URL: https://dnslytics.com/ip/209.141.51.176
Submission: On October 21 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 1 countries across 10 domains to perform 88 HTTP transactions. The main IP is 104.21.19.159, located in United States and belongs to CLOUDFLARENET, US. The main domain is dnslytics.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2021. Valid for: a year.
This is the only time dnslytics.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.19.159 13335 (CLOUDFLAR...)
11 142.250.185.130 15169 (GOOGLE)
2 172.67.201.243 13335 (CLOUDFLAR...)
3 142.250.185.78 15169 (GOOGLE)
16 142.250.185.162 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
33 172.217.18.97 15169 (GOOGLE)
3 142.250.185.194 15169 (GOOGLE)
3 4 142.250.186.68 15169 (GOOGLE)
7 142.250.185.225 15169 (GOOGLE)
88 13
Domain Requested by
33 tpc.googlesyndication.com googleads.g.doubleclick.net
cdn.ampproject.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
16 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 pagead2.googlesyndication.com dnslytics.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 static.dnslytics.com dnslytics.com
static.dnslytics.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
4 www.google.com 3 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 www.google-analytics.com dnslytics.com
www.google-analytics.com
2 maps.dnslytics.net dnslytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 dnslytics.com
88 13

This site contains links to these domains. Also see Links.

Domain
whois.arin.net
chrome.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-17 -
2022-07-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.google.de
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 16 frames:

Primary Page: https://dnslytics.com/ip/209.141.51.176
Frame ID: BEECE38029CC71857C40630AF5B7E4C5
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/zrt_lookup.html
Frame ID: 08B67F045D3FE842765926C2EDEB1CAE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Frame ID: 6FA3541B36F08CBACE1BAC6C090AE4B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Frame ID: 58C1950A306972C7FCC7E44812617D68
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Frame ID: BDAD2EC53A6C4D4B228429A1C78FDA13
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Frame ID: 0BB568FA425FFB6D52170AF04372C657
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&adk=1812271804&adf=3025194257&lmt=1634806666&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666693&bpp=1&bdt=197&idt=157&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280%2C1200x280&nras=1&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=162
Frame ID: BEE6F72D2B8987D0AC942FEB9AF5C017
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 28A63D7CC0221C30F56A476A701A3A13
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7826058417969760ADA9AF4D7502B343
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: DA45D32E857351484B8AD9E50D77FD19
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 16481BE22DA27DE85CA288E03ECC720F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: C1E245E9C08C25842855FD99BA2C6DD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D6AED6559E8E55C628BE4A79A9215CF1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Frame ID: 76DA08936913F90FF2FF273132C86EE4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EDCC41B696BF59073259C987D3888830
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55C3F175C5A1C833CC4F320680E245DF
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

209.141.51.176 - FranTech Solutions, United States

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

13
IPs

1
Countries

1337 kB
Transfer

3095 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 64
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 80
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

88 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 209.141.51.176
dnslytics.com/ip/
32 KB
6 KB
Document
General
Full URL
https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09dbda47748620dc262bc0b8bb4c7f31619a7b1419185d0ae8e18395150818d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dnslytics.com
:scheme
https
:path
/ip/209.141.51.176
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
DENY
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqxlKn9IZdpdTC5NSHNnGS7T6pvKs0UWJZP%2F4OBZSKGHKqTvbGS8VSy5Dd7zpQsNZ2zEIgNaQJI02LJ9Li6Muxqs88GZtTGdeY0LoyzDD5Wb7ZKuYyU1qQjrHEhfAUs9"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a1947c108a75b80-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
dnslyticscom.css
static.dnslytics.com/legacy/css/
161 KB
27 KB
Stylesheet
General
Full URL
https://static.dnslytics.com/legacy/css/dnslyticscom.css?v=2021071202
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65ca8a0002a25b383616f6a2b966d9df874ff49ebe1559430fc41d09e470e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738494
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:56:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDFr8NaH37ilvbN%2BDDl7qQqWrl5r3T6zYOidiQXefA0Iqt8S8YmzexhybijjppJCVZozg6BDUlLA9bqfssrOos24sA7gmPDoWNgBVXvOX8Z8mqrb5TUidbdot6luUykbMTkFnRwgDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a1947c1ea0e5b80-FRA
flags.min.css
static.dnslytics.com/legacy/images/ccflags/
11 KB
2 KB
Stylesheet
General
Full URL
https://static.dnslytics.com/legacy/images/ccflags/flags.min.css?v=20180315
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d66dbdccbd0e585f73ca986e9d116bf2b88ec2c29ef4b92ab27ac6579c5c752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738494
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuLL3X6HVAcazmm085viO1y1OctTqOh%2FCQAS2tHAbxoLXrsol63HOnxLDuW69RvQmnW%2F2r%2Bojxg6Q6maZT3LLRpYywCYstQZcsaIxSu5k9HfX%2Ffp%2BSIbajlf9zJF%2BvUD%2BSTUzeo5mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a1947c1ea105b80-FRA
jquery-3.2.1.slim.min.js
static.dnslytics.com/legacy/js/
68 KB
25 KB
Script
General
Full URL
https://static.dnslytics.com/legacy/js/jquery-3.2.1.slim.min.js
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738494
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2XMKBlooLDvz6YUAtjgK3K0pxE0Hkp8fd91%2BCXuFwFNdd3gwBl%2FzhJvkqrUJYiijhtGFkKTqbdj4SkDp2YMt1Zdiq5CiyH7xSm8Bf81J8M%2Fy5t4Vx8cC7ceqX9XOJUk%2FcUJii9eBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a1947c1ea115b80-FRA
dnslyticscom.js
static.dnslytics.com/legacy/js/
210 KB
66 KB
Script
General
Full URL
https://static.dnslytics.com/legacy/js/dnslyticscom.js?v=20180531
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df26b208f8fdfebb6fee8d5e731fd1acff4ccbd316b67ebd373a5269cd5dd3f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738494
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:19 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7SrxCfEcBEPp%2F9JTQH9VrjxomQJoX%2FYldGIkRTzeAeoMbMcVR753JB93Cbb5ukRM2s%2FC6F%2Bx43H3hWnW74CrzuHwS%2FOnvWr3tRIDMTRKuWAEfB6JKHJjTFkaL79vBLpiwIGJzEhqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=2678400
cf-ray
6a1947c1ea135b80-FRA
logo.png
static.dnslytics.com/legacy/images/
3 KB
4 KB
Image
General
Full URL
https://static.dnslytics.com/legacy/images/logo.png?v=20180220
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1470c8774d4bc2b1ffcad0775126bfbe9827a24d2cf9f10bf8424bdec93fc9a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738493
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3321
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoYwbWta1YUD1%2Br%2Bthm%2BFsFics07YrXY5RgTdf1n1GYnnBhqZ8JE7n07H7W6p0exlVpbqfn%2FYo%2BmPQBHh2CG8tqAa7WeRXuinNjIPLqTjSdAJ80kbMofrTePQBb8%2BvMUcVzrLKPRBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a1947c21a905b80-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1318bd55abf0ad2c98c5cec8c8f21c949197cd24c7144fb8c0d5964641883247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
51027
x-xss-protection
0
server
cafe
etag
8567683795025388020
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 08:57:46 GMT
blank.gif
static.dnslytics.com/legacy/images/
46 B
711 B
Image
General
Full URL
https://static.dnslytics.com/legacy/images/blank.gif
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e745194ca13a573264733f6bf1f66cdf29d59fd72aee3ac9acf8f3a53fcc9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738465
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
46
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:25 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsA5LesuCvSxdgFWNtlh7ZVryrExhaymBxKG0438QZ9L%2BuMJAmdAuiTr2pREdG7Zy65uZH0sjVFnceXuCEnf9jG9%2FOZoFQroIk09aaTU6uD29FvdX0NawfVko6fg9Mo%2BzRtrJ6U2zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a1947c23c4b5c8c-FRA
greenlight.gif
static.dnslytics.com/legacy/images/
916 B
2 KB
Image
General
Full URL
https://static.dnslytics.com/legacy/images/greenlight.gif
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68adf3bf2dac9d3a98a0f5695d86748f98c297954f0009289c123cd8a79447eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738465
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
916
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sqbd0PSod1zP7iRufAamhxTgsJkz2MbHo5QGGAzZoAqjtQSIdGWJiL392Tw8P%2FNyD0%2B3X9yjvoMVe6K1pIhbI3C%2Fg9jRh4s7rZjmqv9umhSWoF27mQ8LaEBpC18BB84nTr%2F48TKKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a1947c23c515c8c-FRA
map.png
maps.dnslytics.net/v1/
94 KB
95 KB
Image
General
Full URL
https://maps.dnslytics.net/v1/map.png?width=400&height=350&zoom=8&lat=36.1&lng=-115.14
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357eaee78436b5317522c4f5b36dd9f76f752322bcf3014a44a58facdca4c0cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
96027
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Oct 2021 08:57:41 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMttUIFZpu%2B8nmphzN0VoCBjyuje%2FLq80awcZlpximyvKQyflitPdSgUXw5CXVtnuxWpHCDIkSRX%2Fo2niQDNnfrLVxER6lJV6f%2Fb0vXskTwgTcp%2FR45Embu5ZamwlwZeF%2FKadgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a1947c289672790-PRG
us.png
maps.dnslytics.net/v1/country/
26 KB
26 KB
Image
General
Full URL
https://maps.dnslytics.net/v1/country/us.png?width=400&height=350
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.201.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d502f8ac5153050c4a88edf4ea41f71779fee29ea0488998e8eb96d3303e43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1715982
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26221
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Oct 2021 12:18:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5iuegyyiR%2Flm7LbqkbP5TFcEd%2Bpd0EnLmejRTaXCuWf6N4O4Pb47%2FAkSOd2PGyjrYLAIFrDq9QkPAMuWuqlZbB1jvEnnqB9Kp5F0J4M7laSZJBR6Jnn89%2BMWYJzbTOZBz%2BAdTwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a1947c289692790-PRG
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
649
date
Thu, 21 Oct 2021 08:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Thu, 21 Oct 2021 10:46:57 GMT
flags.png
static.dnslytics.com/legacy/images/ccflags/
65 KB
65 KB
Image
General
Full URL
https://static.dnslytics.com/legacy/images/ccflags/flags.png
Requested by
Host: static.dnslytics.com
URL: https://static.dnslytics.com/legacy/images/ccflags/flags.min.css?v=20180315
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8577f10235468472068fc2b89abc4449e01517c346e7a0efc4aa99dd93995569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.dnslytics.com/legacy/images/ccflags/flags.min.css?v=20180315
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1738465
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
66187
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Jul 2021 08:47:46 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obgnNIZASu2JavulIMx6U%2F%2BdJo12qLTP18qEcgSc9gWCRIcGYS47CEXi4vfBXz1ZIfZ5vKJnqcHPzH36g%2B3VraVO2YWYlStw9kV1BCf9pPudH4%2BFSYHDe3pgAS43umT%2FQxZPr%2BuAXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6a1947c26cb35c8c-FRA
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/
271 KB
97 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
7a1c7b653713a617643f8a5a149912073073ba77f7d0d8778f8524b17f5596bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
99362
x-xss-protection
0
server
cafe
etag
17114109636645632102
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 21 Oct 2021 08:57:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/ Frame 08B6
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211019/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211019/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 20 Oct 2021 16:42:38 GMT
expires
Wed, 03 Nov 2021 16:42:38 GMT
content-type
text/html; charset=UTF-8
etag
15765991816257340444
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4703
x-xss-protection
0
age
58508
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j94&aip=1&a=1223861105&t=pageview&_s=1&dl=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&ul=en-us&de=UTF-8&dt=209.141.51.176%20-%20FranTech%20Solutions%2C%20United%20States&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=784418193&gjid=1457341025&cid=1358437787.1634806667&tid=UA-15589237-1&_gid=547533751.1634806667&_r=1&_slc=1&z=1127220550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dnslytics.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 08:57:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dnslytics.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j94&aip=1&a=1223861105&t=event&_s=2&dl=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&ul=en-us&de=UTF-8&dt=209.141.51.176%20-%20FranTech%20Solutions%2C%20United%20States&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ip-address&ea=nosrc&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1358437787.1634806667&tid=UA-15589237-1&_gid=547533751.1634806667&z=387163412
Requested by
Host: dnslytics.com
URL: https://dnslytics.com/ip/209.141.51.176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 08:08:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2946
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
203 B
610 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dnslytics.com&callback=_gfp_s_&client=ca-pub-7232066202917795
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
a05126d71a0b8853790c168d3889266d533258555ba74be3f1e9335c74082abe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
194
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=dnslytics.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
520 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dnslytics.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Oct 2021 08:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6FA3
177 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2bed521f598cfe7208ad4b3861f6207f085af0a64652ff201391f121fc69f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
26589
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:12:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 58C1
91 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
6afa9ddf95a928914807c42131807ef32b1451c683d083a4d9fc953190e592ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
28254
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:12:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BDAD
71 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
9595461bdb696b6787c5125ddbd0a86c2fe0608d8489d816a733be26e4836697
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
26256
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:12:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 0BB5
95 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
5233fa6622550b0f711afff3d7b89172fcc238d571e3e1c446fea42886c3ee4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
29174
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:12:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BEE6
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&adk=1812271804&adf=3025194257&lmt=1634806666&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666693&bpp=1&bdt=197&idt=157&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280%2C1200x280&nras=1&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=162
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
674112fd01f11e1a3f257dafed4cb5168a228376b803bd49b31209faa385aad5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7232066202917795&output=html&adk=1812271804&adf=3025194257&lmt=1634806666&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666693&bpp=1&bdt=197&idt=157&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280%2C1200x280&nras=1&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=162
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
4124
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 21-Oct-2021 09:12:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private
7881889435443786513
tpc.googlesyndication.com/simgad/ Frame BDAD
53 KB
53 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7881889435443786513?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmohz4PIFcqTJTqtaBhPtF7srPPSA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
cc1dbccb01bd9d887a665774309484c8a7b8f8e3764c7601db02518a5061ff7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:34:46 GMT
x-content-type-options
nosniff
age
105781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54192
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 20:48:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 03:34:46 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame BDAD
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:48:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame BDAD
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:41:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame BDAD
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:50:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BDAD
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Oct 2021 08:57:47 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame BDAD
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11249
x-xss-protection
0
server
cafe
etag
2407096445939648700
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 16:07:59 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BDAD
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CuZO1iitxYaLzNJ-NjuwP3JKvqAu-9_zjZdXOoOHIDr_hHhABIMb49ghglYKAgLAHoAGbiNGfA8gBAqkCFZX43fSOsz6oAwHIA8kEqgTYAU_Q0XhPx38TaT9I9y8VMdgeNkI19D-YpLpwzJXFhIEsIGvJgc36iWUE9voescPbLf9GP5u1lfWi0wdck3ySmb3eNKL2_rfoxxO6uU5dzZS7-JPAYncy1rNbHfUpb5cRljdzs2KdQ1AeIrdabRAOWuC1JRLEfgPfZTg4WoLX3-R5BGt3lDYykJSL-O5PPLOISuM4nwAGucoqYV0dz4554HFIvgNCSEZs4DdL3BSRDfLYIqP9zcd2rTWLSMdC0_EIFbbtq5BySrUXLh6EVrsT4I03_8kIYHnJx8AElsPBwuADkgUECAQYAZIFBAgFGASgBgKAB833rmCoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEILpa9IICQiA4YBwEAEYX4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03MjMyMDY2MjAyOTE3Nzk1GAA&sigh=_C4QLM2TFQ0&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 08:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 21 Oct 2021 08:57:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 28A6
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 21 Oct 2021 08:36:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BDAD
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf943935953688abed313c1ad689a50895bd93c60b44e42af1a81acc65fd2e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 28A6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 09:57:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
16208292817038427091
tpc.googlesyndication.com/daca_images/simgad/ Frame 0BB5
66 KB
66 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16208292817038427091
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
d3a800a5d1e00bda3fd6a121555aa9ad026a4aac61ed7f8f91353923f9482821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 03:30:54 GMT
x-content-type-options
nosniff
age
106013
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67303
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 20:45:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Oct 2022 03:30:54 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 0BB5
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:48:34 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 0BB5
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C3rcViitxYav-NMeAjuwPxtKJkAm-9_zjZe3QoOHIDr_hHhABIMb49ghglYKAgLAHoAGbiNGfA8gBAqkCPXdlFuqMsz6oAwHIA8kEqgTZAU_Qp_k0ta4j4HqDIsVmwhCoZyix1iGjZVb-FKiQeRLda5dNq0_PiXcyPBMuiapqjvbL-Xmxxm56lRpmjuW1aQ9ertTC6CryHPG9js-IXJmq87QMhIKN3ZfU-eaQQTp77Jpgcp9TxYAv4oMoLhgwJkm3KWgMDUf6rm6RmKzJfLOUN5JroO6DmPpp5UTlAgfSHFoK1QxcMhyaDwBqEluqOu68b2JzTdEu2wUQhRx3f2hcDLI1gp8OkhsSNAvk0apElEvU3OcJwQmhtPNbnF-NBm0o1ZUusOJqtUbABJbDwcLgA5IFBAgEGAGSBQQIBRgEoAYCgAfN965gqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCgqWHSCAkIgOGAcBABGF-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzIzMjA2NjIwMjkxNzc5NRgA&sigh=a3dRLHN8KYo&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 08:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 0BB5
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:41:11 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 0BB5
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 17:58:30 GMT
x-content-type-options
nosniff
server
cafe
age
53957
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Thu, 21 Oct 2021 17:58:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0BB5
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Oct 2021 08:57:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 0BB5
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:50:49 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 0BB5
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11249
x-xss-protection
0
server
cafe
etag
2407096445939648700
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 16:07:59 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7826
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 21 Oct 2021 08:36:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 0BB5
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5156c9a46fc6719a09268725a0654338afb857c2c64ef12f80b3a7b5fd531d37

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012110042008000/ Frame DA45
190 KB
54 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
13246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55667
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 05:17:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"11904075b70ba1a0"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 05:17:01 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame DA45
13 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4996
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"01e91d40c144b6bf"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame DA45
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
23690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28494
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 02:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a5e24beaf7c9a504"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 02:22:57 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame DA45
71 KB
16 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
16e706e624990591418244745eed2e287beebf41e6173e47c905768752b19135
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
28328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16762
x-xss-protection
0
server
sffe
date
Thu, 21 Oct 2021 01:05:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"294e22e1c9709f2d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 21 Oct 2022 01:05:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame DA45
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1635
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"dff2522b082c9ee5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012110042008000/v0/ Frame DA45
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12816
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a05f1a8ea5ea134"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
truncated
/ Frame DA45
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f46f5e676edf4c6784d0dafb1ee81b18c266233e923ed82443a97f5c61e1f67d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
bg.jpg
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/bg.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
e7bfa6a80057530e4accf7e4f74ff8231849fbc98007aab8f6c68d799e881900
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:07:21 GMT
x-content-type-options
nosniff
age
21026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3100
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 03:07:21 GMT
bg-img.jpg
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
31 KB
31 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/bg-img.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
36b21e670b6b949414cde677dcb0c283b755e66fd51be73862cb5d90b002418a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 09:58:07 GMT
x-content-type-options
nosniff
age
169180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31922
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 09:58:07 GMT
typo_01.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
45 KB
45 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/typo_01.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
81418a3c1dd2107f4491980431682773aca017aa71265243fdbf9427f16c88eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 09:58:07 GMT
x-content-type-options
nosniff
age
169180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46246
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 09:58:07 GMT
kompass.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/kompass.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
732dd900c0a98234e4270b7591a05eab7ac1ae293ec1b7a1a37901b176185843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 04:54:58 GMT
x-content-type-options
nosniff
age
187369
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9199
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Oct 2022 04:54:58 GMT
nadel.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/nadel.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
66b326e1f3ce711fb1d1ef22c95579ed3f7600708eada215ee934fea2e373b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 03:31:45 GMT
x-content-type-options
nosniff
age
19562
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1421
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Oct 2022 03:31:45 GMT
typo_02.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/typo_02.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
d9ee66c86e2c9c58f1e11a959927710b9aa03982e76bd8276c8aa9f26a95909b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 09:58:07 GMT
x-content-type-options
nosniff
age
169180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18844
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 09:58:07 GMT
typo_03.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
19 KB
19 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/typo_03.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
afc817b71231664bdae4126f8946ca63f0f5debdabb79440cbffe48ae8254d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 03:07:44 GMT
x-content-type-options
nosniff
age
539403
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18957
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 15 Oct 2022 03:07:44 GMT
logo.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
e62bb413858fc9b6262df615f3a8b0321c0ac4e73c96380292319b6ebbc7d4b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 09:58:07 GMT
x-content-type-options
nosniff
age
169180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3404
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Oct 2022 09:58:07 GMT
btn.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/btn.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
de1f8f36f98228675059d629344be851402bde033ff72c3a1cf6ce608144d815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 18:19:08 GMT
x-content-type-options
nosniff
age
139119
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3478
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Oct 2022 18:19:08 GMT
cta.png
tpc.googlesyndication.com/sadbundle/13036728517319171368/ Frame DA45
960 B
990 B
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/13036728517319171368/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
c71b64fed2cdc011e12fda677219b0e4097d3b100202d84bb1238041ba89997c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 09:58:07 GMT
x-content-type-options
nosniff
age
169180
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
960
x-xss-protection
0
last-modified
Tue, 14 Sep 2021 05:53:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Oct 2022 09:58:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA45
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
70774
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 21 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA45
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 20:55:41 GMT
x-content-type-options
nosniff
server
cafe
age
43326
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 21 Oct 2021 20:55:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DA45
0
17 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CD0y2iitxYarHNNbw3wOavr_QBMaG4opj7MrFybEOrgIQASDG-PYIYJWCgICwB6AB7aDLugLIAQmpAhWV-N30jrM-qAMByAMIqgTVAU_QHxqe5j3OM1Gkc-wJ7uEdEDj18uT0gMuOF80rto_ahEB7pv_ttojHFOL1lRzi1qEChzGwsVcqVbvD2ccdEK8_qGPmL6E9bZ_pqEARlNr5AbxBlSZuFVyQa369LutZE2XoNGV5WTQTXdNKk995MXJ0zuArmwDQPj9gv9Ph1FnQfg3dl6JaQ3x56dECC0QVNQ1VhReo7hjCm7uyr039CfgZVBqtHH6uwsqf2F785B1oPmIXP0qLvUz_D0Vwxs5uGmRy-VJr-_lmcx9XLSTEV9eQvjJH-sAEs-iFqNUDkgUECAQYAZIFBAgFGASgBi6AB_vetMUBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCdqRTSCAkIgOGAcBABGF-ACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNzIzMjA2NjIwMjkxNzc5NRgA&sigh=-LYeV1PdRiM&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=295&slotname=2375246276&adk=3736557478&adf=2936558870&pi=t.ma~as.2375246276&w=350&lmt=1634806666&rafmt=12&psa=0&format=350x295&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666678&bpp=4&bdt=182&idt=138&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&correlator=595885464519&frm=20&pv=2&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=109&ady=230&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=256&bc=31&ifi=1&uci=a!1&fsb=1&xpc=5u3ullQAiF&p=https%3A//dnslytics.com&dtd=150
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 08:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7826
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 09:57:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:47 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 08:57:47 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 1648
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=4833967078&adk=1237015966&adf=1839787983&pi=t.ma~as.4833967078&w=1200&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666684&bpp=1&bdt=189&idt=158&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280%2C345x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=200&ady=3602&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2Dlqz6yQ0A&p=https%3A//dnslytics.com&dtd=164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
9319838932995227680
tpc.googlesyndication.com/daca_images/simgad/ Frame 58C1
84 KB
84 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9319838932995227680
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
8f7cf893309754a241c3690053d45d21cadae0b0b590a9ed6feb6acda6a3398f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 04:35:30 GMT
x-content-type-options
nosniff
age
274937
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86227
x-xss-protection
0
last-modified
Fri, 19 Feb 2021 22:38:42 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Oct 2022 04:35:30 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/ Frame 58C1
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
553
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7700
x-xss-protection
0
server
cafe
etag
14378044041589781240
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:48:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 58C1
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:41:11 GMT
transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 58C1
67 B
91 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/transparent.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 17:58:30 GMT
x-content-type-options
nosniff
server
cafe
age
53957
etag
2462972746714251406
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
expires
Thu, 21 Oct 2021 17:58:30 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 58C1
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5FXUiitxYdjWNIWm3gOTlLaIB6vOyMNlze-vg5QNzc_b_uogEAEgxvj2CGCVgoCAsAegAZKZq_wCyAECqAMByAPJBKoE3QFP0CZVw5ZabDBSpOqB0ksa4Y8HJ__doji4JeF-PiRGL7HDKk1-2uZlL9XZbfEc0TDQsP30_wyUugO1gEdp0R3Wc8ronZeiuPsd9RKhhzov6bXAvy474EVWa2MYMsneWCLAdK5cbwHrl6HmlGkrJa8QzQOwuzWWUEa-zzBCadfDiSq-GrSO2MYe6nWBj3PaGm06E3wyEmt4nCbQoIss6Otjo1Iz5cAl8d_SmYR9AmDIilkct4MUEuP42T6dP10ir2yVzDzqx2za-r-WBX2p8S8_XOhbF5KOcsvFXoZWesAEptCD8rEDkgUECAQYAZIFBAgFGASgBgKAB9bm1IMBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCNrCnSCAkIgOGAcBABGF-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzIzMjA2NjIwMjkxNzc5NRgA&sigh=4XkDv_jOq4s&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 21 Oct 2021 08:57:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58C1
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
sffe /
Resource Hash
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37884
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634556853496587"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 21 Oct 2021 08:57:47 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 58C1
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6286
x-xss-protection
0
server
cafe
etag
17196531676875957370
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 04 Nov 2021 08:50:49 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/ Frame 58C1
27 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211019/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 16:07:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11249
x-xss-protection
0
server
cafe
etag
2407096445939648700
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 16:07:59 GMT
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame C1E2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=1022937471&adk=1671836299&adf=118710933&pi=t.ma~as.1022937471&w=345&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=3&psa=0&format=345x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666683&bpp=1&bdt=187&idt=154&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295%2C1125x280&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1190&ady=631&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Tb2VmlYVIq&p=https%3A//dnslytics.com&dtd=156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D6AE
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 21 Oct 2021 08:36:39 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 58C1
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb3fd262482848d0f7bfcb75e8bc4a4eb2b35af5d8b4541fc9815e257274c14c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012110042008000/
20 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012110042008000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
de10bf080c876ecde1166746dfb23b65e9afc5db210cab5c59cc7100e858b968
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
56917
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7332
x-xss-protection
0
server
sffe
date
Wed, 20 Oct 2021 17:09:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5d5fdbd4c4c0d534"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 20 Oct 2022 17:09:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA45
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 13:18:13 GMT
x-content-type-options
nosniff
server
cafe
age
70774
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 21 Oct 2021 13:18:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA45
295 B
320 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Oct 2021 20:55:41 GMT
x-content-type-options
nosniff
server
cafe
age
43326
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 21 Oct 2021 20:55:41 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D6AE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 08:57:48 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 21-Oct-2021 09:57:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 21 Oct 2021 08:57:48 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 21 Oct 2021 08:57:48 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 76DA
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7232066202917795&output=html&h=280&slotname=8421779872&adk=3124075093&adf=3316885177&pi=t.ma~as.8421779872&w=1125&fwrn=4&fwrnh=100&lmt=1634806666&rafmt=1&psa=0&format=1125x280&url=https%3A%2F%2Fdnslytics.com%2Fip%2F209.141.51.176&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634806666682&bpp=1&bdt=187&idt=150&shv=r20211019&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=350x295&correlator=595885464519&frm=20&pv=1&ga_vid=1358437787.1634806667&ga_sid=1634806667&ga_hid=1223861105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=50&ady=1440&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063006%2C21066431%2C31062944%2C31062526%2C44748553&oid=2&pvsid=4454409456307672&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AjJUsFUtCY&p=https%3A//dnslytics.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9f06d3040431f05dadee1fd855b60d356322b8b21d606e1440ce99394f0796f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 21 Oct 2021 08:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8635
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7232066202917795&plah=dnslytics.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 08:57:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 21 Oct 2021 08:57:48 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EDCC
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f97.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 21 Oct 2021 07:47:05 GMT
expires
Fri, 21 Oct 2022 07:47:05 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4243
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 55C3
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
2a615983c82cca77f2dc11fc4717f918d6cf6dfe9dcab47491a37efd2ce21f30
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3/kO67GAcJLyOOjfhf4Aqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dnslytics.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 21 Oct 2021 08:57:48 GMT
date
Thu, 21 Oct 2021 08:57:48 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-3/kO67GAcJLyOOjfhf4Aqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 55C3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211019&jk=4454409456307672&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame EDCC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 09:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
83526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 20 Oct 2022 09:45:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211019&jk=4454409456307672&bg=!YmGlYSXNAAao6lBpqOo7ACkAdvg8WierdKqEnEzu0ejsSHmk_rxcyFuUCcFt9tTPf9lyO81nClWB-gIAAABrUgAAAAtoAQeZAq0zg67cs7r4n-th2SkOoUtec__YlXfzeEorl7libiPM5Wbl1pv_p1PLgh1uf-U8X2P7JNFs0fp6WGpKE9jc186QU1TaXz5I3fZuOtZt7ORndn5Y_-3MW-OHRjPF33vRqCpLPXKlUYADVlU3Da0WVWFF-64gGrOVUv8whiBNASvaDnev1iGXW_2dgOzS9oixEBqUShUHDaHh4pGQIopPu77F61mDjVvir7UsV_4zWj8lfRwKpAOq5ZC99BCiKTYYKxF8M_RAp131sikFG_V8ePrsUl4CBY3fF9eNLKb8R97JSs7iBtZW5cqV4cYkQAhm8u3GAtEoxECs8N3qzwEMrhAw7KqZh5MEi4YbtDEFtDrd3gnD6RVHpFqrxALwAL3LPLwuc0MxQd60hB1P834FZ23ZuOVbhP4DS8J2ihhH5g6mF2owd_1oDwwog6Y66J70uqVDyEVmIn-80sZLCDFS-YroH3o6kKKYT24U2ZGE_azRAQyScTsfqkM1a9LQh8uSYDQ0tb9ZOelGZvwR23wNOrIzU6mCchbSY2xZ4rDeoSQ8XqjIvpsWZsMyprsud98Ky9LU0mXx3xiSRnWlBtX3Bjr9WBxVrhhF96qqx34OoB7saNJAf8J0_XdR0e9xXYK-edKkNHfoqetCfzXU566jkgJp3TebFbtsv1iFqysfuFPCGBB5aWtMibAapW6vqAmZ_8YX8J0cYmm4699jcwUIjvbs28SXgUDYkwEc62R-xZkH7-5ZDu6WszqKRXRr5AVGGvKSsWrArgVtt7xID37RUizwjKE68_DrBtRoMHiPBJwcGte1df07GkiTUKtOhvs4KsG_plKxsE5gyr0zS4MLaHKy6El5T22_k0bfT7S_Ieis5t-Kj8bDEsOdez1pbh6uUPlKODtG3gbagcRhZ-k7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://dnslytics.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 08:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BDAD
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKmEHRiYBzJl8btGCMyzRIhV5Bng0TiOT1ilgmIYwqRsUO_kSsB8uwUaA34CGWc7AKYVwcXlLV6eqzooHBsz7SbBRxt3btZAX5rwnk_RAyCC6BQWzBDg&sai=AMfl-YRr1DM4c_maYNQuvVPqsxxzP7Jd-_EmZlY-XEJr2qAFn5AzVLXGUcNF0_hTDEgLz0Wfg81OwjRpBxSL&sig=Cg0ArKJSzM-rLYtPx6qbEAE&id=lidar2&mcvt=1000&p=0,5,280,341&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211018&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1671836299&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634806666840&rpt=721&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 08:57:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DA45
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurInicM9kpTLSE325WeV3Z5zS75sJvCwv9YxJ1gJUPAI8iVqC7lbtBImZiHZ6-EnfLNeAfnXjCXDyvIygsYBv81zlRa6PfEUqEUIw3vE2mRLRiNIV30w&sai=AMfl-YTuzv0nDCIsHM_ig7tvyhlx8rlhwA6a0OtEDSVSDtqzFyZ8ZLNum6VZedzZXOrFWcNArkwtqjXAWHfu&sig=Cg0ArKJSzIbIZc3tVOoTEAE&id=ampim&o=109,230&d=350,292&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=151&tls=1151&g=100&h=100&tt=1152&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3736557478
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Oct 2021 08:57:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| LazyLoadStore function| init function| toolbtn_click function| scrollevent function| ScrolledIntoView function| ToggleMoreOptions function| DisplayDefaultHide function| SelectAll function| getHostname function| AjaxCall function| GetWhois function| setCookie function| ontouchmove object| bootstrap string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async string| google_user_agent_client_hint object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.dnslytics.com/ Name: _ga
Value: GA1.2.1358437787.1634806667
.dnslytics.com/ Name: _gid
Value: GA1.2.547533751.1634806667
.dnslytics.com/ Name: _gat
Value: 1
.dnslytics.com/ Name: __gads
Value: ID=255130cfe399e258-22ddb816faca00f5:T=1634806666:RT=1634806666:S=ALNI_MYWk3BTTKXqnsfipJeKCEexUpYklg
.doubleclick.net/ Name: IDE
Value: AHWqTUnkHJ72SQ6-Oe9FoIFQMc7g0D6h_i8OVAVDZFBztaxVmNs2vL8pKC8FP6Dg5ME
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
dnslytics.com
googleads.g.doubleclick.net
maps.dnslytics.net
pagead2.googlesyndication.com
partner.googleadservices.com
static.dnslytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
104.21.19.159
142.250.184.194
142.250.185.130
142.250.185.162
142.250.185.194
142.250.185.225
142.250.185.78
142.250.186.130
142.250.186.68
172.217.18.97
172.217.23.98
172.67.201.243
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
09e745194ca13a573264733f6bf1f66cdf29d59fd72aee3ac9acf8f3a53fcc9e
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
1318bd55abf0ad2c98c5cec8c8f21c949197cd24c7144fb8c0d5964641883247
1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c
1470c8774d4bc2b1ffcad0775126bfbe9827a24d2cf9f10bf8424bdec93fc9a2
16e706e624990591418244745eed2e287beebf41e6173e47c905768752b19135
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20731b5cce4398a7bea4b2b919dcab676f481d929c16a12b6a74a19b51e48d01
2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a
2a615983c82cca77f2dc11fc4717f918d6cf6dfe9dcab47491a37efd2ce21f30
2bed521f598cfe7208ad4b3861f6207f085af0a64652ff201391f121fc69f820
357eaee78436b5317522c4f5b36dd9f76f752322bcf3014a44a58facdca4c0cb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b21e670b6b949414cde677dcb0c283b755e66fd51be73862cb5d90b002418a
3d66dbdccbd0e585f73ca986e9d116bf2b88ec2c29ef4b92ab27ac6579c5c752
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5156c9a46fc6719a09268725a0654338afb857c2c64ef12f80b3a7b5fd531d37
5233fa6622550b0f711afff3d7b89172fcc238d571e3e1c446fea42886c3ee4f
5ec6259ce93d1583fd116bc92baa687aacfdf415efabc596b398c1ebf27c680e
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159
66b326e1f3ce711fb1d1ef22c95579ed3f7600708eada215ee934fea2e373b6a
674112fd01f11e1a3f257dafed4cb5168a228376b803bd49b31209faa385aad5
68adf3bf2dac9d3a98a0f5695d86748f98c297954f0009289c123cd8a79447eb
6afa9ddf95a928914807c42131807ef32b1451c683d083a4d9fc953190e592ac
732dd900c0a98234e4270b7591a05eab7ac1ae293ec1b7a1a37901b176185843
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7a1c7b653713a617643f8a5a149912073073ba77f7d0d8778f8524b17f5596bf
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81418a3c1dd2107f4491980431682773aca017aa71265243fdbf9427f16c88eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8577f10235468472068fc2b89abc4449e01517c346e7a0efc4aa99dd93995569
8f7cf893309754a241c3690053d45d21cadae0b0b590a9ed6feb6acda6a3398f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9595461bdb696b6787c5125ddbd0a86c2fe0608d8489d816a733be26e4836697
9f06d3040431f05dadee1fd855b60d356322b8b21d606e1440ce99394f0796f7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a05126d71a0b8853790c168d3889266d533258555ba74be3f1e9335c74082abe
a09dbda47748620dc262bc0b8bb4c7f31619a7b1419185d0ae8e18395150818d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65ca8a0002a25b383616f6a2b966d9df874ff49ebe1559430fc41d09e470e4b
afc817b71231664bdae4126f8946ca63f0f5debdabb79440cbffe48ae8254d42
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
bb3fd262482848d0f7bfcb75e8bc4a4eb2b35af5d8b4541fc9815e257274c14c
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c71b64fed2cdc011e12fda677219b0e4097d3b100202d84bb1238041ba89997c
cc1dbccb01bd9d887a665774309484c8a7b8f8e3764c7601db02518a5061ff7e
cf943935953688abed313c1ad689a50895bd93c60b44e42af1a81acc65fd2e3d
d3a800a5d1e00bda3fd6a121555aa9ad026a4aac61ed7f8f91353923f9482821
d502f8ac5153050c4a88edf4ea41f71779fee29ea0488998e8eb96d3303e43d6
d9ee66c86e2c9c58f1e11a959927710b9aa03982e76bd8276c8aa9f26a95909b
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de10bf080c876ecde1166746dfb23b65e9afc5db210cab5c59cc7100e858b968
de1f8f36f98228675059d629344be851402bde033ff72c3a1cf6ce608144d815
df26b208f8fdfebb6fee8d5e731fd1acff4ccbd316b67ebd373a5269cd5dd3f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62bb413858fc9b6262df615f3a8b0321c0ac4e73c96380292319b6ebbc7d4b2
e7bfa6a80057530e4accf7e4f74ff8231849fbc98007aab8f6c68d799e881900
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f46f5e676edf4c6784d0dafb1ee81b18c266233e923ed82443a97f5c61e1f67d
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3