdmD86b8&google_cver=1&google_push=AXcoOmSHJEYr6pKdBmL0UlADF3rRWMr9bhChw4bXzJxLRcNRDzKu68N_SsIC_cCBqms3Z_YJhzZQQhi5doOXQACriNsM... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEImYyDhagEWEP7KcdmD86b8&google_cver=1&google_push=AXcoOmSHJEYr6pKdBmL0UlADF3rRWMr9bhChw4bXzJxLRcNRDzKu68N_SsIC_cCBqms3Z_YJhzZQQhi5doOXQA... https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=21d86de8-394b-4cba-a777-8e8079b29254 https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=21d86de8-394b-4cba-a777-8e8079b29254 https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=ce78cd80-7051-406b-9a07-307f9b1da002&user_group=1&ssp=google&bsw_param=21d86de8-394b-4cba-a777-8e8079b29254 https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii8_SXd1_yLniZ2T6RkD0-tbUFHpYmK2K6z7Nk8wvo3E...	170 B 188 B	40ms 40ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii8_SXd1_yLniZ2T6RkD0-tbUFHpYmK2K6z7Nk8wvo3EFe6ew_GhEkly6gpqef4ca1IQ&google_hm=Idht6DlLTLqnd46AebKSVA== Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmSqn-jns5ix5-ExJ5VtoanpohEiVt2ygoLqWPl3t3z3lYwMVVXKQ03_f25QZBbH7AA0oBhq88BZrkc51SH8R4ii8_SXd1_yLniZ2T6RkD0-tbUFHpYmK2K6z7Nk8wvo3EFe6ew_GhEkly6gpqef4ca1IQ&google_hm=Idht6DlLTLqnd46AebKSVA== date Mon, 27 Nov 2023 20:34:39 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame E2B7 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPiokkzRIyO6213lNqsUAn8&google_cver=1&google_push=AXcoOmQx6HmFIdop3aL-US6eCnWzzXFUU_sCu2FLtquPY1HlfSmHogTWRLpT4WF665b1LCmamg3gScZGh1QKLTK31MtTzQX... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQx6HmFIdop3aL-US6eCnWzzXFUU_sCu2FLtquPY1HlfSmHogTWRLpT4WF665b1LCmamg3gScZGh1QKLTK31MtTzQX9hrJfY2h0PTT6-TiaJ2IVKE3yOXT8XJPiuc9Ah...	170 B 188 B	45ms 43ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQx6HmFIdop3aL-US6eCnWzzXFUU_sCu2FLtquPY1HlfSmHogTWRLpT4WF665b1LCmamg3gScZGh1QKLTK31MtTzQX9hrJfY2h0PTT6-TiaJ2IVKE3yOXT8XJPiuc9Ah0P876NmbWTe91dHHU9nf8iOnQ&google_hm=eS1ZMVF1RWN0RTJwR3lEbXhVNWtGYVFtdENDa2dQVlllWn5B Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 27 Nov 2023 20:34:39 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQx6HmFIdop3aL-US6eCnWzzXFUU_sCu2FLtquPY1HlfSmHogTWRLpT4WF665b1LCmamg3gScZGh1QKLTK31MtTzQX9hrJfY2h0PTT6-TiaJ2IVKE3yOXT8XJPiuc9Ah0P876NmbWTe91dHHU9nf8iOnQ&google_hm=eS1ZMVF1RWN0RTJwR3lEbXhVNWtGYVFtdENDa2dQVlllWn5B content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame E2B7	43 B 363 B	120ms 27ms	Image image/gif	178.250.1.9 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSwJkKG6gnw6rJQorgEWVmM5DGFCEb2_0v53ToZN9ZYWnSuMi8IIm5gSD_N0VGw2MoJN6tMYzwkv-NPVkfddV3LNVNHAHs1obNkZlaLCYZJmwTLf2qaDcPtqnVuqVrgUPctoWyUIzqoW0nZreIJbsa1&google_gid=CAESEIh7Yn6C66LltAQQQH3F1Wo&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 271760 expires Mon, 27 Nov 2023 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame E2B7 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJA4iD-BhmK8ERYZO4NfE3o&google_cver=1&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0yB... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJA4iD-BhmK8ERYZO4NfE3o&google_cver=1&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthL... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3NzI0Njc4ODQxODYwMzc1OA&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0...	170 B 188 B	42ms 41ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3NzI0Njc4ODQxODYwMzc1OA&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0yB7L0ZsB1iADo-JIkr2iL4oUQP_hP69VsE2ICAN8n6IaM6P0n5_p0-FWePu38SzMfwcrgIf7umYXdqZA Protocol H3 Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDg3NzI0Njc4ODQxODYwMzc1OA&google_push=AXcoOmQg20G814FLIGJFZjBNl_9dPWN_u1Tdpwo0R4cuWej1ObXajrCP9PNd4XcirOADps1hthLqO0yB7L0ZsB1iADo-JIkr2iL4oUQP_hP69VsE2ICAN8n6IaM6P0n5_p0-FWePu38SzMfwcrgIf7umYXdqZA access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame E2B7	0 40 B	51ms 47ms	Image text/html	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kx24nRCIzccupRgAuOq8ytDAYZr-k6kbYoO-tQbsjYz9HFqIr9_Woqi7ePr_5Tw3Hfw3Wm Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-5625379829790606&output=html&h=90&adk=2375351246&adf=4099543842&pi=t.aa~a.3434894028~rp.4&w=1155&fwrn=4&fwrnh=100&lmt=1701117277&rafmt=1&to=qs&pwprc=1402822305&format=1155x90&url=https%3A%2F%2Fphishcheck.me%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701117277891&bpp=1&bdt=2202&idt=-M&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1155x280%2C1155x90%2C1200x90&nras=5&correlator=1375988515148&frm=20&pv=1&ga_vid=519375954.1701117277&ga_sid=1701117277&ga_hid=1901096425&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532599%2C44809315%2C31078297%2C31079653%2C44807764%2C44808148%2C44808285%2C44809055&oid=2&pvsid=4273893573988124&tmod=990909807&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=55 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	148ms 81ms	XHR application/json	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash dae6a542fe5fbb0b1c01fbe55e5b5788c6c5aa02eca584971ec1ef0bc38017fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12379 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	75ms 74ms	Script text/javascript	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5625379829790606&plah=phishcheck.me&bust=31079653 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 27 Nov 2023 20:34:39 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	48ms 46ms	Image image/gif	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.082876337468819 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Z8CuVo0Mk1Cv2ZoUOesxnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-security-policy script-src 'report-sample' 'nonce-Z8CuVo0Mk1Cv2ZoUOesxnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	49ms 47ms	Image image/gif	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.7890564336405295 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-MDb3WAPZ0qXR6-ha77T84w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-security-policy script-src 'report-sample' 'nonce-MDb3WAPZ0qXR6-ha77T84w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Show response fundingchoicesmessages.google.com/el/	0 28 B	42ms 41ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gWITbk8PaGaJ01Xo78ochQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gWITbk8PaGaJ01Xo78ochQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://phishcheck.me access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 0D30	42 B 64 B	70ms 70ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuibbOOfcdAvAmQJMuDYh3y5blM5BkFsbURdyFJ0_N9Q9E9C9vhq2JqnW238PW8W8NpXReQjaJU1-HyeNCuU2s1CcGlztMuQLbrjas_9aRt0W5GRDy_LFnlpJyYLypFqk7y3LKOWWol8gnb&sai=AMfl-YSZrlZ1iWTcS9wWAZF1inrhaUpZfYyACuoPcs47z-6PBNsyB6Q3fGXz1nJ9f-22g5OJMcdn9t1pABE3nXb2_mFgTmFM5TyqgB1efDhAO5d8_u9mLCp4A5ScFrZQpOESbXj5bq22AELa5VeufXub3g&sig=Cg0ArKJSzK984d2uRUfYEAE&cid=CAQSTwDICaaNCeKtEo2uPPWzBTGB60f2lkszQtG0G9hkouFvY1zuy1B49Dr0D4lhrSCZFeq8m7teT1hRAapdsd_YqUrN47ziChfix8NoX1P0z0wYAQ&id=lidar2&mcvt=1003&p=0,0,280,1155&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2508842873&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701117276728&rpt=1628&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F93	13 KB 5 KB	33ms 30ms	Document text/html	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers accept-ranges bytes age 11808 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 17:17:51 GMT expires Tue, 26 Nov 2024 17:17:51 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 8159	829 B 561 B	42ms 41ms	Document text/html	142.250.186.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f4.1e100.net Software GSE / Resource Hash 13833e46611406fafbb2472315172108108476162ce9b90da3281ef50e1e1988 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-h0AxrIbZEh9NAWIGVjqk8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://phishcheck.me/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-AT,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-h0AxrIbZEh9NAWIGVjqk8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 27 Nov 2023 20:34:39 GMT expires Mon, 27 Nov 2023 20:34:39 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response pagead2.googlesyndication.com/bg/ Frame 1F93	39 KB 15 KB	31ms 31ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software sffe / Resource Hash 18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 16:19:14 GMT content-encoding br x-content-type-options nosniff age 15325 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15296 x-xss-protection 0 last-modified Mon, 06 Nov 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 26 Nov 2024 16:19:14 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 8159	0 0	64ms 64ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4273893573988124&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 1F93	0 10 B	30ms 30ms	Image text/plain	142.250.184.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?yl6Oqw Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 5023	42 B 64 B	69ms 68ms	Fetch image/gif	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssV0iNqWNN6JMJDcB1gPmnES82sWlwlDaV5IXkpbpafDoNXvB15XiM7g-CQyFcWN4e5yC_fUNszC9ksV2vSO5Bg2WynoAtkwF06j_dsAIELGqnF0rsQCA352vS8UX581KIcdliPSjGvMvjj&sai=AMfl-YS_qFpB6c3VTnxdLQ3g6rKqoNwJxSThYDMM2cXypYYlYAGwYBVU7rxY054qAjI4wU5Sx4kWwo4TjpJIHKNZBhITOlQFgKMU3S5NmdR94JqUHbtOcUAceVzz4RSwRldPc54qd6oAIOwycdHeBHjtnw&sig=Cg0ArKJSzISkFy0oQzYHEAE&cid=CAQSTwDICaaNi1nu747pkHNfnIhUGlG4O1hSoWWtgP5PkJSUj1e7RNl5zoscdbfsVWiLe2ntRPTp20N3B8VgRU1VUyTADzLuIvTRt3tTU-S-QgkYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=366,1000,1000,1000,1000&tos=366,634,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701117277989&rpt=606&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 27 Nov 2023 20:34:39 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	leftads. Show response fundingchoicesmessages.google.com/f/AGSKWxV83HL1sAdxOBuGC7vlM4KhhzfPs8Fl8WJTiptcXhabNXwErBkv2V0M6nJwm_UptbtuSzBhl8WCY_27io6vgbwDf7bVDyXdLzFnvf_DQwg4y_jV54BWpUSyI0aFgbOohLCpYHz4uIC1LOIB8OkTvOGfm-7tu...	54 B 109 B	75ms 75ms	Script application/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV83HL1sAdxOBuGC7vlM4KhhzfPs8Fl8WJTiptcXhabNXwErBkv2V0M6nJwm_UptbtuSzBhl8WCY_27io6vgbwDf7bVDyXdLzFnvf_DQwg4y_jV54BWpUSyI0aFgbOohLCpYHz4uIC1LOIB8OkTvOGfm-7tuTiAIkapGA4RKA7V8yBeHT-AU5oPerxe/_/ad-sidebar-/sisterads./adleftsidebar._adnetwork./leftads. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash 69a16add1dfa9f1c77e92262d0ffa3b6e43bf323cfe6c2dba3c4cd0e2034e13f Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MDyCzhud6We1jdcmCksdYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MDyCzhud6We1jdcmCksdYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	google_top_exp.js Show response pagead2.googlesyndication.com/pagead/js/	47 B 67 B	38ms 37ms	Script text/javascript	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMx-VBI7cufk83j17-qyMs5NHKqYbA/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software cafe / Resource Hash ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:32:49 GMT content-encoding br x-content-type-options nosniff age 110 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 server cafe etag 13036835877489095579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 11 Dec 2023 20:32:49 GMT
POST H3	204	AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Show response fundingchoicesmessages.google.com/el/	0 28 B	47ms 46ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Pa7IC32YDJsc49enxW-fuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:39 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Pa7IC32YDJsc49enxW-fuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://phishcheck.me access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Show response fundingchoicesmessages.google.com/el/	0 28 B	40ms 40ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cVqJd8HDYH5gR7GUKOZGmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:40 GMT content-security-policy script-src 'report-sample' 'nonce-cVqJd8HDYH5gR7GUKOZGmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://phishcheck.me content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Show response fundingchoicesmessages.google.com/el/	0 28 B	43ms 43ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-k4seW3Fu6NT919z8OEYFGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:40 GMT content-security-policy script-src 'report-sample' 'nonce-k4seW3Fu6NT919z8OEYFGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://phishcheck.me content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Show response fundingchoicesmessages.google.com/el/	0 28 B	50ms 50ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVVg-jjhizDHAhCxGd9I5R5wh_7ZdxmDSxUQP6xdCpTp-v5MeLBTTgFFdSmcloEqkaAgSzsM7nwIQILysl2qEn8ddQqjbhtEIFg1qgBBmageW9iPsHl2TkwCTDF3-sE7uBSy-vmrA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sVm5zI7mtOOUrC0YOkfR_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:40 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-sVm5zI7mtOOUrC0YOkfR_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://phishcheck.me content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxVUw47DK4_Wa9xor9pBNogf0NaE6PAXHxX28SEPYFufX9EdlZyBgG1NyOzi-SGG8A6xRekDfSUybBHC4E-KPiFUy-9kPRAGLj09GKeCX342V6C3j58akAcbmmokqPEjyxWBgjUIlA== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	61ms 60ms	Script application/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVUw47DK4_Wa9xor9pBNogf0NaE6PAXHxX28SEPYFufX9EdlZyBgG1NyOzi-SGG8A6xRekDfSUybBHC4E-KPiFUy-9kPRAGLj09GKeCX342V6C3j58akAcbmmokqPEjyxWBgjUIlA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxMTE3MjgwLDU1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNywxMCw2XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9waGlzaGNoZWNrLm1lLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash 3e876971a248fbfe0066d8069884034f2c14d9b3fbf47e091f6f20833316431b Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rost118ki7VsGdn6JftOMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Mon, 27 Nov 2023 20:34:40 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-rost118ki7VsGdn6JftOMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	68ms 68ms	Image text/html	216.58.212.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4273893573988124&bg=!lZalltnNAAZxrfrxUa07ADQBe5WfOPI4NCic8LUMN5dTxbTvALwrtnyPKQE_yVeTorf07a3TQ5PF7oVrO-NBDAgZPzRaAgAAAFZSAAAAA2gBBwoAjf6fO2LRUXGKzmQnX783auuyPbN4g7xcslZzaXPzLqe6yAU1WBAVdhcp_O2O2SAByQw7yi3kOphzOo5i-lw4hkHauQx8QVpO3GRXI7JoEV9eT1Q3c6tWSPMYo8gDTuqFoESnEBbdRd4Zu5IXW3i_zd2xHLWo2saRXRHyOi8CAtke42rVX9WQJxG9jfSIfZkCwIqStCtTgHnubM65ycAZ2wGjyq0g1ht_hpm5lPVNUivji7J50xrBG4u2dC46TvS2EwiyeTQGUwsBtQyNXMu0lvF9_clxtBwH1waMIphAVnll7k_h_eveLquvrqlyRcvdEO4yh2Q4_Mbzw2lRga4pyVs7SEkBLFwaETXI4gSd7szKnNSVVkkK3ZHp2M2Ionkq7g-yAFHjjeWCmfIg1Mxa-TZh0e5pmjDQYgdPhdjKF1BGx3d1e_4q1yT_fBe5U0Hy7Ivmw4N7zWBJdjxeIv4SNsx8lzCEiasGF0sgmu53ZnzL4nkS-hZommmLDxP0qGBqqcFmJHxNND0UbUipr7ZPMQNSqhOMPWT7dMXDQsQPkcNnyFetJ5hI7PQKOYlrhVKki58s23vrB-o3ioxHJwdv_NihndiW8Dc912Y-YSZ-BYd8tbLZOvzkn91ws38xJiWY59d4iUN0z5SUJrQDtftWqrfkeGXVa_rPfMsJ6V9GuG-jIEb-Z4ZW9tBRNELg-OdCjJYCmFwM62p1ehM94TRhoFifPBBC9q6NWwsWPYcN1xlIR3aTfQQQnFx24FJOEkrXutNcu7HiyB478JYc-Q7LB-Unk9hQWe6LzrsalbQrzAep3xmPqkOE_nY5bUj6VsJqffgsiCzdyef4CZTFYl3SV3EcpUsugeXidtrDul7Uz9LlDIewq5rQa_10Zzh5s_fTmVVAqj3nBzGDqckix8LNnYH_FRU7CAY-wzmMPPn-lj-HU-K_X3mKtYEdpUxg4FaSLa7Q7AHQLTP117ko8C7KEp9JkgYWgY3fxFYr8nr4bG-9dwmeqEyi-lZip17CrJwQ8OafqtExDK1yhTHADADXBPHV2eSmaT4vbPODqgupqH4ayhyM7FoGk8G6ltErwMILMEsIqBEMyF5t4xF7lfV0pzw02Rw_l5OrumrHT8cz9fPW Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.212.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f162.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-AT,de;q=0.9 Referer https://phishcheck.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers
POST H3	204	AGSKWxUjXwLpDq9cPFaUmDW-BCO2rEOmb-msRB5ldQunbHaS45CwnEdti6aS6-xZmRTQjDrB9aZAZK_mcDPHGLoUhyRbX6vVtCz5f7COiR0y_vr3lBiCFDSux_eovUQwiRzZKLcCdPcAqA== Show response fundingchoicesmessages.google.com/el/	0 28 B	48ms 48ms	XHR text/html	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUjXwLpDq9cPFaUmDW-BCO2rEOmb-msRB5ldQunbHaS45CwnEdti6aS6-xZmRTQjDrB9aZAZK_mcDPHGLoUhyRbX6vVtCz5f7COiR0y_vr3lBiCFDSux_eovUQwiRzZKLcCdPcAqA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMyTmwD9vZzPw60_wPGGncvG1CmM1A/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fTYItHHuenBlIzig6dfhQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://phishcheck.me/ accept-language de-AT,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Nov 2023 20:34:40 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fTYItHHuenBlIzig6dfhQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://phishcheck.me access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ads.avct.cloud

URL

https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle