find-open.com Open in urlscan Pro
148.72.168.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Submission: On January 07 via api (January 7th 2022, 12:00:35 pm UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 14 domains to perform 91 HTTP transactions. The main IP is 148.72.168.26, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is find-open.com. The Cisco Umbrella rank of the primary domain is 779158.
TLS certificate: Issued by R3 on December 16th 2021. Valid for: 3 months.

This is the only time find-open.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	148.72.168.26 148.72.168.26	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:d1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:bef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.194.114.119 18.194.114.119	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
91	17

20 148.72.168.26 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: find-open.com

find-open.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d1c (United States)

ASN13335 (CLOUDFLARENET, US)

osm.cylex-international.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bef (United States)

ASN13335 (CLOUDFLARENET, US)

media.cylex.us.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.114.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-114-119.eu-central-1.compute.amazonaws.com

trk.uberall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	348 KB
20	find-open.com find-open.com — Cisco Umbrella Rank: 779158	169 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	92 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	219 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258 fonts.googleapis.com — Cisco Umbrella Rank: 37	101 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	111 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
1	google.se adservice.google.se — Cisco Umbrella Rank: 50505	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 745	646 B
1	uberall.com trk.uberall.com	767 B
1	us.com media.cylex.us.com	6 KB
1	cylex-international.com osm.cylex-international.com — Cisco Umbrella Rank: 164991	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	41 KB
91	14

	Domain	Requested by
20	find-open.com	find-open.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	find-open.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	find-open.com googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com find-open.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	ajax.googleapis.com	find-open.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.se	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	trk.uberall.com	find-open.com
1	media.cylex.us.com	find-open.com
1	osm.cylex-international.com	find-open.com
1	www.googletagmanager.com	find-open.com
91	18

This site contains links to these domains. Also see Links.

Domain
www.google.com
locations.arvest.com
www.cylex.us.com

Subject Issuer	Validity	Valid
find-open.com R3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.uberall.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-30` - `2022-12-31`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Frame ID: B2A94EECA804067974A0B1E4887B22EE
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html
Frame ID: 1A8AEAAD8D8438C8B20078F5CE1A186C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=90&slotname=1988028696&adk=3476610803&adf=282760994&pi=t.ma~as.1988028696&w=728&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831399&bpp=12&bdt=482&idt=152&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=3771327123066&frm=20&pv=2&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q73ZYuY8wt&p=https%3A//find-open.com&dtd=172
Frame ID: 06CCABBC8EDC9BB6C84FC019E9404F93
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=6143794965&adk=1069321843&adf=1066219581&pi=t.ma~as.6143794965&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831415&bpp=2&bdt=498&idt=160&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1988028696&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=241&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3q8GVWqdhP&p=https%3A//find-open.com&dtd=162
Frame ID: 44DDAF9A25DDFD9BA19DE515C4365B8F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&adk=1812271804&adf=3025194257&lmt=1641556831&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831425&bpp=2&bdt=508&idt=155&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1988028696%2C6143794965&nras=1&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=159
Frame ID: 180C4A6151ED2410EE9EA635F839186F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=1023330220&adk=4036564763&adf=1587067543&pi=t.ma~as.1023330220&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831447&bpp=2&bdt=530&idt=139&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1988028696%2C6143794965&nras=1&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7uYfcQrHiV&p=https%3A//find-open.com&dtd=141
Frame ID: 8C0B1075AFAAAEB0D39210DDAF22DB3A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 772DF46057F88E81D3B76849568E5D04
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 2FE909A47E3F3D90D47F4052BFA95BD7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 92B71345D3F9FEADDDCCB67FDDEC0087
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js
Frame ID: 26CD4B2440B6447D3C9DD305BD4DE196
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 43A95FA0C8684E38E62822B9E2944DA2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8FFAF273B1777423EC6024E8526B1742
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arvest Bank ATM Broken Arrow opening hours 2251 North 9th Street | FindOpen

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

91
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

18
Subdomains

17
IPs

2
Countries

1147 kB
Transfer

2856 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/maps/dir/?api=1&destination=36.07386,-95.77885
Title: Route planning

Search URL Search Domain Scan URL

URL: https://locations.arvest.com/ll/US/OK/Broken-Arrow/2251-N-9th-Street
Title: Website

Search URL Search Domain Scan URL

URL: https://www.cylex.us.com/company/arvest-bank-atm-128224.html
Title: Find more info on Cylex

Search URL Search Domain Scan URL

URL: https://www.cylex.us.com/company/arvest-bank-atm-128224.html#reviews
Title: See Reviews

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

91 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request arvest-bank-atm-3536343 Show response
find-open.com/broken-arrow/ 88 KB
24 KB 1166ms
775ms Document
text/html 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

find-open.com

Software

nginx/1.10.3 /

Resource Hash

1bcabf7f2e538dfe079a36d05d17e53e34ebc193267a9bf71128b0c3dc518606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.10.3
date: Fri, 07 Jan 2022 12:00:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff nosniff
content-language: en-us
x-frame-options: SAMEORIGIN DENY
x-ua-compatible: IE=edge
x-generator: Drupal 7 (http://drupal.org)
strict-transport-security: max-age=15768000 max-age=63072000; includeSubdomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 px.js Show response
find-open.com/sites/all/modules/custom/cylex_adsense/ 344 B
452 B 127ms
126ms Script
application/javascript 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/all/modules/custom/cylex_adsense/px.js?ch=1
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 48bef93934aa64cc3e243526a642aa9b29dd750c16e7ee2c5d71d0d3e22f5c47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2019 10:25:10 GMT
server: nginx/1.10.3
etag: W/"5c5ab606-158"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 07 Jan 2023 12:00:30 GMT

GET
H2 200 px.js Show response
find-open.com/sites/all/modules/custom/cylex_adsense/ 344 B
452 B 127ms
126ms Script
application/javascript 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/all/modules/custom/cylex_adsense/px.js?ch=2
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 48bef93934aa64cc3e243526a642aa9b29dd750c16e7ee2c5d71d0d3e22f5c47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2019 10:25:10 GMT
server: nginx/1.10.3
etag: W/"5c5ab606-158"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Sat, 07 Jan 2023 12:00:30 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 61ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf5b2c7f6c2850f595633d95eda93f1e518629831abb24042edaebe4194f9702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51811
x-xss-protection: 0
server: cafe
etag: 9638630248966391071
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 12:00:31 GMT

GET
H2 200 fontello.woff2
find-open.com/sites/all/themes/custom/cylex/fonts/fontello/font/ 14 KB
14 KB 127ms
126ms Font
application/octet-stream 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/all/themes/custom/cylex/fonts/fontello/font/fontello.woff2?12102612
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: f08251917437169e68c3249157109ae9edfe23e403ef3acd024151c2b6ee21e4

Request headers

Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Origin: https://find-open.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
last-modified: Mon, 12 Jul 2021 07:09:13 GMT
server: nginx/1.10.3
etag: "60ebea99-36d4"
content-type: application/octet-stream
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14036
expires: Sun, 06 Feb 2022 12:00:30 GMT

GET
H2 200 fontello.woff2
find-open.com/sites/all/themes/custom/cylex/fonts/fontello/font/ 14 KB
14 KB 252ms
250ms Font
application/octet-stream 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/all/themes/custom/cylex/fonts/fontello/font/fontello.woff2
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: f08251917437169e68c3249157109ae9edfe23e403ef3acd024151c2b6ee21e4

Request headers

Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Origin: https://find-open.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
last-modified: Mon, 12 Jul 2021 07:09:13 GMT
server: nginx/1.10.3
etag: "60ebea99-36d4"
content-type: application/octet-stream
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 14036
expires: Sun, 06 Feb 2022 12:00:30 GMT

GET
H2 200 logo.png
find-open.com/sites/all/themes/custom/cylex/ 2 KB
2 KB 127ms
126ms Image
image/png 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/themes/custom/cylex/logo.png
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: fb257abb783303b884cb7eeddce56606d43cf47c7e5f83a060fd1215f3bedff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Thu, 27 Sep 2018 07:49:53 GMT
server: nginx/1.10.3
etag: "5bac8ba1-837"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2103
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 css__9cWqptSUNYq5YedfIwh33VxtugFVWjDdEsblT8GhLKI__quUjyhSfbEukHj8a0hYvzm9VTmPALmSZvA0xfM_Oxzo__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
find-open.com/sites/fo_find_open_com/files/advagg_css/ 3 KB
1 KB 128ms
126ms Stylesheet
text/css 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__9cWqptSUNYq5YedfIwh33VxtugFVWjDdEsblT8GhLKI__quUjyhSfbEukHj8a0hYvzm9VTmPALmSZvA0xfM_Oxzo__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 87e9685a9b98ff1bee63f5adf1bc5bbbadecea882958aa9043e7ea459a30c788

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 07:52:09 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 1055
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css__BUeXjJK1cs8_TfjH0WFywi3hTrvTwBLDrmOsqDsHn7A__QL3_X1Ie2lQZB_ZZ6SJ44BdZNXbJ1gecpjANPh3dIkM__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
find-open.com/sites/fo_find_open_com/files/advagg_css/ 1 KB
783 B 252ms
250ms Stylesheet
text/css 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__BUeXjJK1cs8_TfjH0WFywi3hTrvTwBLDrmOsqDsHn7A__QL3_X1Ie2lQZB_ZZ6SJ44BdZNXbJ1gecpjANPh3dIkM__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: cb7f538d82717f737d29ecf75ce495d24ebc80287d7daec6404163dd09070bc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Sat, 20 Feb 2021 07:54:36 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 567
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css__bB1QSHlBKQo-Nql23VnwqE_E1ZNi6IDT_H2aEOymPNk__JC4f6_qwYynT4W9l_eC2K-ny5EPn7hpd2kcQcdi8s5Q__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
find-open.com/sites/fo_find_open_com/files/advagg_css/ 42 KB
8 KB 252ms
251ms Stylesheet
text/css 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__bB1QSHlBKQo-Nql23VnwqE_E1ZNi6IDT_H2aEOymPNk__JC4f6_qwYynT4W9l_eC2K-ny5EPn7hpd2kcQcdi8s5Q__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 92caa4d6b9e33a4e64b960908fecf4de3216621aedcb18fc548aa58d22aca4e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 11:06:51 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 8258
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
find-open.com/sites/fo_find_open_com/files/advagg_css/ 198 KB
33 KB 253ms
252ms Stylesheet
text/css 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 0d81a24356ed03dcbdae7a18f44247ed0212f90141f231920dc907e8b2ab672b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 14:24:45 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 33200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:36:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jan 2023 23:36:52 GMT

GET
H2 200 js__H5AFmq1RrXKsrazzPq_xPQPy4K0wUKqecPjczzRiTgQ__JIy-3lUpq3qC8JjvfOMkqOB8loYzuE93VQgLvC7HpVM__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js Show response
find-open.com/sites/fo_find_open_com/files/advagg_js/ 23 KB
8 KB 253ms
252ms Script
application/javascript 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_js/js__H5AFmq1RrXKsrazzPq_xPQPy4K0wUKqecPjczzRiTgQ__JIy-3lUpq3qC8JjvfOMkqOB8loYzuE93VQgLvC7HpVM__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: d171e9129940ba2ef949b54e6b4358e6f77855ff1ed4f0656339d96aef5990aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 09:02:04 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 7790
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 72ms
32ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 02:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 02:16:39 GMT

GET
H2 200 js__MMeB9Tnp1nHVY34IsIWSW-WmL38G1TogTLTPbKbpSW0__tuFkU5FC4aPkz6QA-sDV8eGfdkY-5gS3XsYe_L9l5wE__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js Show response
find-open.com/sites/fo_find_open_com/files/advagg_js/ 21 KB
7 KB 253ms
253ms Script
application/javascript 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_js/js__MMeB9Tnp1nHVY34IsIWSW-WmL38G1TogTLTPbKbpSW0__tuFkU5FC4aPkz6QA-sDV8eGfdkY-5gS3XsYe_L9l5wE__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: aa733da5e2430f00a4969b05913573f485eb3114614af302b3430e044e4614e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:30 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 09:02:04 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 6462
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 check.png
find-open.com/sites/all/themes/custom/cylex/images/icons/ 591 B
787 B 127ms
127ms Image
image/png 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/themes/custom/cylex/images/icons/check.png
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 2f0d4d9b650f65496ed77b6187149cfdaf3018f8289ed28361c1065660726ff4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Tue, 19 Nov 2019 07:50:48 GMT
server: nginx/1.10.3
etag: "5dd39ed8-24f"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 591
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 image_placeholder.gif
find-open.com/sites/all/modules/modified/lazyloader/ 2 KB
2 KB 128ms
127ms Image
image/gif 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/modules/modified/lazyloader/image_placeholder.gif
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 64755916bfcc7b6b2d39982af788b37ee5ea30c6763fac8f3248e9bb79184c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Thu, 27 Sep 2018 07:49:51 GMT
server: nginx/1.10.3
etag: "5bac8b9f-75f"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 1887
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 112 KB
40 KB 74ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d1426e3bb667edadcc95514bf4b8a4c74a216bc2d4fa07ded0f63fbd88867d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40194
x-xss-protection: 0
server: cafe
etag: 5556440150131422388
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 12:00:31 GMT

GET
H2 200 js__F5T9ejgqpYKj9F9fMTl70g5fJZCh2VQ7syNNcKMCXM4__0Vx6fyJCUSW7xN4nWp3F1XgGrwycZlcrzvDX_9TJgps__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js Show response
find-open.com/sites/fo_find_open_com/files/advagg_js/ 114 KB
29 KB 127ms
127ms Script
application/javascript 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://find-open.com/sites/fo_find_open_com/files/advagg_js/js__F5T9ejgqpYKj9F9fMTl70g5fJZCh2VQ7syNNcKMCXM4__0Vx6fyJCUSW7xN4nWp3F1XgGrwycZlcrzvDX_9TJgps__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 7aef88eb28a8d63283f7b1fda589c73f7401e1b3356e3ce32faae16c35299219

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 11:06:54 GMT
server: nginx/1.10.3
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, max-age=31449600, no-transform, public
content-length: 29122
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 96ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,300,400,700&display=swap

Requested by

Host: find-open.com
URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41481f61d818545679d0ddcae8f4470877333aa4eb78aa2ba253a166a3326d17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 11:10:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 12:00:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 12:00:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 407 B
394 B 104ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:700i&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47e757a346bdfdad8c36c84b488ab7882c5c3e0eaa509c6a67769bed84bf4a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 10:49:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 12:00:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 12:00:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
41 KB 82ms
40ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-55TTSL5

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79bf1d4e3259757ef48c9fa044194ff6564395d9595fb4cf4cbff5ebde1ab68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41570
x-xss-protection: 0
expires: Fri, 07 Jan 2022 12:00:31 GMT

GET
H2 200 corona.png
find-open.com/sites/all/modules/custom/opening_times/img/ 574 B
769 B 126ms
126ms Image
image/png 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/modules/custom/opening_times/img/corona.png
Requested by: Host: find-open.com
URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__bB1QSHlBKQo-Nql23VnwqE_E1ZNi6IDT_H2aEOymPNk__JC4f6_qwYynT4W9l_eC2K-ny5EPn7hpd2kcQcdi8s5Q__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 48b8d11b6761c54720d0c311dc6777bd88ac15b088b3b28e7a6085d061355de8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__bB1QSHlBKQo-Nql23VnwqE_E1ZNi6IDT_H2aEOymPNk__JC4f6_qwYynT4W9l_eC2K-ny5EPn7hpd2kcQcdi8s5Q__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Tue, 17 Mar 2020 13:55:57 GMT
server: nginx/1.10.3
etag: "5e70d6ed-23e"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 574
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 60ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://find-open.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 598109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 51ms
36ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,700italic,300,400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://find-open.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:44:20 GMT
x-content-type-options: nosniff
age: 598571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:44:20 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0861131141565382&plah=find-open.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0227266e7f6a755f6edcdd4ced8e12f1fbed6f02e51e9ec2dfaba60bde53d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 1740243665408384086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jan 2022 12:00:31 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/ Frame 1A8A 11 KB
5 KB 58ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220104/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 06 Jan 2022 16:07:57 GMT
expires: Thu, 20 Jan 2022 16:07:57 GMT
content-type: text/html; charset=UTF-8
etag: 2196020943555189384
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4873
x-xss-protection: 0
age: 71554
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 doc.png
find-open.com/sites/all/themes/custom/cylex/images/icons/ 269 B
464 B 127ms
126ms Image
image/png 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/themes/custom/cylex/images/icons/doc.png
Requested by: Host: find-open.com
URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: f69a0ba259b5b53ab5e7d00a0002dfa344e6ed3a8c9144832b551af2e5dbb1b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Thu, 27 Sep 2018 07:49:52 GMT
server: nginx/1.10.3
etag: "5bac8ba0-10d"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 269
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 location.png
find-open.com/sites/all/themes/custom/cylex/images/icons/ 361 B
556 B 127ms
127ms Image
image/png 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/themes/custom/cylex/images/icons/location.png
Requested by: Host: find-open.com
URL: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 075c12ec09ad99e3713e1a3466818969f4a1aca8bbfe02b4f1916af385d3084a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/sites/fo_find_open_com/files/advagg_css/css__o5raxwI0Cfomr9uoTNW8XOUCKxt80otEnNsPZddqwqk__LTSslGKulhzZU28wqJEfYjGgPUPpIbugobloRBUN-3I__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Thu, 27 Sep 2018 07:49:52 GMT
server: nginx/1.10.3
etag: "5bac8ba0-169"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 361
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 staticmap.php
osm.cylex-international.com/osm/staticmaplite/ 37 KB
38 KB 292ms
234ms Image
image/png 2606:4700:20::681a:d1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://osm.cylex-international.com/osm/staticmaplite/staticmap.php?center=36.07386,-95.77885&zoom=15&markers=36.07386,-95.77885&size=1600x200&maptype=tm_na
Requested by: Host: find-open.com
URL: https://find-open.com/sites/fo_find_open_com/files/advagg_js/js__F5T9ejgqpYKj9F9fMTl70g5fJZCh2VQ7syNNcKMCXM4__0Vx6fyJCUSW7xN4nWp3F1XgGrwycZlcrzvDX_9TJgps__DQCGZ613gHtucIyM0R7ORklgUk8lHKCtrJw80nGnCxY.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3e0a82296631403a47a1e0d136a7cfc4bfe52e6afe0b6f7479e4e684d5e08a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Fri, 07 Jan 2022 12:00:31 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Jan 2022 12:00:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH5A2xtn1w2ek9bnBGkaz4KQgw6pdSHi%2Boqim5I4PjbECPWZqVLPdbFe0dg0ITzmioUMnvWwojMH5qbvO%2BEKuCs8heHSRlwl%2BJqFlsJyc%2BL0%2BLYVJ3pSwmei5jJQVvp6EI18bvPAbOEKp0I5Uw9ptwX6Bm2ZTvuzig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, maxage=1209600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c9d06b54ddc693d-FRA
expires: Fri, 21 Jan 2022 12:00:31 GMT

GET
H2 200 loader-7.gif
find-open.com/sites/all/modules/modified/lazyloader/loader/ 2 KB
3 KB 126ms
126ms Image
image/gif 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/modules/modified/lazyloader/loader/loader-7.gif
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: 483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Thu, 27 Sep 2018 07:49:51 GMT
server: nginx/1.10.3
etag: "5bac8b9f-9f1"
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 2545
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 logo.jpg
media.cylex.us.com/companies/1497/3/logo/ 5 KB
6 KB 326ms
259ms Image
image/jpeg 2606:4700:20::681a:bef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.cylex.us.com/companies/1497/3/logo/logo.jpg

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e240b66bb9e71a4dc46f0aa6f12a9749533f18a768a5654a40187fd9de06882

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.cylex.us.com
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=16000000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4935
x-xss-protection: 1;mode=block
last-modified: Thu, 06 Oct 2016 20:24:47 GMT
server: cloudflare
etag: "57f6b30f-1347"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5f%2BkBTHXJWtL5GkXlqxCuhkHGXLQ%2B%2BIUuTfZ25Wr%2FZzVAUXQorcEnmKd3HLCjsVdtHGVnHT%2FVkLE93a0f7MOYUA4ZiY5vs9vefxRLBTVtR%2F%2F1LrZn2B8WeyHzB7M5fwwW%2F4XRnftjuAX%2FKt5ZX1pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
content-security-policy: frame-ancestors *.cylex.us.com
accept-ranges: bytes
cf-ray: 6c9d06b57fca6921-FRA
expires: Sun, 06 Feb 2022 12:00:31 GMT

GET
H2 200 bg-reg-comp-small.webp
find-open.com/sites/all/themes/custom/cylex/images/ 20 KB
21 KB 127ms
126ms Image
image/webp 148.72.168.26
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://find-open.com/sites/all/themes/custom/cylex/images/bg-reg-comp-small.webp
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 148.72.168.26 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: find-open.com
Software: nginx/1.10.3 /
Resource Hash: a98a8c1fcf9a7e34e575605b17fd9f174452a094ae112178045b97fd847fd26e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
last-modified: Mon, 12 Jul 2021 07:09:13 GMT
server: nginx/1.10.3
etag: "60ebea99-5150"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 20816

GET
H/1.1 200 trkpxl
trk.uberall.com/ 400 B
767 B 104ms
37ms Image
image/gif 18.194.114.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.uberall.com/trkpxl?trkId=2350b76c4792384d9257ae06c47c7673e78040909de231a95f0735502a25204e&type=IMPRESSION&ids=66007077
Requested by: Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.114.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-114-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9dd61c4314bd5c5c2f82005ed146e414560b322e7139e6faaac0a1423aa11f01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 12:00:30 GMT
Content-Disposition: attachment;filename="trk.gif"
Connection: keep-alive
Content-Length: 400
X-Application-Context: application:production:9000
Content-Type: image/gif;charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-55TTSL5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1537
date: Fri, 07 Jan 2022 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 07 Jan 2022 13:34:54 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
646 B 68ms
25ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=find-open.com&callback=_gfp_s_&client=ca-pub-0861131141565382

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0861131141565382&plah=find-open.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c33fbb962a91594304676e8eecc5a3e182e33838e562db43f48c9686b8a45bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 67ms
26ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=find-open.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 67ms
26ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=find-open.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Jan 2022 12:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06CC 80 KB
29 KB 777ms
752ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=90&slotname=1988028696&adk=3476610803&adf=282760994&pi=t.ma~as.1988028696&w=728&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831399&bpp=12&bdt=482&idt=152&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=3771327123066&frm=20&pv=2&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q73ZYuY8wt&p=https%3A//find-open.com&dtd=172

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efd81226061af77cadb9a72f4f3e5bd28bdd97d89f4fabe07dd72ae68f5d25fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Jan 2022 12:00:32 GMT
server: cafe
content-length: 29313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 12:00:32 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 44DD 83 KB
29 KB 1344ms
1325ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=6143794965&adk=1069321843&adf=1066219581&pi=t.ma~as.6143794965&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831415&bpp=2&bdt=498&idt=160&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1988028696&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=241&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3q8GVWqdhP&p=https%3A//find-open.com&dtd=162

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

945e3633488966e4de9cb574d2e0f999497ada947d27f82116ae18ac8ef19863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Jan 2022 12:00:32 GMT
server: cafe
content-length: 29507
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 12:00:32 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&tn=DIV&id=header&cls=navbar%20white-block-header%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 12:00:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 180C 0
19 B 108ms
96ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&adk=1812271804&adf=3025194257&lmt=1641556831&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831425&bpp=2&bdt=508&idt=155&shv=r20220104&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1988028696%2C6143794965&nras=1&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Jan 2022 12:00:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 12:00:31 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C0B 85 KB
29 KB 937ms
928ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=1023330220&adk=4036564763&adf=1587067543&pi=t.ma~as.1023330220&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831447&bpp=2&bdt=530&idt=139&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1988028696%2C6143794965&nras=1&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7uYfcQrHiV&p=https%3A//find-open.com&dtd=141

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1d99c110d19d50b6ba40b521218842d03be1afaa9b4a720a414d25bee22e917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 07 Jan 2022 12:00:32 GMT
server: cafe
content-length: 29577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 12:00:32 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 45ms
22ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=998615552&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&ul=en-us&de=UTF-8&dt=Arvest%20Bank%20ATM%20Broken%20Arrow%20opening%20hours%202251%20North%209th%20Street%20%7C%20FindOpen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=InterestPages&ea=Category%3A%20Banks%20%26%20ATMs&el=Brand%3AArvest&_u=YAhAAAABAAAAAC~&jid=1948947289&gjid=594556123&cid=240156841.1641556832&tid=UA-68946875-15&_gid=852859162.1641556832&_r=1&gtm=2wg15055TTSL5&cd1=Banks%20%26%20ATMs&cd2=Broken%20Arrow%2C%20OK&cd3=company_profile-b-c-p&cd4=Arvest&z=272289157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://find-open.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 12:00:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://find-open.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
15ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=998615552&t=pageview&_s=1&dl=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&ul=en-us&de=UTF-8&dt=Arvest%20Bank%20ATM%20Broken%20Arrow%20opening%20hours%202251%20North%209th%20Street%20%7C%20FindOpen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAAABAAAAAC~&jid=&gjid=&cid=240156841.1641556832&tid=UA-68946875-15&_gid=852859162.1641556832&gtm=2wg15055TTSL5&z=1745635867

Requested by

Host: find-open.com
URL: https://find-open.com/broken-arrow/arvest-bank-atm-3536343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 03:03:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32206
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 06CC 3 KB
579 B 50ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=90&slotname=1988028696&adk=3476610803&adf=282760994&pi=t.ma~as.1988028696&w=728&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831399&bpp=12&bdt=482&idt=152&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=3771327123066&frm=20&pv=2&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q73ZYuY8wt&p=https%3A//find-open.com&dtd=172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 11:54:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 12:00:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 06CC 1 KB
960 B 63ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:57:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 06CC 19 KB
8 KB 56ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:57:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 06CC 2 KB
1 KB 60ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:54:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06CC 120 KB
37 KB 79ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 06CC 15 KB
6 KB 57ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:55:06 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 06CC 27 KB
12 KB 58ms
16ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 14:00:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 06CC 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKtUUXyvYYdTtJenH7_UP_s-TyAK65OGnZ8GuotWwDvWY4PPKARABIM27iglg8eWJhtAfoAH5gab6AsgBAakCTfoPEapbfT6oAwHIA8sEqgTxAU_Q93YA6547T1N3mq9oSCgjK4Qi3qRg5ws9urUAEmI8HNU1OnMF4KstpSkpcFlWR5zgz5Ez7Zyoxx0Xb_MsOhHVJu-V1WwfdiUCyTsU4vUJsdT3D18jlGB-A35pepjdSTXtYFMsm2zcqEbPjq1eZ7NFRFIiK1Z_nOQeUu_e0eCBtQPPxnWB5r1KGrOye4NDyQaUkNbIL5M4GB-OFxPZg2sG7Nj-37oDScCpa5izCezlGQXbxqaF_ORKwjLLuuB-JL0JF-fFnkinuGxZlmZBghq4v-pCAtXlOhYPDPEwSsnmwSOmTjyX4nhYUXlIbwTXjUjABMnX5JjfA5IFBAgEGAGSBQQIBRgEgAfv_dmFAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOD0QtIICQiA4YAQEAEYH4AKAcgLAdgTAogUAtAVAYAXAbIXHAoaCAASFHB1Yi0wODYxMTMxMTQxNTY1MzgyGAA&sigh=XPap1H3rtNw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=90&slotname=1988028696&adk=3476610803&adf=282760994&pi=t.ma~as.1988028696&w=728&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831399&bpp=12&bdt=482&idt=152&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=3771327123066&frm=20&pv=2&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q73ZYuY8wt&p=https%3A//find-open.com&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 Jan 2022 12:00:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 772D 143 B
163 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=90&slotname=1988028696&adk=3476610803&adf=282760994&pi=t.ma~as.1988028696&w=728&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831399&bpp=12&bdt=482&idt=152&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=3771327123066&frm=20&pv=2&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=617&ady=774&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=q73ZYuY8wt&p=https%3A//find-open.com&dtd=172

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 07 Jan 2022 11:04:55 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 772D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

161ms
160ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Jan 2022 12:00:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Jan 2022 12:00:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 07 Jan 2022 12:00:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 06CC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d06c6c3c58f4a072f258d84c57e591cb48f11db5eb63dfc5a5eb776d344a673b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 06CC 21 KB
21 KB 43ms
19ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 03 Jan 2022 18:21:26 GMT
x-content-type-options: nosniff
age: 322746
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 03 Jan 2023 18:21:26 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 06CC 21 KB
21 KB 38ms
17ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 600161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:17:51 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8C0B 3 KB
579 B 26ms
26ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=1023330220&adk=4036564763&adf=1587067543&pi=t.ma~as.1023330220&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831447&bpp=2&bdt=530&idt=139&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1988028696%2C6143794965&nras=1&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7uYfcQrHiV&p=https%3A//find-open.com&dtd=141

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 11:59:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 12:00:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 8C0B 1 KB
880 B 50ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:57:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 8C0B 19 KB
8 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:57:43 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 8C0B 2 KB
1 KB 45ms
25ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:54:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C0B 120 KB
37 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 8C0B 15 KB
6 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:55:06 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 8C0B 27 KB
11 KB 39ms
16ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 14:00:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C0B 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CLbOLXyvYYfDfJZvR7_UPsP6F8A6g44ylYrjM4rDhC7CQHxABIM27iglg8eWJhtAfoAGXkOG_A8gBAagDAcgDywSqBOwBT9DHAEQGlhrnG35-aXyjYOsgfuUTPA7q4eKJPAnQIDU1nkeMcL-aoakdt_VoIn8TV82ypRVXVYVl5tfoSbsFRsaIxwkyCCjKJIA9SHbv4U0Ew1enmdIwwCwaBHzu08KBYrjkf-Eiw5mwZs9mDeOdpRRfDFw8QKQZEN-j-_IfAlhqBXxVU2LnQC98bw1mdk4HgwO5f0JNcEyZh_bR7GvBqHYharv3bpwmE8EysdkxOGGQw9IKbDcnBkPN2lUZuJFjfRYbR3Bhix1OjXUvn62yBStqFBU1YfqOB9XaBkDxvLExAeLVaHVa12yDK-jABI-A9P2YA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf1qaldqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ56ka0ggJCIDhgBAQARgfgAoByAsBuBOdJ9gTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi0wODYxMTMxMTQxNTY1MzgyGAA&sigh=BVhRtiiCCrs&uach_m=[UACH]&template_id=5021

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=1023330220&adk=4036564763&adf=1587067543&pi=t.ma~as.1023330220&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831447&bpp=2&bdt=530&idt=139&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_fmts=0x0&prev_slotnames=1988028696%2C6143794965&nras=1&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=435&ady=1863&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=7uYfcQrHiV&p=https%3A//find-open.com&dtd=141
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 Jan 2022 12:00:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7386312756245955002/ Frame 8C0B 2 KB
2 KB 35ms
19ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7386312756245955002/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf727394622c727cfa5f4f579fb136cfd90cc7da2720b59e8a954a0088c432d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 09:00:53 GMT
x-content-type-options: nosniff
age: 269979
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2274
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 13:50:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Jan 2023 09:00:53 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17524427426783974228/ Frame 8C0B 14 KB
14 KB 35ms
20ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17524427426783974228/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

087322b981a1eb5167f9c70814b0c8f5d9b767ab254658711d31225b1d730806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 21:09:01 GMT
x-content-type-options: nosniff
age: 399091
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13892
x-xss-protection: 0
last-modified: Thu, 06 Aug 2020 13:52:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Jan 2023 21:09:01 GMT

GET
DATA 200
OK truncated
/ Frame 8C0B 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23b4588d62acc5dbf0907271e1a29025f544092b0f2448538026603d949e3df9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C0B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C0B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb3f4ba64473dca60406acafc0b584ecba63e7d7c74e760a796cee0e9893b47b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8C0B 21 KB
21 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 600161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:17:51 GMT

GET
H3 200 94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FE9 35 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 11:50:44 GMT

GET
H3 200 94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response
pagead2.googlesyndication.com/bg/ Frame 92B7 35 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 11:50:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 44DD 4 KB
618 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=6143794965&adk=1069321843&adf=1066219581&pi=t.ma~as.6143794965&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831415&bpp=2&bdt=498&idt=160&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1988028696&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=241&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3q8GVWqdhP&p=https%3A//find-open.com&dtd=162

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Jan 2022 11:59:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 07 Jan 2022 12:00:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 44DD 1 KB
880 B 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:57:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/ Frame 44DD 19 KB
8 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 10405968765291005445
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:57:43 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 44DD 2 KB
1 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1210
x-xss-protection: 0
server: cafe
etag: 9753579932288205849
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:54:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44DD 120 KB
37 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641385868096614"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 12:00:32 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/ Frame 44DD 15 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220104/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6485
x-xss-protection: 0
server: cafe
etag: 13366392639478751132
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Jan 2022 11:55:06 GMT

GET
H3 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 44DD 27 KB
11 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Apr 2022 14:00:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 44DD 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ8TgXyvYYZ-6JuiX9u8PurSF6Ay_qr_gY7-dmc-nDsnrjravKBABIM27iglg8eWJhtAfoAHsmsegAcgBCakCTfoPEapbfT6oAwHIA8sEqgTkAU_Qw8dcQ5Wp4l4CMABztij5wgtpYZ8yASX52xwzeWUWuqueIMQHsje1-0ypDMTu4__mbhV7BrIMzHCwh4D95DdxC9jRnrTLfH2ThXzmFnc4EOE6j26rN3LYBL9RhBF4gq1ONUzEiYB0wpmgvbK1ReqCb0hcnEJgmyUtZnjFXh5JQE5n2_OY5BE5K-YB6ZmRWBSO0NUDy9c-dEERpDSZ7AbpMBHjy1SVsW85mfQ-BXI3ZFtZjI1fLd67ExF5Yu9F1Xjji5FFcLvBDfhYryN5F048mlywSi5-dTPVpb-163KiUi96asAExcWQ-sQDkgUECAQYAZIFBAgFGASgBi6AB_zkuN8CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiY1P0ggJCIDhgBAQARgfgAoByAsBuBOIJ9gTDYgUA9AVAYAXAbIXHAoaCAASFHB1Yi0wODYxMTMxMTQxNTY1MzgyGAA&sigh=NORlU3Hx7BI&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0861131141565382&output=html&h=280&slotname=6143794965&adk=1069321843&adf=1066219581&pi=t.ma~as.6143794965&w=336&lmt=1641556831&url=https%3A%2F%2Ffind-open.com%2Fbroken-arrow%2Farvest-bank-atm-3536343&flash=0&kw_type=broad&kw=Banks%20%26%20ATMs%2C%20Broken%20Arrow&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1641556831415&bpp=2&bdt=498&idt=160&shv=r20220104&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1988028696&correlator=3771327123066&frm=20&pv=1&ga_vid=240156841.1641556832&ga_sid=1641556832&ga_hid=998615552&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=241&ady=277&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422&oid=2&pvsid=3378957436236415&pem=839&tmod=719&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3q8GVWqdhP&p=https%3A//find-open.com&dtd=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 07 Jan 2022 12:00:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12568080691462657322/ Frame 44DD 20 KB
20 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12568080691462657322/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

369d85e0f3cc35ba9ac5c6627d88274dd1bcbbfe94dec2d437cd718b549df8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 15:47:09 GMT
x-content-type-options: nosniff
age: 159203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20814
x-xss-protection: 0
last-modified: Wed, 14 Jul 2021 10:10:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Jan 2023 15:47:09 GMT

GET
DATA 200
OK truncated
/ Frame 44DD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a072979c5a89fb51292ee9c0ef3eebaab5f19ed3ecd0b7949b7e1c1be50a644c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 44DD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91aee38f2fae8da000b830ede517924544b9b7255cf52e3f7ac9eccfc553022c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 44DD 16 KB
16 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 14:02:00 GMT
x-content-type-options: nosniff
age: 251913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Jan 2023 14:02:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 44DD 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 598845
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:39:48 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 55ms
30ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220104&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61c49b40a2f59c64c8a45381bc146dee89f606b19766875fb3e5ea050914c716

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Jan 2022 12:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8479
x-xss-protection: 0

GET
H3 200 94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response
pagead2.googlesyndication.com/bg/ Frame 26CD 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 11:50:44 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 12:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Jan 2022 12:00:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 43A9 13 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 07 Jan 2022 11:50:43 GMT
expires: Sat, 07 Jan 2023 11:50:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8FFA 783 B
535 B 51ms
25ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8754ce4b53f47744bf5de35f738cacdd7edb1df0c2aca0fcc97beb335781b6f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hlKOFZWdRIA+ENi2RgFXuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 07 Jan 2022 12:00:33 GMT
date: Fri, 07 Jan 2022 12:00:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-hlKOFZWdRIA+ENi2RgFXuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js Show response
pagead2.googlesyndication.com/bg/ Frame 43A9 35 KB
13 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/94IealOMwR7kxf6jS-jGG0uIjJYzj28NIr5mtVGcdhU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 11:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 589
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 11:50:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8FFA 0
0 52ms
52ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220104&jk=3378957436236415&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220104&jk=3378957436236415&bg=!S0ilSAzNAAbDtiZlw7Y7ACkAdvg8WjM3SA_fLWpO88IhofzfQ3AwPfmxjWkiGKHOM5P2fMSKMz9hUwIAAABQUgAAAANoAQcKAIA2vqzbPWeEq2bH8YbhTuFJxMxHniAOeRzq07uElbX45k3YVW34LqMcCBxOjGDa7QSBQ22AYdzsuG7Y7eLy6nKgwnBAWNbMrzog8D2FZWaXC5J68kwKlrI0q8u3JxKOTkHC1Or2yTRou1mgSmOO56XzBZL2qpGEJbpiuXygltxZNpkCeZ1-4vaVYfLFTif0yvNOUOz8NJuI1SVO-dvfe-CU20PLos7J1Fzdw6jgHegTeAiLCozhv3cgIWRxoUARKcJ4l1viQ2pPevnuJLfXB3dnxMjFfCrmetDJgIm-Y2-I_wVbciztlROe7_gF7Rade2VXYhZAt7-5bcJCLlN60J_NuBB0uQfjW91_nC3dY_zmESP6Wx6GixuTKY5M81hmoKl6Z7FfEaPlPzD9YBf-OkFsScLq_gftVSfLhLzqmFkhF50m6ek1SWYNg46eplbkdkl-t8vFKi78DH_bZyh6AYUmYMWFWJb-WQ8shy1NaChZjCSdnOlOGO_w1SpOJAaddTi-nWCAkk-zMQUvi0WAAJYs5h-18oH-pTUDLgB5Nm8Z3wj3k1s0JB7aKY12xjnd0CxZJi4L8cjQUfhF8wGO7TmdHmugyniYELoJEfXyZR1NEPkorx2-HUKpeaTStjbwL-4TEDj5UTERqar0nXHiK--sNFwXrdbWbbWm4bF_u4u-FXCNFXwysYKrCxwrCLn34CbrgmSiLJj85uTTscRKZlJVJiiVLZRAqGrFj4WrQe_GuUNj8pryYMW0kIfE90kMUQ822RrQIzTh4dfzhbgtEUEt6vAoNt6_YJVFfIRM9_qp1THmXjeml2j7lm62cbO32wIaNj8hx0Plpd2gIDZdGbmyDEW8AlSfmtvQREypC15dnvfUNq9Nci-ZF8Uiq-JmpNBxfrRUtB4gEuQyd__0ZtSqgGAGJx3RURnJl33jpwjwvT6FxuKocpPrQg8h1fukAphBcSmz36_d0HMmGqbQTb53fDD5H7q5bIk5WBQtoGIBCxHs7ODfl_Ns1_yVSQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://find-open.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 12:00:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 06CC 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwCVcE703SnQvI64i9A4D2X5GIGaysFTNKp8bRnd9vZNsK3ihL3_6fgAfkqkP0xZcIgVX4hhLmUJp5JHV_JexOEuPfso3XxZHQ3YWY3SGJw3ppF0JZrw&sai=AMfl-YQwCTxoD-ocKnsIwkN3JdukJZNSt-EydfGWYGT0D0C1LKopPExJsUk0NENqzp15G-kS0o--toOnffRY&sig=Cg0ArKJSzIPHq1TnmyWdEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3476610803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641556831572&rpt=1163&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 12:00:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44DD 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuQdunVG0v2IXnsSdFiLPxxr3Za2hBARTY-O8haxmfN423EPIebwsIwdWIFB_O90CQ4aNmKQNix_3yRJcKhk0b-n0Ym5zAmR8zCZAYcuSW2SeNf4QT0A&sai=AMfl-YS3GhwMDkOl0o9CX-VWVJtJc7oI633Ev3xcXB1mubsWjklgfItEa592d0ChQ_keH4Uh8B3SUCZ3RiWb&sig=Cg0ArKJSzG0fxj3_k2E-EAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220105&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1069321843&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641556831578&rpt=1447&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jan 2022 12:00:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
find-open.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.find-open.com/	1970-01-20 17:30:28	Name: _ga Value: GA1.2.240156841.1641556832
.find-open.com/	1970-01-20 00:00:43	Name: _gid Value: GA1.2.852859162.1641556832
.find-open.com/	1970-01-19 23:59:16	Name: _gat_UA-68946875-15 Value: 1
.find-open.com/	1970-01-20 09:20:52	Name: __gads Value: ID=e8153fa5741e5058-22b473b716cd0064:T=1641556831:RT=1641556831:S=ALNI_MYD2GZQw3OQKmlh0rk_OIOjCa38PA
.doubleclick.net/	1970-01-20 09:20:52	Name: IDE Value: AHWqTUlQAVDR61VwGpl1qGRTtn_3I1kYID-atE684bUDMSYZnUtbqa8yDjk8y_KS_14
.doubleclick.net/	1970-01-19 23:59:20	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 23:59:17	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000 max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.se
ajax.googleapis.com
find-open.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
media.cylex.us.com
osm.cylex-international.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
trk.uberall.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.130
148.72.168.26
18.194.114.119
2606:4700:20::681a:bef
2606:4700:20::681a:d1c
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2004
075c12ec09ad99e3713e1a3466818969f4a1aca8bbfe02b4f1916af385d3084a
087322b981a1eb5167f9c70814b0c8f5d9b767ab254658711d31225b1d730806
0d81a24356ed03dcbdae7a18f44247ed0212f90141f231920dc907e8b2ab672b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1bcabf7f2e538dfe079a36d05d17e53e34ebc193267a9bf71128b0c3dc518606
1c3e0a82296631403a47a1e0d136a7cfc4bfe52e6afe0b6f7479e4e684d5e08a
23b4588d62acc5dbf0907271e1a29025f544092b0f2448538026603d949e3df9
2e240b66bb9e71a4dc46f0aa6f12a9749533f18a768a5654a40187fd9de06882
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2f0d4d9b650f65496ed77b6187149cfdaf3018f8289ed28361c1065660726ff4
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
369d85e0f3cc35ba9ac5c6627d88274dd1bcbbfe94dec2d437cd718b549df8c8
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3a00a06d39ece4f2816e75b2e577c3b05a51ba196e19bd103d1124567f0c54f5
41481f61d818545679d0ddcae8f4470877333aa4eb78aa2ba253a166a3326d17
47e757a346bdfdad8c36c84b488ab7882c5c3e0eaa509c6a67769bed84bf4a6d
483c4a0396691993a641ec409c44b8b7e1daab0ae7e2b2944c4bc59520bb7655
48b8d11b6761c54720d0c311dc6777bd88ac15b088b3b28e7a6085d061355de8
48bef93934aa64cc3e243526a642aa9b29dd750c16e7ee2c5d71d0d3e22f5c47
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c49b40a2f59c64c8a45381bc146dee89f606b19766875fb3e5ea050914c716
64755916bfcc7b6b2d39982af788b37ee5ea30c6763fac8f3248e9bb79184c43
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73271f83e0d89e09da51434a964dde15ced7b91331f3b96357eb05ee81a85567
79bf1d4e3259757ef48c9fa044194ff6564395d9595fb4cf4cbff5ebde1ab68e
7aef88eb28a8d63283f7b1fda589c73f7401e1b3356e3ce32faae16c35299219
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8754ce4b53f47744bf5de35f738cacdd7edb1df0c2aca0fcc97beb335781b6f0
87e9685a9b98ff1bee63f5adf1bc5bbbadecea882958aa9043e7ea459a30c788
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
91aee38f2fae8da000b830ede517924544b9b7255cf52e3f7ac9eccfc553022c
92caa4d6b9e33a4e64b960908fecf4de3216621aedcb18fc548aa58d22aca4e0
945e3633488966e4de9cb574d2e0f999497ada947d27f82116ae18ac8ef19863
9d1426e3bb667edadcc95514bf4b8a4c74a216bc2d4fa07ded0f63fbd88867d5
9dd61c4314bd5c5c2f82005ed146e414560b322e7139e6faaac0a1423aa11f01
a072979c5a89fb51292ee9c0ef3eebaab5f19ed3ecd0b7949b7e1c1be50a644c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a98a8c1fcf9a7e34e575605b17fd9f174452a094ae112178045b97fd847fd26e
aa733da5e2430f00a4969b05913573f485eb3114614af302b3430e044e4614e8
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c33fbb962a91594304676e8eecc5a3e182e33838e562db43f48c9686b8a45bcd
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cb7f538d82717f737d29ecf75ce495d24ebc80287d7daec6404163dd09070bc2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf5b2c7f6c2850f595633d95eda93f1e518629831abb24042edaebe4194f9702
cf727394622c727cfa5f4f579fb136cfd90cc7da2720b59e8a954a0088c432d1
d0227266e7f6a755f6edcdd4ced8e12f1fbed6f02e51e9ec2dfaba60bde53d4b
d06c6c3c58f4a072f258d84c57e591cb48f11db5eb63dfc5a5eb776d344a673b
d171e9129940ba2ef949b54e6b4358e6f77855ff1ed4f0656339d96aef5990aa
d1d99c110d19d50b6ba40b521218842d03be1afaa9b4a720a414d25bee22e917
d8bb62feaca29c6331af00715eb59493562b5213706522a97cd6ada5e8316313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78bac7c2d4ad157ca2d43d12d1cdc08ab7943d3535287108ed9e6b8ff9da523
e979dfe4d55dc019e062fbce71ec0821c8abeabd94f7490deedf56ee2712d2ba
eb3f4ba64473dca60406acafc0b584ecba63e7d7c74e760a796cee0e9893b47b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd81226061af77cadb9a72f4f3e5bd28bdd97d89f4fabe07dd72ae68f5d25fd
f08251917437169e68c3249157109ae9edfe23e403ef3acd024151c2b6ee21e4
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f69a0ba259b5b53ab5e7d00a0002dfa344e6ed3a8c9144832b551af2e5dbb1b6
f7821e6a538cc11ee4c5fea34be8c61b4b888c96338f6f0d22be66b5519c7615
fb257abb783303b884cb7eeddce56606d43cf47c7e5f83a060fd1215f3bedff5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

find-open.com Open in urlscan Pro 148.72.168.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

100 %HTTPS

81 %IPv6

14 Domains

18 Subdomains

17 IPs

2 Countries

1147 kBTransfer

2856 kBSize

8 Cookies

4 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

find-open.com Open in urlscan Pro
148.72.168.26 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

100 %
HTTPS

81 %
IPv6

14
Domains

18
Subdomains

17
IPs

2
Countries

1147 kB
Transfer

2856 kB
Size

8
Cookies

91 HTTP transactions
6 data transactions