www.signinsupport.net Open in urlscan Pro
2a06:98c1:3121:: Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://signinsupport.net/
Effective URL:
https://www.signinsupport.net/
Submission: On February 08 via manual (February 8th 2022, 3:19:33 am UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 89 HTTP transactions. The main IP is 2a06:98c1:3121::, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.signinsupport.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 15th 2021. Valid for: a year.

This is the only time www.signinsupport.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 23	2a06:98c1:3121:: 2a06:98c1:3121::	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:811::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400e:810::200e	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400e:811::2002	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:810::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
17	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:400e:80e::2004	15169 (GOOGLE) (GOOGLE)
1	23.88.35.13 23.88.35.13	24940 (HETZNER-AS) (HETZNER-AS)
89	20

23 2a06:98c1:3121:: (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

signinsupport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.signinsupport.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:811::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:810::200e (Ireland)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400e:811::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:810::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:80e::2004 (Ireland) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.35.13 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.13.35.88.23.clients.your-server.de

www.icegram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	471 KB
23	signinsupport.net 2 redirects signinsupport.net www.signinsupport.net	332 KB
14	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	97 KB
8	google.com 3 redirects apis.google.com — Cisco Umbrella Rank: 140 adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	93 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	119 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	114 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 592 syndication.twitter.com — Cisco Umbrella Rank: 844	133 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	icegram.com www.icegram.com — Cisco Umbrella Rank: 304920	16 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	648 B
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 4090	159 KB
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1713	404 B
89	14

	Domain	Requested by
21	www.signinsupport.net	www.signinsupport.net
17	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	www.signinsupport.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.google.com	3 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	apis.google.com	www.signinsupport.net apis.google.com
3	fonts.gstatic.com	fonts.googleapis.com
2	platform.twitter.com	www.signinsupport.net platform.twitter.com
2	connect.facebook.net	www.signinsupport.net connect.facebook.net
2	fonts.googleapis.com	www.signinsupport.net googleads.g.doubleclick.net
2	signinsupport.net	2 redirects
1	www.icegram.com
1	syndication.twitter.com	platform.twitter.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	platform.linkedin.com	www.signinsupport.net
1	secure.gravatar.com	www.signinsupport.net
89	20

This site contains links to these domains. Also see Links.

Domain
directaccess.nordstrom.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-15` - `2022-05-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-15`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.icegram.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.signinsupport.net/
Frame ID: 62A06D7331B16B6C66B089A826622490
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220203/r20190131/zrt_lookup.html
Frame ID: 68E20A3DC3978F578D95990310AD98DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&adk=1812271804&adf=3025194257&lmt=1644290367&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.signinsupport.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367313&bpp=2&bdt=1145&idt=99&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4627009581156&frm=20&pv=2&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=111
Frame ID: 86059194D467EC358B080D9F21D23B47
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121
Frame ID: D58DEEE87E9B803086E2E5AD20C10C83
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130
Frame ID: 7DA9E13708E857EF602348703EB2A2C0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=4087946692&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367319&bpp=1&bdt=1151&idt=141&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hTdBxRNBVN&p=https%3A//www.signinsupport.net&dtd=144
Frame ID: 7D4680A44D6B9FADBC9E7ACEBFBC5FF1
Requests: 9 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.signinsupport.net
Frame ID: 134C292F3BD6D47C77F2845BC49F8786
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 443124C1CF60A1CE35FFB3AC67FC163E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 36AF5940CA1B6399ED8D0D6AF8386442
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
Frame ID: 2886E8A9EED919360AFD190305BBBE0B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E5D30C08AC5EF4A25F58839728C1D958
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
Frame ID: CF53D811460D8236EC1AF086E8BA9808
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js
Frame ID: 8945A54A6F51E2C92F4710817C60AE7A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B02F2914730DE10812D5957BE046AD39
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 974D82FF4F1B64EC9FF47562DB4BC211
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SigninSupport - Mynordstrom | Mynordstrom.com Login

Page URL History Show full URLs

http://signinsupport.net/ HTTP 301
https://signinsupport.net/ HTTP 301
https://www.signinsupport.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

All in One SEO Pack (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- All in One SEO Pack ([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

100 %
HTTPS

84 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

1621 kB
Transfer

3897 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://directaccess.nordstrom.com/OA_HTML/AppsLogin
Title: https://directaccess.nordstrom.com/OA_HTML/AppsLogin

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://signinsupport.net/ HTTP 301
https://signinsupport.net/ HTTP 301
https://www.signinsupport.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

89 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.signinsupport.net/
Redirect Chain

http://signinsupport.net/
https://signinsupport.net/
https://www.signinsupport.net/

51 KB
13 KB

690ms
656ms

Document
text/html

2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: eddf601477ceb1f22bcfa7207547daf7729d81253dfd36c8c79eb6ec8a71a73d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 08 Feb 2022 03:19:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
link: <https://www.signinsupport.net/wp-json/>; rel="https://api.w.org/" <https://www.signinsupport.net/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYUdjGhH2x%2B%2F1fQIQLN3JezkbaHlOZfm%2BCLTEibUwRshCdgaAM5pEqCnQ9SXqSXxYpeFsAy5DY9cm2wgD0YZWKr4LNheoskY8edTOeqsHrZVsa9RrDPfEw2fgKNbMwJZWn%2FAqPCafMxc1us9VbbDK6m%2BOFU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6da1b7607a9e83b8-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 08 Feb 2022 03:19:25 GMT
content-type: text/html; charset=UTF-8
location: https://www.signinsupport.net/
x-powered-by: PHP/5.6.40
expires: Tue, 08 Feb 2022 04:19:25 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
x-litespeed-cache: miss
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUtccuxvf9uQAUnfY8N7D0KJD4wlX3M8GBtxu0YqZddY0Do%2FSnHGErx%2BDfieFjI%2BqgkTggDf4tcvfVR54DvkVtNiLwGlmTe9OqveGu6kvzQd2s8VYQJgJAgXo%2BN7uyJtlKXD%2Fz9NMqR6suSqtwXTLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6da1b75c0ea183b8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
www.signinsupport.net/wp-content/cache/autoptimize/css/ 142 KB
26 KB 830ms
829ms Stylesheet
text/css 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4257cd24996df1ebf964b3e6f07bc91554f565c2d3a8e0ad91e1af63865463ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Jun 2021 13:18:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDPaiKYXdPY740YJzbPjmG4vsMReDPm8YrRtkfOdYXSxvAYlwn4HLWIcAqpM83S%2BbMZDcr4ebAQAq2zQNC28hswzBwJgunJ53G1CdxUwIaWXmbHQWGgs2ZlBvJ6bFuFSglbrb9ebT%2BkWeZCEV5fGh6yI1I0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=10368000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b764be6a83b8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 53ms
19ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70ee73344c22fd43879470a765e18eaff6766ea2337a2cdf6bc246fb328747e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 01:42:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Feb 2022 03:19:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Feb 2022 03:19:26 GMT

GET
H2 200 jquery.js Show response
www.signinsupport.net/wp-includes/js/jquery/ 95 KB
34 KB 826ms
825ms Script
application/javascript 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 May 2019 13:55:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al1WCtsLMK9CdCAM4cifN1IzivAkAuhNJGLM7XfFvZI7Yvob5v%2FoGx13YUu%2BLopEUyHBBtBuVWGyckPZEHSKKgq2DUuP5gbIMTGtjvo3CD4bTxyyAYvEnMETOP4DgsSpr1ByQEztMYcPg%2FLEZtgh9AyUiw8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b764be6b83b8-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 62ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3a773bfb187cd413455ff3a4cad1d7f7add6e21eb5305393bbc784d3e70cb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53789
x-xss-protection: 0
server: cafe
etag: 13325522756697976586
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 03:19:27 GMT

GET
H3 200 cropped-login_support.png
www.signinsupport.net/wp-content/uploads/2019/02/ 5 KB
5 KB 519ms
517ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/uploads/2019/02/cropped-login_support.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 346e99d556beec3b768737581ac2b2d0823eb6e6a275c39070c843c695d63dc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4698
last-modified: Fri, 08 Feb 2019 18:55:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xehezLw06S0uco%2FFwMfr9AonN16dc%2F2vYu0phWTgPETJ2isgpprlAaHzEz%2BDGBg9WA%2Fk8nvq3lb9ibcfZ%2BFler%2F1dYSy2KLh6ViPUzXa%2FKSgDtD8PBQ10%2BSO5gNvbPyIKhTdtAt3YgBdtPD56pSHAXUVr4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b194e839c-MXP
expires: max-age=A10368000, public

GET
H3 200 mynordstrom-e1570541037284.png
www.signinsupport.net/wp-content/uploads/2019/10/ 150 KB
151 KB 970ms
968ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/uploads/2019/10/mynordstrom-e1570541037284.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c43f5055b995db8add41a4de726e6fe4b10f811247215ba902c12f86e7f6383

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 153932
last-modified: Tue, 08 Oct 2019 13:23:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcGMvEhE7WhUxhoUhk%2B3zzh3gymveqTbfFpmAJbU1IGIRZdvaPy3Xoa%2BaU86G5bjRL%2BtnUNP%2FsDv4EQK22xdojQkvAIfg%2BYX7gq7OwtjWFLPlG3wZMX%2Bfl6KHYba5%2BwbkTt%2B%2FeurmZ8J5PsXGY0GvL24t6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b194f839c-MXP
expires: max-age=A10368000, public

GET
H3 200 signin-support.jpg
www.signinsupport.net/wp-content/uploads/2018/03/ 36 KB
37 KB 853ms
851ms Image
image/jpeg 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/uploads/2018/03/signin-support.jpg
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42022489d1499bf7e03f403c35808b80ef2a8c06c5e57ad7fa3404f76f6be22a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37074
last-modified: Thu, 01 Mar 2018 14:57:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLnB0I0eI4vchN3wfaHdi6J%2FIK7MKoJLwBB7e337t4X%2Bt264rt1%2BVxWWbABGUKp0xi0HMyogiTCVjlFFixl1qNp535hcqN4Ew36IYjtsBWUfV%2FEq0Wa11lM32kEg3Pi5Iit7FmDrdNkzdnF4gLE7n%2FMawqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b1951839c-MXP
expires: max-age=A10368000, public

GET
H2 200 98f0ba5321054a1e14133f73f20d313d
secure.gravatar.com/avatar/ 129 B
404 B 279ms
190ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/98f0ba5321054a1e14133f73f20d313d?s=60&d=blank&r=g
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: da2017c6a029fdffe11c8445fd468e878b83df7c4c888ee8ddec37ca095981bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: MISS mxp 2
date: Tue, 08 Feb 2022 03:19:27 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="98f0ba5321054a1e14133f73f20d313d.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/98f0ba5321054a1e14133f73f20d313d?s=60&d=blank&r=g>; rel="canonical"
content-length: 129
expires: Tue, 08 Feb 2022 03:24:27 GMT

GET
H3 200 default_fb.png
www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/ 1 KB
2 KB 525ms
523ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/default_fb.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dce5940cfbb1995ffa0933df7bdd96af2b9bfff5f4ae12dc1641ad0ce920019

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1357
last-modified: Tue, 06 Feb 2018 18:09:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azWOFBfaE5zQeRCOVST2ytP8w7RJ9%2BQxR21h%2FcxjcOV76fCk0cK%2BJOIqgYRRZdCtt7a%2Fhd7xwUOtIatjTRVNfSXzn8g0cOcLolNoLN3PEch3doDMeAMDfE8lZyE8pfz2ua1MhVuCWQ5E9Rl5o%2BEAJw8G%2Fqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b1952839c-MXP
expires: max-age=A10368000, public

GET
H3 200 default_google.png
www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/ 5 KB
5 KB 510ms
508ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/default_google.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c1154517cd40cfae15d6b81872f81d017b17bad00fb9a7b33262ba4be237949

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4975
last-modified: Tue, 06 Feb 2018 18:09:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz2WYbPLe9Q4vdHQvclFJCo9NmiJPpYubwjtuKWKD%2B6Pip28DvvXdcuT1BTvqwCm60NeIYU0jEQf1LxdPKtplW%2Fk4D6DyrpR7E6wTjzjtRgrVDtYrN0Yakbj1kCYC2kFbsP558DzvYQOOEPslgLWkxlLl0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b1953839c-MXP
expires: max-age=A10368000, public

GET
H3 200 default_twitter.png
www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/ 1 KB
2 KB 506ms
505ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/default_twitter.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b598958eccff91e50b3f1d35a8193f70e72c2b327abb8fc46b17c46c483cce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1529
last-modified: Tue, 06 Feb 2018 18:09:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAfhINfttxa6cqyePwG5ra8a5trJ2%2BXS3xZzkPCH9b%2BAy0maL86s7BBt2tkq530qt9ASv6hS7D1xDfNVsyhS74OIKfI7U0RvQyd9vgdffBqvGedkrFftZOoPXEXLCIDp%2FaDAuEqYETMvo%2BqiOvICU%2B3ig%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b1954839c-MXP
expires: max-age=A10368000, public

GET
H3 200 default_linkedin.png
www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/ 1 KB
2 KB 511ms
509ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/images/icons_theme/default/default_linkedin.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1652bc4a1ab4701912ff8832e7e58e3074e1fba1eaf53c43b3a3eb92243ec1cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1351
last-modified: Tue, 06 Feb 2018 18:09:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmeBud19w%2FgZW1pk0w%2FXQWlB3puWN%2FLbgg%2FQbGDkCVFY94HOiHYHu%2FwKh8xlqTUkp%2BzFRon1TzczPxffm5c1DyIXRBEdHKIeL1tYuDzE%2FjStuDVDzGk6ubu81VhX0xYFI6VEV2E%2BXXYNkjhRMZr1t2bUQe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b1956839c-MXP
expires: max-age=A10368000, public

GET
H3 200 email-decode.min.js Show response
www.signinsupport.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 29ms
29ms Script
application/javascript 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.signinsupport.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Feb 2022 11:10:48 GMT
server: cloudflare
etag: W/"61fbb838-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tI8c2IJ59UNW1FRzVUt4cp690JaYACqgEV9Gz%2F0bP95D9MWs2rSI8qs%2FJWIwFcB0rdkTfycEkS3FzTsc2daL6oJrgb%2F%2BGaVW7QYYqsgGrE7l0QXbWXycjv83VzzTAgkXvfWTW%2FF0jZuUhmAPb8aB%2BqRWsL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6da1b769e86b839c-MXP
vary: Accept-Encoding
expires: Thu, 10 Feb 2022 03:19:27 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 507 KB
159 KB 197ms
41ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C7A) /
Resource Hash: 32ee07d3e03cb425623d6da6f6eb30bc2da1e42fc8f656a6425cff093741b015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2504
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 162376
x-li-uuid: AAXXeJoFNPOUYjrFOakefw==
server: ECAcc (mil/6C7A)
last-modified: Tue, 08 Feb 2022 02:37:43 GMT
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-lva1
expires: Tue, 8 Feb 2022 03:37:43 GMT

GET
H3 200 autoptimize_315f0ae4d11a95abb286772f661311cd.js Show response
www.signinsupport.net/wp-content/cache/autoptimize/js/ 64 KB
21 KB 694ms
692ms Script
application/javascript 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-content/cache/autoptimize/js/autoptimize_315f0ae4d11a95abb286772f661311cd.js
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1b2d4401e525c7a190040677c73860df99410aa11d07f34f8e29ea07e367ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Jun 2021 13:18:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vgl%2FwoYQLYiwWe7RzX1U6u3QA1okPWkSp7Bb6yx5%2BxfUICi8ZdJHQBXZHQLJQWXkUojExG%2FJ3bqKM72EVJAMeCde2DzgsbiddXo%2B58bbg1%2BsbmhgGGtkMzYtrKs1aCjuMM1oiOIABNSSidxRi7IBMFgBTe8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=10368000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76b1958839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 wp-emoji-release.min.js Show response
www.signinsupport.net/wp-includes/js/ 14 KB
5 KB 526ms
524ms Script
application/javascript 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-includes/js/wp-emoji-release.min.js?ver=5.4.9
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Apr 2021 12:12:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3yWoGZWCqk5UFVkxjM2%2FrYMdW0CJNlDdJxiggIauVojQ%2BzgI1bnJNVFRO9Yc2zRAk4bH5cRJejPKTFMOu8BUkS0I5cahaiuL6CHk9%2FlNbPi1gEMcdirFHI1aXxd%2FFHzfH%2BLK%2BAzBsGrZnYax3mxRdT%2F7T0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76b1959839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 33ms
10ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.signinsupport.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 00:14:34 GMT
x-content-type-options: nosniff
age: 529493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 00:14:34 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v16/ 29 KB
29 KB 49ms
26ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v16/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C700%7COpen+Sans%3A400%2C400italic%2C700%2C700italic&subset=latin%2Ccyrillic&ver=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.signinsupport.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:33:29 GMT
x-content-type-options: nosniff
age: 459958
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29492
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 19:33:29 GMT

GET
H3 200 li.svg
www.signinsupport.net/wp-content/themes/basic/img/ 2 KB
1 KB 509ms
508ms Image
image/svg+xml 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/themes/basic/img/li.svg
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9389cb6583f0d743318d61d4f74c3029eb5d8ed7e96b04712ebadfb2c3ad850

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 Feb 2019 18:28:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6p598jl2hLBtwbBYeV95XrdPujM8aW1O0voKrqIuKgBpG3IDncuvLh0EclvgMRnkytnVXWlmVec7LW1jqqkKazkMqCXcVXh9q08pDRM4%2BvXbGRbC9IHDL0yxV662ZaDIeuijIqi7YiqEoga2vM35DtP%2FVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76b3975839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 gray.png
www.signinsupport.net/wp-content/plugins/kk-star-ratings/ 364 B
962 B 510ms
508ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/kk-star-ratings/gray.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81cfd348c73fc29458213c0f67e0d677ed2fc17704501e45b7723fb18eac8607

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 364
last-modified: Tue, 14 May 2019 20:19:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzQwHl8NhciRtJveZQYKi5no%2FxAQq0TePrBQdUTTuBX3jUdc3x%2BgjudnN9nrJ8KN7213C8zjeLiyJzla5D%2F6%2BCXRa%2B65txAZ6ywMOb1SUp9juf1xnCjnE7fPLcElDmjNuDc9TIqaxIR15yaTb8XUmN3AORA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b3978839c-MXP
expires: max-age=A10368000, public

GET
H3 200 yellow.png
www.signinsupport.net/wp-content/plugins/kk-star-ratings/ 370 B
968 B 516ms
515ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/kk-star-ratings/yellow.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee7369e2fbce98abcdd369c0c5447f676246721a2c69a9be4ad4efce89e1fa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 370
last-modified: Tue, 14 May 2019 20:19:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=atvpzeEDdItFvNrzfLQ60rrAMp2pmUFjnkOawQCBZf%2BO4a3vBlSHUuqkppNwjhmR%2By%2BXAcHVBFkE3S4x%2F197RxLlSnkg9jUWxLbyiWz6KQyNQfactwzEMgbkB6wtZvopKCnMp3tjSTXgqVxkgSy90v1iEQI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b397a839c-MXP
expires: max-age=A10368000, public

GET
H3 200 count_top_arow.png
www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/css/images/ 1 KB
2 KB 523ms
523ms Image
image/png 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.signinsupport.net/wp-content/plugins/ultimate-social-media-plus/css/images/count_top_arow.png
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 171397b80022f168090cd0b31844425970fa4991b80d41b5cb1bf2728d17eb2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/wp-content/cache/autoptimize/css/autoptimize_524bdcad31f8083b7e1f363c2207cee4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1316
last-modified: Tue, 06 Feb 2018 18:09:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMMsYEW9MTMYihHKw7ULAvuJF3PxRbI1y%2FXoqibhEB1RwJ33X25CfQA5ouSb3E4dfX0w6eP4KDfXaeXYbr9K1yCLdUjJFURjE75KyV%2BD9c%2Basju3mtb5bvcEn%2BkoXO0G2bOHV%2FcXebdUITbvDrRjpeVrqic%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6da1b76b5992839c-MXP
expires: max-age=A10368000, public

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 36ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b73f467f14fde85a67148bf528c58688dd3399da1ee8ad74f61378b78e7df54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OJuZzbCa9zd3CsbLl8PVDg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: GZEiNCAff0qrZb1q3mdH8S9DSqqPn1lnEUbGI8eWlQIyTVVWg4KOnc5kOvxzuDowNglorihPFTPuzMToPrn2Kg==
x-fb-trip-id: 686109401
x-fb-content-md5: efc09ee658eb2e5270f2e01e422cba12
x-frame-options: DENY
date: Tue, 08 Feb 2022 03:19:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6cbce205af3a5703c877311c6ba4685e"
timing-allow-origin: *
expires: Tue, 08 Feb 2022 03:29:54 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
20 KB 80ms
43ms Script
application/javascript 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5o4giKZAPqnRzjyog3edjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "c287f014806a9e4c693e7509987366ea"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-5o4giKZAPqnRzjyog3edjw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 08 Feb 2022 03:19:27 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 72ms
35ms Script
application/javascript 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f8d7d69ae71a4596a9b4256eed174158ad478d2a5f12b338a0cfeebb114c27b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NzXj8iag+RBs10m10OtvRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "e8ffbe621e1cdf6fd8ff881ebc9a3cd4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-NzXj8iag+RBs10m10OtvRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 08 Feb 2022 03:19:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 286 KB
103 KB 54ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1267587346827842&plah=www.signinsupport.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99fe30086fdc5554805288c95b886ec401536990a64bc42464296b264ecee589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105570
x-xss-protection: 0
server: cafe
etag: 5047939431591719432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 03:19:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220203/r20190131/ Frame 68E2 10 KB
5 KB 47ms
15ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Mon, 07 Feb 2022 15:43:34 GMT
expires: Mon, 21 Feb 2022 15:43:34 GMT
cache-control: public, max-age=1209600
age: 41753
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 170ms
42ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE8) /
Resource Hash: 1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 03:19:27 GMT
Content-Encoding: gzip
Age: 28
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 29179
x-tw-cdn: VZ
Last-Modified: Tue, 01 Feb 2022 20:03:56 GMT
Server: ECS (mil/6CE8)
Etag: "94840c3a0697481258cd2b28513e7509+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a2e91a490b279ced10aecadbd97866fd

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76cc9282bf7bf3268c86deded91b8de676a422e610f34425306db66ecc036171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.signinsupport.net/
Origin: https://www.signinsupport.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Re+ZPrFKXnPFooapAn1V2A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83541
x-fb-rlafr: 0
x-fb-debug: tfSx9NmsMY3HjV+yPVbXThJ41gVo625OqjXdPIbuDYriP1oqZGMgWva9V/tFqbeJDPXibLbw/gV+zRkA/tkI8Q==
x-fb-content-md5: ee319e40e0af9691ae04f54871d9bb39
x-frame-options: DENY
date: Tue, 08 Feb 2022 03:19:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "86f56818a5d20c5d7cf7cd5c054be4b2"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 08 Feb 2023 02:24:58 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 150 KB
51 KB 37ms
14ms Script
text/javascript 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 15:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52422
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Feb 2023 15:16:31 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
648 B 43ms
14ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.signinsupport.net&callback=_gfp_s_&client=ca-pub-1267587346827842

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1267587346827842&plah=www.signinsupport.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6125c9d503436ffd84ec8c3603a2fd5b165fac5f81c8d9db1597a2fb94aa9977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 42ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.signinsupport.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 47ms
19ms Script
application/javascript 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.signinsupport.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 03:19:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8605 14 KB
1 KB 105ms
86ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&adk=1812271804&adf=3025194257&lmt=1644290367&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.signinsupport.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367313&bpp=2&bdt=1145&idt=99&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4627009581156&frm=20&pv=2&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=111

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecca445b3af659fc8a06a728d3da20bcc45fe458b35bdf00d2829ad9e24c8b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 03:19:27 GMT
server: cafe
content-length: 1436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:27 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D58D 71 KB
28 KB 762ms
755ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1606c451ab494d6420f3bd5ef39e9fba6caae5d63ffb51c5243b018e42372c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 28904
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:28 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7DA9 88 KB
32 KB 531ms
531ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5d6fb84b4c3996973516172cfc182be11945bfb2be5d9c8134acc6c0d645c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 03:19:27 GMT
server: cafe
content-length: 32453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:27 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7D46 82 KB
31 KB 461ms
460ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=4087946692&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367319&bpp=1&bdt=1151&idt=141&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hTdBxRNBVN&p=https%3A//www.signinsupport.net&dtd=144

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a9d15111f890a45efc35716d1c6eb44278b358bcc7473bd8654c3aa9a76314a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 03:19:27 GMT
server: cafe
content-length: 31207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:27 GMT
cache-control: private

GET
H/1.1 200
OK widget_iframe.4e067713e19d4fff483536ddc4df18b9.html Show response
platform.twitter.com/widgets/ Frame 134C 319 KB
104 KB 45ms
45ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.signinsupport.net
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF0) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 277682
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Feb 2022 03:19:27 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Tue, 01 Feb 2022 20:00:09 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF0)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 134C 232 B
448 B 134ms
117ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0f468f16f2196961ddc234858f37fc2d1c79d4a0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fwww.signinsupport.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 08 Feb 2022 03:19:26 GMT
content-encoding: gzip
last-modified: Tue, 08 Feb 2022 03:19:27 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 02562f86d9c68d7c62d7a2e3a2e54733bb9485707980523f8dd3c0d2f3f3ca7a
content-length: 166

GET
H3 200 frontend.min.css
www.signinsupport.net/wp-content/plugins/icegram/assets/css/ 19 KB
3 KB 510ms
509ms Stylesheet
text/css 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-content/plugins/icegram/assets/css/frontend.min.css?var=1.10.26
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d8884bb3f73093e6d0d49afb2d4e3129c7f92f5f9b0b741d2dc61a75dff904

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 May 2019 20:19:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDXYaN%2FJE5pkvG9Z%2F2SfhfNmU0C2QVGFX9ma63gCrDojtdGatEL%2BYy%2B%2Fszu1SH7PB%2BuEvvdY9mL9zuzcG0AqzGjs2coUy5zqp7W%2Bym6S80q8dWk9h8mkwO%2F7356XWHeL6VBGkfnPcD6k3goVoz2HrTF62hk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76f8cc0839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 action-bar.min.css
www.signinsupport.net/wp-content/plugins/icegram/message-types/action-bar/themes/ 19 KB
3 KB 190ms
188ms Stylesheet
text/css 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-content/plugins/icegram/message-types/action-bar/themes/action-bar.min.css?var=1.10.26
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477fd2f3aab24ec2060d6afc6da9da97a0f8e083d60c2d4af67b5cd54350562f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 May 2019 20:19:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnTs1c9FqkHYglP4%2Bl4Bj%2F6SLl97JZMtqqpIjpyrs7FFvG0WgTf9O1eoyDlKzCGuoRnbQq6wNTQTM2cGGWNunkPc%2BqvD4AOmbPdPjE6KYdy2aGTngX92NnvRcIoXVDOiq1g85YGh7nqHV2RtsTeVgGiknqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76f8cc1839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 icegram.min.js Show response
www.signinsupport.net/wp-content/plugins/icegram/assets/js/ 45 KB
14 KB 664ms
663ms Script
application/javascript 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.signinsupport.net/wp-content/plugins/icegram/assets/js/icegram.min.js?var=1.10.26
Requested by: Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7302cfd62e3c4a826b268b3ced788b5f0417f4a09d130201c1c4bb0140dc247

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 14 May 2019 20:19:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkebjJUSDiJMAGJfKJmZYdc3C0NCywQbumWrmUpqp30CLQGyKh7ovVuUDlhBrMwJChtTH%2BRoHyHnrYNFZNigVc1NJb1Y7F6gi1oLEpu8vafnpE3eAAO8sZxDP%2FTueHBB%2BvDg9Lc5sKBAHC0BRTHruN4NSdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76f8cc2839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: max-age=A10368000, public

POST
H3 200 admin-ajax.php Show response
www.signinsupport.net/wp-admin/ 665 B
1 KB 299ms
298ms XHR
application/json 2a06:98c1:3121::
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.signinsupport.net/wp-admin/admin-ajax.php

Requested by

Host: www.signinsupport.net
URL: https://www.signinsupport.net/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121:: , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.6.40

Resource Hash

a2409ee483068e2d72fb0c22362ff76891b228d78e65022e0e66ba2481a783a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.signinsupport.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/5.6.40
x-litespeed-cache-control: no-cache
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
x-robots-tag: noindex
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7TSCG3ikE%2FqSGGdCDGtqhSqWdpFuep83c0yJtN3%2F8zaTD%2F7pcoPTz6SC%2Fb%2FsIOZFPrhN1yVR4i0S9uuhWwxBqrqb7sU5rOFRMpi7jrlXR01Dnfm8YvFrFykeM78jbFq%2Bbro3XG6vQ5bqBPnhtOuM5RZ1jQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.signinsupport.net
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-turbo-charged-by: LiteSpeed
cf-ray: 6da1b76f9cc4839c-MXP
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 13354645212532366300
tpc.googlesyndication.com/simgad/ Frame 7D46 85 KB
85 KB 69ms
25ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13354645212532366300?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn2O5VNvbHtwp-XfxopYf7nr5BWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=4087946692&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367319&bpp=1&bdt=1151&idt=141&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hTdBxRNBVN&p=https%3A//www.signinsupport.net&dtd=144

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:42:36 GMT
x-content-type-options: nosniff
age: 297412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87145
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 14:52:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Feb 2023 16:42:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame 7D46 19 KB
8 KB 54ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d131b602e0aae6d6376f9182bba1a12fae13a3708812306888f24c4f8391df52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1376
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 12177500945756559572
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:56:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame 7D46 2 KB
1 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1646
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:52:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D46 124 KB
38 KB 69ms
29ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 03:19:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame 7D46 14 KB
6 KB 52ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6201
x-xss-protection: 0
server: cafe
etag: 16063203490821389409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:46:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7D46 0
0 36ms
35ms Fetch
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cur-_P-EBYvfNHdvD7_UP28mG6ASWjuXeZ4zGs4bvDtvZHhABILy5ki9gleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBNoBT9DINW5MUHNLbshnjD_juLWARLBqYBWdhOkxzw9sbkERFM-zH-qIYXA44B2_oukMUwT7DF8DRejGYAI3x65cn-0UP9qIfcF3j2xJgYhZRJyZcm2ZrH4ewFXiyxBVZa-xRdGertPDnPdHfEYm6zgb5obgwZSUcoPXzYhemB6Klcapa-W-hody_HnHeAJFetZnptflzQ8o811VFV1xXST1dBV3GKywhNfyYKjG959qx-hpZZLZYAWH2at-LQ1bm4x6fK43u1k_EZr-hbHZ3i88MPV306FLoBnzkI7ABLHsyp32A5IFBAgEGAGSBQQIBRgEoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJiFIdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjY3NTg3MzQ2ODI3ODQyGAA&sigh=pELovuGn2cs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=4087946692&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367319&bpp=1&bdt=1151&idt=141&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hTdBxRNBVN&p=https%3A//www.signinsupport.net&dtd=144
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 08 Feb 2022 03:19:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Feb 2022 03:19:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame 7D46 27 KB
11 KB 51ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59de64323ab5ba442cf41959d2ba1ed8ce18b7fe44467097a9af277f3625697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11448
x-xss-protection: 0
server: cafe
etag: 7248745701340543915
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 15:53:20 GMT

GET
H2 200 937517ce246db924b6fee068201e50b5.js Show response
www.gstatic.com/mysidia/ Frame 7DA9 8 KB
4 KB 48ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/937517ce246db924b6fee068201e50b5.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15844650823a223e0043bf4d88157ffd303435465ac54c59f2f820f5f4b10f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3405
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 May 2022 16:38:18 GMT

GET
H2 200 3d135d05641c0462fcff65bff56a400c.js Show response
www.gstatic.com/mysidia/ Frame 7DA9 8 KB
3 KB 47ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d135d05641c0462fcff65bff56a400c.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90e568960c3ad12e37bef426a5e86ab47529a4a35ac29038102a7fb5c85ce665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3408
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 May 2022 16:38:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7DA9 8 KB
888 B 49ms
26ms Stylesheet
text/css 2a00:1450:400e:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 01:21:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Feb 2022 03:19:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Feb 2022 03:19:28 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame 7DA9 1 KB
875 B 28ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 01:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 01:40:12 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame 7DA9 19 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d131b602e0aae6d6376f9182bba1a12fae13a3708812306888f24c4f8391df52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 12177500945756559572
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:56:31 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame 7DA9 2 KB
1 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:52:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DA9 124 KB
38 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 03:19:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame 7DA9 14 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6201
x-xss-protection: 0
server: cafe
etag: 16063203490821389409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:46:06 GMT

GET
H3 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 7DA9 27 KB
11 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 384070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 04 May 2022 16:38:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4431 143 B
163 B 21ms
19ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=4087946692&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367319&bpp=1&bdt=1151&idt=141&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=hTdBxRNBVN&p=https%3A//www.signinsupport.net&dtd=144

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 08 Feb 2022 03:14:38 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7D46 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ea4866de2c7dc3b77f3a58dea6573eb1427baac3f3a298025e0e9378c5a193

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7DA9 0
0 29ms
27ms Fetch
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgTb3P-EBYsTGHKfC7_UPo4aA8Azrge-TZamooM_fCfiauMSLDhABILy5ki9gleKQgqAHoAH4gf6cA8gBAakC3rOy4wwosz6oAwHIA8sEqgTbAU_QeMvum-j-jLaZi_bIzkRhxIJjw9FW8eOkvlmWLiJTLuPgXm6at_Fb_iW3ZsAdubuSu98nfJhPV18NI1oDpax_AhgHcZ6IhU9aEiTTWm_m-HXMHvMLIo8hPt_I44bdup_MX65vUgjQDbOVfaRfVk8clbqLFjTfmWuVDMyzDoB7kzn33W92N_paFhD_sxUYnT5hQLdTy7jQ1QGghVhlrNM6plgcuo6BjL2nknky9hT5gCIg3Xr8YSQzoMxOJD3epW9niQRj3HtM02FS-V0UT5w5pBOcbS7lv9UR38AE0YX0sJUCkgUECAQYAZIFBAgFGASAB6PUsHioB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCRjyvSCAkIgOGAEBABGB-ACgHICwHYEwyIFAHQFQGAFwGyFxwKGggAEhRwdWItMTI2NzU4NzM0NjgyNzg0MhgA&sigh=3lWckdIoFqQ&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 08 Feb 2022 03:19:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 36AF 143 B
163 B 15ms
15ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 08 Feb 2022 03:14:38 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7DA9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1d3e0dd8f561b6b20964a1b102ed0612ff625e9cb131fe8b26ceaafea23247a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 4431
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
40ms

Document
text/html

2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 7DA9 28 KB
28 KB 29ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 14:39:40 GMT
x-content-type-options: nosniff
age: 477588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28196
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 17:53:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 14:39:40 GMT

GET
H3 200 p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2886 36 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13808
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 21:00:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 36AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
46ms

Document
text/html

2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 13354645212532366300
tpc.googlesyndication.com/simgad/ Frame D58D 85 KB
85 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13354645212532366300?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn2O5VNvbHtwp-XfxopYf7nr5BWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:42:36 GMT
x-content-type-options: nosniff
age: 297412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87145
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 14:52:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Feb 2023 16:42:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/ Frame D58D 19 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d131b602e0aae6d6376f9182bba1a12fae13a3708812306888f24c4f8391df52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 12177500945756559572
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:56:31 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame D58D 2 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:52:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:52:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D58D 124 KB
38 KB 38ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644237382599929"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 03:19:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame D58D 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 02:46:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6201
x-xss-protection: 0
server: cafe
etag: 16063203490821389409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Feb 2022 02:46:06 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/ Frame D58D 27 KB
11 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220203/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59de64323ab5ba442cf41959d2ba1ed8ce18b7fe44467097a9af277f3625697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:53:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41168
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11448
x-xss-protection: 0
server: cafe
etag: 7248745701340543915
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 15:53:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D58D 0
0 33ms
33ms Fetch
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2udbP-EBYoalHNiI7_UPzaKt6AWWjuXeZ7y7s4bvDtvZHhABILy5ki9gleKQgqAHoAGcr_uoAsgBAqgDAcgDyQSqBNoBT9DQy16fMpp6iTQHRCK8KFwLRPIKvstsNyYp-0y-mwD0IQkalnRkKPhldoUKPq_4yWnqAh5CMxpYWITn1Ddd2BFTM04qTxvAad1KOClHt4Felult9cuf_DBgscFLGETk1XCreJHQLV1CYUnkQ0nKq_Iubd9jVNndMqIqfM6PBYMmE7di8wVf6ZMVlEjf-r5xd2p9IA92pbmaLUJtt4GoYfksuYw_FkcikPgCnq3-i8LDV1wRPDdY7UWKVUx0g-I1IGFZilUN4Vu_gitVNrwCZ0SGlISu3JtEShLABInsyp32A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfM0ITXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENmyGtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMjY3NTg3MzQ2ODI3ODQyGAA&sigh=bs8IBK0VKAA&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 08 Feb 2022 03:19:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E5D3 143 B
163 B 24ms
24ms Document
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 08 Feb 2022 03:14:38 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js Show response
pagead2.googlesyndication.com/bg/ Frame CF53 36 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=3090123619&adf=18295674&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367318&bpp=1&bdt=1151&idt=124&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C725x280&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=677&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Zv9LdwZ4xO&p=https%3A//www.signinsupport.net&dtd=130

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13808
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 21:00:43 GMT

GET
DATA 200
OK truncated
/ Frame D58D 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288770e994113a1cf1338b65e70a2a329a3614a2da6aefb13ce01787c292bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E5D3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

38ms
37ms

Document
text/html

2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Feb 2022 03:19:28 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Feb 2022 03:19:28 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8945 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1267587346827842&output=html&h=280&slotname=9628952633&adk=2425041823&adf=358219808&pi=t.ma~as.9628952633&w=725&fwrn=4&fwrnh=100&lmt=1644290367&rafmt=1&psa=0&format=725x280&url=https%3A%2F%2Fwww.signinsupport.net%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644290367315&bpp=3&bdt=1147&idt=114&shv=r20220203&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4627009581156&frm=20&pv=1&ga_vid=1076215638.1644290367&ga_sid=1644290367&ga_hid=925668393&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=161&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398&oid=2&pvsid=2242555168486994&pem=988&tmod=598149516&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aVZtdjO5XN&p=https%3A//www.signinsupport.net&dtd=121

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13808
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 21:00:43 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 42ms
27ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220203&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4735659351730c178cb5c64a24f3ed49a068b84bb7e5f56a9d3804a0d18eef82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9925
x-xss-protection: 0

GET
H2 200 sprite_close_02_white_48.png
www.icegram.com/gallery/wp-content/uploads/2017/07/ 16 KB
16 KB 94ms
13ms Image
image/png 23.88.35.13
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.icegram.com/gallery/wp-content/uploads/2017/07/sprite_close_02_white_48.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.35.13 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.13.35.88.23.clients.your-server.de
Software: nginx /
Resource Hash: 8864cb0ec0fa908c3e6a15c5a5718e126f8520bcd28335f864af56b8de3289c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:21:17 GMT
last-modified: Wed, 15 Nov 2017 06:57:50 GMT
server: nginx
etag: "5a0be56e-3e6b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public, no-transform
accept-ranges: bytes
content-length: 15979
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 141ms
141ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 03:19:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B02F 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 00:39:35 GMT
expires: Wed, 08 Feb 2023 00:39:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 974D 783 B
533 B 20ms
20ms Document
text/html 2a00:1450:400e:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1bebb318f5e89c60431af714aaaa08e3b2482900163e62757772fb5177ad89af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EEKZk+OaoviIL5MgSsrhFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Feb 2022 03:19:28 GMT
date: Tue, 08 Feb 2022 03:19:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-EEKZk+OaoviIL5MgSsrhFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js Show response
pagead2.googlesyndication.com/bg/ Frame B02F 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/p5pfDMP4zN8jVfivP4NR4mykoq9SVPpSA9fyNGtv4o4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13808
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 07 Feb 2023 21:00:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 974D 0
0 30ms
30ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220203&jk=2242555168486994&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B02F 0
9 B 9ms
9ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3h1F7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 03:19:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220203&jk=2242555168486994&bg=!R0SlRADNAAa4sGsQuLA7ACkAdvg8WuYaj9AULdVM6NIuTap9WHZM9XjR36ZvUT33r0M31aGxQ_g2DwIAAABXUgAAAAJoAQcKALvgoyJLOeyfm_xw8OCHB_C_2gv2-fHxvWUY_aLyMBUZL5KHukN_GeYYABWax3XKoUpRR3cdR-4_Nb3VArWlfcE3V4I-1tFvNweUX5_oZOhGgGWUeBa9PJ0LNeRBmE9oB6FWTB7yb7bgaJd3ag7zLaZ_jDJd0xa6yMeXJZnYCAdZxmb74Rk_CAANal291T9SwoT7oH8qFji-rxCD1sF0DRfYgDrIaQ9PeN_Qj10KhZqTpl-spPotNqn1Sy9PmQLAn8WGnjvK2K2dKi4o8KDeY92F24r1fLWSw3S3KqGbiOv1MjCXxaC8m_iIKyQ66Ia8KnYim7-gVI0j5cAe1mvWeJeQ3OPyiLbRrhDvRRbuPIWFZLclE7TirS00xwIjslQ1B4HmTBVzWTi9CQmXPxQJACBeIVJOMc7kk5is9YP282suwtqf6QfK1lyf02zZII3u4GfolH354PTA-E7ckcjQgIqrt8jKIRxIN-jg8VcGUZ4FPgmfj7sZ3j94IvtX7ZaoDksHTe_vLRiXSXh5_Z7DdU8V3Pp0y_81QK_RPBbf5ABqMW8xMOHMhhSN-n2Is4zbmHrNT_wkVxXVGEdbv9oewCJblLcCUCnLgReSVEaOdtMD33dW3HddbJdV3onu7cm6Tf9rxUNhvsmoJyu2rs68Lm1I2gS1WmuyG0boF2yA8K4RipEZQcdbuCE_cHQuCQzomgHphjoh949gsU4n8ZrvOhZI49dWZ4MfO6vWYIueQxYE_Hy1jabraUURAKGzzaY5OsAh6e9h3sqTUKNvU2L2nyEQLvXDR_NsYIP3dqO0JZlbPHYmsZzFujj9maZ4cEiTGVx_iSOP9vNKttPFqTvd1it1uFpxjUibX69CPiv9ju-C9m-322Fb8V4lf8sD8p3BdJY_C9yRdcvBaXRnuIS4tHmwAvvu3lfBQRGBTfmRBpYrHoBJh6A2nMQ_jjNOmwARmb45SD_xOejNpxK5-WQL0Lbo5povhr-P56wK2g4iCQ8YX-thJdKMKfmTO2m10UUyR62lT1sHUa2C6rb_jWhl--ruGwlw7ba02tbFajeQBXkFd_Fag34zosL_hTFU4l8L_9LjRVTeKI_c8BF7aMH5r2lrhMNDllrU58M5dTIlFUP279O6aZfKJM0ZI2FZgI8K5Tc2kB_l3tC4taqQZ0XWrtiQcvYQHBk_Gs5osUu0bHs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.signinsupport.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 03:19:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DA9 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaM5sZvN0gSA16HmPL8WjyF6pe0DpDWZOaxtZRq_U5DkG5AVnKd-LGgVf5BI-pstSbNQm6S6GHsdywOc-SH6LTxry6TIojksrhAT2qP9OjeQ5WEX-J7Q&sai=AMfl-YQI5sL2rSfkg_abW_l5uWN0aZ-JFv9Fw3taEHaKJ3Un5s8ZfYsBR5sK-MFFUBplW4FGvlPLH9nT90zk&sig=Cg0ArKJSzFGR9ryFuLB8EAE&id=lidar2&mcvt=1000&p=0,0,280,725&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3090123619&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644290367449&rpt=867&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 03:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D58D 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8OwcmTnUQa_vn0-ptJ0LmlFO_YjQtYDYagf79magYjcS4egqkpXkH74Dt07rw4nAlEhWCxgsfYY2hodX98eQxUL9oPn34HTK5QBWOLijrJuTBbF9dvA&sai=AMfl-YQoNmt3ejLt0KPyR0t3kieDqm9-PHuV-EDEd5Jjo6yZFlUp5Gci1iCd3quDzXboanCCxDJxt9r5iuiO&sig=Cg0ArKJSzMnPL2-jsLfzEAE&id=lidar2&mcvt=1000&p=0,0,187,725&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2425041823&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644290367437&rpt=932&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 03:19:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:08:21	Name: NID Value: 511=lIs9AdvzH_Oc7AQ6GtgS-_EqoaEfKs4Dv_tH6Z7Y1eNqqAijlB7xYrYPVnfz_SVLQe1AxaD2Qr5NxlKaAvfuHn3oauqB4cOuZGEGRjotbVeFsOE98cDtOnDRiNmdKiRKNW3gCc1tqiZqzbZzFn3PMt_lF37OM1bT6Rjxv9UuEQo
.signinsupport.net/	1970-01-20 10:06:26	Name: __gads Value: ID=c7574cfc2170cd86-22cc9af536cd0028:T=1644290367:RT=1644290367:S=ALNI_MYi0ymjdpoqXpj2XiFUhriCuRzn9w
.doubleclick.net/	1970-01-20 10:06:26	Name: IDE Value: AHWqTUk9qsGWjf3XjSE3byUV8zOIRB2ZZ4Fq3v0tiV1YZkguyNUGRoUMc8cpnLpdADE
.doubleclick.net/	1970-01-20 00:44:53	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apis.google.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
platform.linkedin.com
platform.twitter.com
secure.gravatar.com
signinsupport.net
syndication.twitter.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.icegram.com
www.signinsupport.net
104.244.42.200
142.250.184.226
23.88.35.13
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:808::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400e:80e::2004
2a00:1450:400e:810::2002
2a00:1450:400e:810::200e
2a00:1450:400e:811::2002
2a00:1450:400e:811::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a04:fa87:fffe::c000:4902
2a06:98c1:3121::
0243d61ce86c672bb13744b9572ab45c1131e62f4f02ad2e1a1df54f02f2b1f2
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2
0dce5940cfbb1995ffa0933df7bdd96af2b9bfff5f4ae12dc1641ad0ce920019
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1606c451ab494d6420f3bd5ef39e9fba6caae5d63ffb51c5243b018e42372c05
1652bc4a1ab4701912ff8832e7e58e3074e1fba1eaf53c43b3a3eb92243ec1cf
171397b80022f168090cd0b31844425970fa4991b80d41b5cb1bf2728d17eb2a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9d15111f890a45efc35716d1c6eb44278b358bcc7473bd8654c3aa9a76314a
1bebb318f5e89c60431af714aaaa08e3b2482900163e62757772fb5177ad89af
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
32ee07d3e03cb425623d6da6f6eb30bc2da1e42fc8f656a6425cff093741b015
346e99d556beec3b768737581ac2b2d0823eb6e6a275c39070c843c695d63dc6
3c1b2d4401e525c7a190040677c73860df99410aa11d07f34f8e29ea07e367ba
3c43f5055b995db8add41a4de726e6fe4b10f811247215ba902c12f86e7f6383
3f8d7d69ae71a4596a9b4256eed174158ad478d2a5f12b338a0cfeebb114c27b
42022489d1499bf7e03f403c35808b80ef2a8c06c5e57ad7fa3404f76f6be22a
4257cd24996df1ebf964b3e6f07bc91554f565c2d3a8e0ad91e1af63865463ff
42ea4866de2c7dc3b77f3a58dea6573eb1427baac3f3a298025e0e9378c5a193
4735659351730c178cb5c64a24f3ed49a068b84bb7e5f56a9d3804a0d18eef82
477fd2f3aab24ec2060d6afc6da9da97a0f8e083d60c2d4af67b5cd54350562f
4c1154517cd40cfae15d6b81872f81d017b17bad00fb9a7b33262ba4be237949
524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6125c9d503436ffd84ec8c3603a2fd5b165fac5f81c8d9db1597a2fb94aa9977
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
6b598958eccff91e50b3f1d35a8193f70e72c2b327abb8fc46b17c46c483cce9
70ee73344c22fd43879470a765e18eaff6766ea2337a2cdf6bc246fb328747e5
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
76cc9282bf7bf3268c86deded91b8de676a422e610f34425306db66ecc036171
7b15844650823a223e0043bf4d88157ffd303435465ac54c59f2f820f5f4b10f
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
81cfd348c73fc29458213c0f67e0d677ed2fc17704501e45b7723fb18eac8607
8864cb0ec0fa908c3e6a15c5a5718e126f8520bcd28335f864af56b8de3289c2
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
90e568960c3ad12e37bef426a5e86ab47529a4a35ac29038102a7fb5c85ce665
92d8884bb3f73093e6d0d49afb2d4e3129c7f92f5f9b0b741d2dc61a75dff904
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
99fe30086fdc5554805288c95b886ec401536990a64bc42464296b264ecee589
a1d3e0dd8f561b6b20964a1b102ed0612ff625e9cb131fe8b26ceaafea23247a
a2409ee483068e2d72fb0c22362ff76891b228d78e65022e0e66ba2481a783a9
a288770e994113a1cf1338b65e70a2a329a3614a2da6aefb13ce01787c292bf8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a79a5f0cc3f8ccdf2355f8af3f8351e26ca4a2af5254fa5203d7f2346b6fe28e
aee7369e2fbce98abcdd369c0c5447f676246721a2c69a9be4ad4efce89e1fa3
b59de64323ab5ba442cf41959d2ba1ed8ce18b7fe44467097a9af277f3625697
b73f467f14fde85a67148bf528c58688dd3399da1ee8ad74f61378b78e7df54c
b9389cb6583f0d743318d61d4f74c3029eb5d8ed7e96b04712ebadfb2c3ad850
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cecd27ce9737114e23fa8dda3be3041f7c36cdafd31822d2e5bae793669bd13f
d131b602e0aae6d6376f9182bba1a12fae13a3708812306888f24c4f8391df52
da2017c6a029fdffe11c8445fd468e878b83df7c4c888ee8ddec37ca095981bb
e3a773bfb187cd413455ff3a4cad1d7f7add6e21eb5305393bbc784d3e70cb56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecca445b3af659fc8a06a728d3da20bcc45fe458b35bdf00d2829ad9e24c8b7c
eddf601477ceb1f22bcfa7207547daf7729d81253dfd36c8c79eb6ec8a71a73d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d6fb84b4c3996973516172cfc182be11945bfb2be5d9c8134acc6c0d645c3d
f7302cfd62e3c4a826b268b3ced788b5f0417f4a09d130201c1c4bb0140dc247
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

www.signinsupport.net Open in urlscan Pro 2a06:98c1:3121:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

100 %HTTPS

84 %IPv6

14 Domains

20 Subdomains

20 IPs

3 Countries

1621 kBTransfer

3897 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.signinsupport.net Open in urlscan Pro
2a06:98c1:3121:: Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

100 %
HTTPS

84 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

1621 kB
Transfer

3897 kB
Size

4
Cookies

89 HTTP transactions
3 data transactions