discordlogin.com Open in urlscan Pro
23.111.167.173 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://discordlogin.com/
Effective URL:
https://discordlogin.com/
Submission: On December 06 via api (December 6th 2023, 1:07:33 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 23 IPs in 8 countries across 24 domains to perform 122 HTTP transactions. The main IP is 23.111.167.173, located in Tampa, United States and belongs to HVC-AS, US. The main domain is discordlogin.com.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time discordlogin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	23.111.167.173 23.111.167.173	29802 (HVC-AS) (HVC-AS)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4 11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 16	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3 3	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
2 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.157.159.187 35.157.159.187	16509 (AMAZON-02) (AMAZON-02)
2 4	2.19.217.101 2.19.217.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	52.29.184.165 52.29.184.165	16509 (AMAZON-02) (AMAZON-02)
122	23

11 23.111.167.173 (Tampa, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: pebble.vhostplatform.com

discordlogin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.206.34 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.173 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.159.187 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-159-187.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.217.101 (Prague, Czech Republic) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.184.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-184-165.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	491 KB
27	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	257 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	211 KB
11	discordlogin.com 1 redirects discordlogin.com	373 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
8	google.com mts0.google.com — Cisco Umbrella Rank: 4606 www.google.com — Cisco Umbrella Rank: 2	559 B
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	6 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	903 B
3	ctnsnet.com 3 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com	869 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 714	774 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	844 B
2	w.org s.w.org — Cisco Umbrella Rank: 3043	2 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	714 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 686	732 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	463 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 711	98 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
122	24

	Domain	Requested by
25	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
16	cm.g.doubleclick.net	3 redirects discordlogin.com googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	discordlogin.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com
11	discordlogin.com	1 redirects discordlogin.com
8	www.googleadservices.com	discordlogin.com googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	sync.teads.tv	2 redirects
4	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	mts0.google.com	googleads.g.doubleclick.net
3	ipac.ctnsnet.com	3 redirects
2	onetag-sys.com	2 redirects
2	c1.adform.net	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	sync-tm.everesttech.net	2 redirects
2	s.w.org	discordlogin.com
1	x.bidswitch.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	d.agkn.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
122	30

This site contains links to these domains. Also see Links.

Domain
fornite
safari
generatepress.com

Subject Issuer	Validity	Valid
discordlogin.com R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://discordlogin.com/
Frame ID: CB8B1087D46D8B3059182A2181167CE2
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/zrt_lookup_fy2021.html
Frame ID: AE42127F495A8338F7F61374AB69AEA8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&adk=1812271804&adf=3025194257&lmt=1701868048&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868048631&bpp=25&bdt=128&idt=243&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3065351757635&frm=20&pv=2&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=265
Frame ID: 0CE461E85132EB2B617BB47018ACB943
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701868048&rafmt=1&to=qs&pwprc=1064844143&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868048656&bpp=2&bdt=153&idt=247&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Frame ID: C7DEB9C6BD453A776C31F05CDB8D8D3B
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 38B8E29A7D80002E992B1BBE900C89B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: B104FEFB12B4426BBF21324C9440E52C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19
Frame ID: FA3FE3B4BDF2DAC558230F092DA8B70B
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Frame ID: 6694079BCDC1B00EE88395C84FBDEBBC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F6A2F279D9D5CC2FA5A0A1FF47D989D7
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 258102B065152DD2C0E9391D595DD43B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 0251E83558B530F4C0144F30DB76F62D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DDBDB294D45A5BAA9B5FD71DD4E18BA5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: FA3D361A2A4E9EF8FB28C01C228A8115
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A2A80E1C6CF68D3353EA04DC438C4B87
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 918602BCE2D47C54299DC93A0B7E7A91
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 85F8F11190742586C65F777D0A80ACEB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: A86874F8E1BCA9D9452965F888FAFE31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AC737A42A6C3AD4D672F40E0338E0C06
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C2681C8786D7EB6EEE178EC256FA7C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Discord Login – Sign In, Sign Up, Nitro, Themes, Servers, Bots, Commands, Browser, Support

Page URL History Show full URLs

http://discordlogin.com/ HTTP 301
https://discordlogin.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

122
Requests

85 %
HTTPS

43 %
IPv6

24
Domains

30
Subdomains

23
IPs

8
Countries

1663 kB
Transfer

4187 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://fornite/
Title: quienterius

Search URL Search Domain Scan URL

URL: http://safari/
Title: ᴄᴀᴛᴛ

Search URL Search Domain Scan URL

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://discordlogin.com/ HTTP 301
https://discordlogin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/adview?ai=CNps4EXJwZdfqA_aXpt8P_Mag6A7t356IdMvCn4qNEoqc3cjBARABIJyL1ihglaqUgqAHoAGQ6_ieAcgBCakCzohQprAZsj6oAwHIA8sEqgToAU_QOPDEtnK2GwEtoh8y31wgI7_ova9mfYpXG_XI5sRNPc07DP7GxtT3HBdiymdHUihnErGuaqrmzCYEa31XB8b7o0ulJxliP6F4lZkjoi2x5GYEObDbeD3OHVL5ewGUdzmsH-4xyTz_lkVRH-GWSiLbYx68du-S9QLe2zj4UL6yIFiyruynPSF5NQKIHU8NF3Ww7PFyaIZonC11Rg8uVF2d7zooy1LQRIfmDfZwnxVZBn085ImtrpgzSE53lHSo0CER1GVBwrJetC0zgsFfC536d15LnII64CmhKA6kKfkP8Eezwmqc3CDABNyI_tSwBIgFpfzL-TOSBQQIBBgBkgUECAUYBKAGLoAH2JSH4QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCVyUnSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPKhi8Tw-oIDmgmFAWh0dHBzOi8vYnVzaW5lc3MuZ29vZ2xlLmNvbS92L3NlaWRlbmhhdXQta29zbWV0aWtzdHVkaW8vMDE2NDI4Mjc1NDc3NTYzMDk5Njc5Lzg5YTMvXz9jYWlkPTEzOTQ1MjA4MzU3JmFnaWQ9MTUwNTAyMDgxNjI4JmdjbGlkPXtnY2xpZH2ACgHICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQK4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTg1ODQ5MTUzOTQyMzIzMjQYAA&sigh=2-U5VddVIFo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNOUk23MpyFwIzsddoweaVSRFbHGKtVa6trnilOTlqISFfmKN9ydxvoVTIVxrY1kSjAU9viwC4O75KgmK5XPOVA6yd4HvFsm4AuUAYAQ&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215007895170025026119%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225238685590509624449%22}&andc=true

Request Chain 68

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_cver=1&google_push=AXcoOmQXn7jO8nSut3GtQMFBglrIFW1n3E82itVHiOv39m15jImhb83IDDozuSf7Ox0MpeuDykmpc2kp8HL4oBfyjTS1TbdrVeCU7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_push=AXcoOmQXn7jO8nSut3GtQMFBglrIFW1n3E82itVHiOv39m15jImhb83IDDozuSf7Ox0MpeuDykmpc2kp8HL4oBfyjTS1TbdrVeCU7g

Request Chain 69

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECR7R2Lv8MfZjfnjm5gGtNY&google_cver=1&google_push=AXcoOmSodr166bBDUWqjXGbIsDj_MrKHXgTqHAp8TNIkTj_CVOC57PsrOSC4LGuFGBmJY6v4wGpLjZmclIwXSFn9TaZ-YKNP60iP8SE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSodr166bBDUWqjXGbIsDj_MrKHXgTqHAp8TNIkTj_CVOC57PsrOSC4LGuFGBmJY6v4wGpLjZmclIwXSFn9TaZ-YKNP60iP8SE&google_hm=cjlwFfrvSae4cGOCfi_EcMY

Request Chain 72

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHWBNfmv4NLv4RTmgutHdjM&google_cver=1&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1EJKXh5C5ix-9EpZJV9Xj74dZQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHWBNfmv4NLv4RTmgutHdjM&google_cver=1&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1EJKXh5C5ix-9EpZJV9Xj74dZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMxMjc1OTY3MzI1NTgwOTA5NQ&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1EJKXh5C5ix-9EpZJV9Xj74dZQ

Request Chain 73

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHdR4UmqLHv4-CmK2tpF1T8&google_cver=1&google_push=AXcoOmQxtG9DyfrmRReAtzOTVbZwQqwE7jgdOTZNI2Du3tDKR_izjZVUa9s-Q5-ZDTN8biEE8hcq0Boy35l7Iq8U3LMgMzLo9PZO4A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxtG9DyfrmRReAtzOTVbZwQqwE7jgdOTZNI2Du3tDKR_izjZVUa9s-Q5-ZDTN8biEE8hcq0Boy35l7Iq8U3LMgMzLo9PZO4A

Request Chain 76

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq5ebE3JwZdSECteqpt8Pir69sA7t356IdMvCn4qNEoqc3cjBARABIJyL1ihglaqUgqAHoAGQ6_ieAcgBCakCzohQprAZsj6oAwHIA8uEgIAEqgToAU_QCQXnE6wue_Kit38PH1nchIxEozNGxWWR2ag7v7vDUDB9pUU7enW0TEzIxq4sKgiPJK9u7B7niy_LsRtbuCFQVbkO98gdfgjejRdHNZNOtOQa9HJw3rE5hzRLXa3nBQCG3b06N_6sJLCLyDCIQtfmp-B1bl6WBoNxVpSzArabOJzZcnnYHcmr6u17V_-CNw8eg2kcyo8A2hef8rUYMBwnS5dlhck5SBlnfH8xppY_lE2J0m52dHJJoctg_oiHPAoFISNBZhw12jwRIOQhw10Rva6LFju4oATvuqubcvWUKGQ1_hYAsFrABNyI_tSwBIgFpfzL-TOSBQQIBBgBkgUECAUYBKAGLoAH2JSH4QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDg2hvSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WM-4i8Xw-oIDmgmFAWh0dHBzOi8vYnVzaW5lc3MuZ29vZ2xlLmNvbS92L3NlaWRlbmhhdXQta29zbWV0aWtzdHVkaW8vMDE2NDI4Mjc1NDc3NTYzMDk5Njc5Lzg5YTMvXz9jYWlkPTEzOTQ1MjA4MzU3JmFnaWQ9MTUwNTAyMDgxNjI4JmdjbGlkPXtnY2xpZH2ACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi04NTg0OTE1Mzk0MjMyMzI0GAA&sigh=1-a1kgXQH1U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNLyMiJZp5x4z8n8CkdxTtYs7AJDE6NKF4pballHF-S5HZUqz1AZODZgf5fsqSCX_P_cXPLeFRGhgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210804838895952834337%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229881675600775992273%22}&andc=true

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=CwMNkE3JwZZibC8qPpt8P0bSj2Ant356IdMvCn4qNEoqc3cjBARABIJyL1ihglaqUgqAHoAGQ6_ieAcgBCakCzohQprAZsj6oAwHIA8uEgIAEqgToAU_Qm7Fhj__2oL72pxiRd1LkKCDa1kJjNuXmaB2OiKikCinbIaospuVvElIxsH1EKAhoApH0TIZHucP1kb4gbWuuNsnfOypWs-lAc2N4UEDG90JajvsOpSh04YjQQo6UVsWH-doIHuG6deaXZwZCg9OXAnteH14ywNLhAhIRMMN0-_ahXGq4xsrnBr4F0PwNtfk4jElNckxbTqKQ8o1eRi6MkK9IX7DbJ1YNNgVcvqc58DtsJIVDL8TWoZ6ophU6u-l-jMu5swTfKMcVrG9DIDIOaUcJ43c7q60sweM4Nb2T8-ajkvoj8-vABNyI_tSwBIgFpfzL-TOSBQQIBBgBkgUECAUYBKAGLoAH2JSH4QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBD1hQvSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WNCojMXw-oIDmgmFAWh0dHBzOi8vYnVzaW5lc3MuZ29vZ2xlLmNvbS92L3NlaWRlbmhhdXQta29zbWV0aWtzdHVkaW8vMDE2NDI4Mjc1NDc3NTYzMDk5Njc5Lzg5YTMvXz9jYWlkPTEzOTQ1MjA4MzU3JmFnaWQ9MTUwNTAyMDgxNjI4JmdjbGlkPXtnY2xpZH2ACgHICwGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECuBOIBNgTCtAVAYAXAbIXHAoaCAASFHB1Yi04NTg0OTE1Mzk0MjMyMzI0GAA&sigh=OF5k8b7dJqc&uach_m=%5BUACH%5D&ase=2&cid=CAQSPADICaaNNXfwXXZpIgGLgbtZgWjNM_Xrx99RzrmDprFh4nqZ5W0d32MH0VmVrLxkV82rivXjP9EC4e12uxgB&template_id=520&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22922382026038017744%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221946470124449588833%22}&andc=true

Request Chain 103

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM3fg937l19CoqxSEJoVyWE&google_cver=1&google_push=AXcoOmRBhBBmLaLDLUkZlZbwhhKGsi_bupyU1ne3ksm3O1vrL76F_ZNG4gPg5moljeSkcitjlgZ0g4EztptbbpSpoGz-jUYvtmxplzs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI2NjAxNzQxNzE4OTU5ODk2Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM3fg937l19CoqxSEJoVyWE&google_cver=1

Request Chain 105

https://a.tribalfusion.com/i.match?p=b6&u=CAESEACexO_gshZn8zJVvhI19us&google_cver=1&google_push=AXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACexO_gshZn8zJVvhI19us&google_cver=1&google_push=AXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 106

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECR7R2Lv8MfZjfnjm5gGtNY&google_cver=1&google_push=AXcoOmSCgefNjWfSrrGjFXdrxaqd72ZbOuECsDlUnW6280fzdUB1qQnll2FiKZNRyATp5uSRMQejmuE4l-5EZ5oBOGT-xwlAF4nI2-s HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSCgefNjWfSrrGjFXdrxaqd72ZbOuECsDlUnW6280fzdUB1qQnll2FiKZNRyATp5uSRMQejmuE4l-5EZ5oBOGT-xwlAF4nI2-s&google_hm=cjlwFfrvSae4cGOCfi_EcMY

Request Chain 107

https://d.agkn.com/pixel/2175/?google_gid=CAESEC32kg6gRuIMCxnkv7Bjq04&google_cver=1&google_push=AXcoOmRa0kMuK9JY-SCYnVhyK_xoevkncxWHKYaaaNM56_dLUs8NF8QjoeYR9w-YeY2YSchqf2YNkzCCGh1rjuy8laOdymAKNNMzstY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRa0kMuK9JY-SCYnVhyK_xoevkncxWHKYaaaNM56_dLUs8NF8QjoeYR9w-YeY2YSchqf2YNkzCCGh1rjuy8laOdymAKNNMzstY&google_hm=Q0FFU0VDMzJrZzZnUnVJTUN4bmt2N0JqcTA0

Request Chain 108

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHdR4UmqLHv4-CmK2tpF1T8&google_cver=1&google_push=AXcoOmQNSgbkXCRImhQgWIc5FT-up7rUORK33v3S5S64ecTXHEwBlUllk0IX6V17VeIina6YeRZ6-HnBRVF6-kOiddBuHto4NVPlkLM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNSgbkXCRImhQgWIc5FT-up7rUORK33v3S5S64ecTXHEwBlUllk0IX6V17VeIina6YeRZ6-HnBRVF6-kOiddBuHto4NVPlkLM

Request Chain 109

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENO4ehzVqBSgb6yBgp3kL2I&google_cver=1&google_push=AXcoOmRndgMrvCt7MpVMpwI9Xn3XZqS6fAGsKBQhrpwlD0eF4gRcfWBbE7Eyd83VuxXrItoXqsmGIwHC8K9XFc4Ou2eOYKLORSHFj4zZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRndgMrvCt7MpVMpwI9Xn3XZqS6fAGsKBQhrpwlD0eF4gRcfWBbE7Eyd83VuxXrItoXqsmGIwHC8K9XFc4Ou2eOYKLORSHFj4zZ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 118

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfv5HE3JwZcqZC4Kn9wWFtY64B-3fnoh0y8Kfio0SipzdyMEBEAEgnIvWKGCVqpSCoAegAZDr-J4ByAEJqQLOiFCmsBmyPqgDAcgDywSqBOgBT9DgPQO88TbzagS2VB4bTS_uvnVuFd5DCsDChm41ylD1pUeqYXVHxA41d8qolFKgEX59kJc3MDmqvl4t44r64iBzNe9DsFBrZPbydcjhhpL7bcfW_J26imsY5X9s4TFJ0udWqZ7B41wlU1a2lVRELE13IApaxFaodW_O69BIK4Y9r1tfyOOdGEQCGMl7-KbqgxD-JbGaUgbkItHp0q-v_k5xxXPiDpM6O7urPw378ZfWV7-EIKPbidTgbnDywjG4eyPbdS8MKChTpabpvYrNQnBeCh8gCx1160h6Tm8xWAN3A9u55aG6JsAE3Ij-1LAEiAWl_Mv5M5IFBAgEGAGSBQQIBRgEoAYugAfYlIfhAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEICfDtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYoZaMxfD6ggOaCYUBaHR0cHM6Ly9idXNpbmVzcy5nb29nbGUuY29tL3Yvc2VpZGVuaGF1dC1rb3NtZXRpa3N0dWRpby8wMTY0MjgyNzU0Nzc1NjMwOTk2NzkvODlhMy9fP2NhaWQ9MTM5NDUyMDgzNTcmYWdpZD0xNTA1MDIwODE2MjgmZ2NsaWQ9e2djbGlkfYAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQK4E4gE2BMK0BUBgBcBshccChoIABIUcHViLTg1ODQ5MTUzOTQyMzIzMjQYAA&sigh=QyxHY7zQumU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNLp3kAAc7So5jRscyzajRxgNG0sCs3DkmyGlOyIHfPo50HVD7tup2aZKbybOwiLp8HfCW7F2e-BgB&template_id=520&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223149225413408875257%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222417483388781573105%22}&andc=true

Request Chain 120

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_cver=1&google_push=AXcoOmRNuQ0Uc3bRN7EvP4n79pXndMgQ47U9EXhc9BRLXcqZFJnFyYd54cB1UL6G73Zex6dSvCT3mBGW38xid7xhfGdaEAHsYXvj_56O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhCeUV3QUU3c1o5WGdCSA==&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_cver=1&google_push=AXcoOmRNuQ0Uc3bRN7EvP4n79pXndMgQ47U9EXhc9BRLXcqZFJnFyYd54cB1UL6G73Zex6dSvCT3mBGW38xid7xhfGdaEAHsYXvj_56O

Request Chain 121

https://um.simpli.fi/gp_match?google_gid=CAESEBueVHs3YyUzwX9Bj4cjudE&google_cver=1&google_push=AXcoOmSgp7hjn6mMnbU8hKtARIqVbvxeK2E67lwe45P7eEmFBqtaRFfXtfdN2O3IOHrmfGAXavaDZ3nxqcP6MBNsTOvzT2DMK0_57ZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A79AEAE2D207419AADCE7B109ACDE987&google_push=AXcoOmSgp7hjn6mMnbU8hKtARIqVbvxeK2E67lwe45P7eEmFBqtaRFfXtfdN2O3IOHrmfGAXavaDZ3nxqcP6MBNsTOvzT2DMK0_57ZQ

Request Chain 123

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECR7R2Lv8MfZjfnjm5gGtNY&google_cver=1&google_push=AXcoOmQsqgvhxv6vVNjulDy8EWZ22__JDBqJyag1cLS_8v3m3Eu1sLIqJQjON7KkUPb_Hlj2aK0GW3hUFfuMBbUDmqZ_qmVZ_1kfvGzM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQsqgvhxv6vVNjulDy8EWZ22__JDBqJyag1cLS_8v3m3Eu1sLIqJQjON7KkUPb_Hlj2aK0GW3hUFfuMBbUDmqZ_qmVZ_1kfvGzM&google_hm=cjlwFfrvSae4cGOCfi_EcMY

Request Chain 126

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENO4ehzVqBSgb6yBgp3kL2I&google_cver=1&google_push=AXcoOmRVHmRrEqtYhVhXeXJ-btnKrdsY1pL0gviNxWh3FCH_Q51u1EuWrl80XgG7BrdKs6ZsDrIETiQ19wehu71UKo5FkO6QE-s1Op5f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRVHmRrEqtYhVhXeXJ-btnKrdsY1pL0gviNxWh3FCH_Q51u1EuWrl80XgG7BrdKs6ZsDrIETiQ19wehu71UKo5FkO6QE-s1Op5f HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

122 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
discordlogin.com/
Redirect Chain

http://discordlogin.com/
https://discordlogin.com/

72 KB
15 KB

364ms
135ms

Document
text/html

23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed / PHP/8.0.30
Resource Hash: dad39c73d18fb713314a41970f77c187dd70bc639fa767fbd111b6a1fc1eb4e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 13:07:27 GMT
link: <https://discordlogin.com/wp-json/>; rel="https://api.w.org/" <https://discordlogin.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://discordlogin.com/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
x-ua-compatible: IE=edge

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 13:07:26 GMT
location: https://discordlogin.com/
server: LiteSpeed
x-powered-by: PHP/8.0.30
x-redirect-by: WordPress
x-ua-compatible: IE=edge

GET
H2 200 style.min.css
discordlogin.com/wp-includes/css/dist/block-library/ 95 KB
12 KB 118ms
117ms Stylesheet
text/css 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.3
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Fri, 10 Mar 2023 10:52:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11775
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 classic-themes.min.css
discordlogin.com/wp-includes/css/ 291 B
220 B 119ms
118ms Stylesheet
text/css 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-includes/css/classic-themes.min.css?ver=6.2.3
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Tue, 14 Feb 2023 07:20:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 164
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 comments.min.css
discordlogin.com/wp-content/themes/generatepress/assets/css/components/ 1 KB
596 B 117ms
116ms Stylesheet
text/css 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.3.0
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 06:10:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 488
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 main.min.css
discordlogin.com/wp-content/themes/generatepress/assets/css/ 19 KB
4 KB 119ms
118ms Stylesheet
text/css 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.0
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 06:10:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4419
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 83ms
57ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8584915394232324

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0740cb0048b96f764cb425b6a73b9f80800a75f516c02425ea4a5cdc3a406cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Origin: https://discordlogin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52106
x-xss-protection: 0
server: cafe
etag: 2178082130880269251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:28 GMT

GET
H2 200 wp-emoji-release.min.js Show response
discordlogin.com/wp-includes/js/ 18 KB
5 KB 125ms
125ms Script
application/javascript 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.3
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Thu, 02 Feb 2023 11:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4651
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 Discord-App-APK.png
discordlogin.com/wp-content/uploads/2017/09/ 38 KB
38 KB 196ms
196ms Image
image/png 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discordlogin.com/wp-content/uploads/2017/09/Discord-App-APK.png
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: 82260fadb8ebf4099e2327662fe80b298a61bb590c32371cbdbbf5e2b5c1a8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
last-modified: Thu, 27 Apr 2023 05:53:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 38545
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 menu.min.js Show response
discordlogin.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 180ms
180ms Script
application/javascript 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Thu, 27 Apr 2023 06:10:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1535
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 comment-reply.min.js Show response
discordlogin.com/wp-includes/js/ 3 KB
1 KB 180ms
180ms Script
application/javascript 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://discordlogin.com/wp-includes/js/comment-reply.min.js?ver=6.2.3
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
content-encoding: br
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
134 KB 91ms
76ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8584915394232324&plah=discordlogin.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8584915394232324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

296a9b7b702577c4f5ca389a7f5a5b29cc999b1590af6cd6ee0f4fcbbbd25129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137570
x-xss-protection: 0
server: cafe
etag: 3804816160223325766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:28 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/ Frame AE42 9 KB
4 KB 28ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231204/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8584915394232324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 01:32:39 GMT
etag: 5585625838579639069
expires: Wed, 20 Dec 2023 01:32:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Discord-Chat.png
discordlogin.com/wp-content/uploads/2017/09/ 296 KB
296 KB 115ms
115ms Image
image/png 23.111.167.173
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discordlogin.com/wp-content/uploads/2017/09/Discord-Chat.png
Requested by: Host: discordlogin.com
URL: https://discordlogin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.111.167.173 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS: pebble.vhostplatform.com
Software: LiteSpeed /
Resource Hash: d070526ec221a9737f545da26087ff61396ce6cb1dc630a72330667764e3a442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:27 GMT
last-modified: Thu, 27 Apr 2023 05:53:43 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 302696
expires: Wed, 13 Dec 2023 13:07:27 GMT

GET
H2 200 1f338.svg
s.w.org/images/core/emoji/14.0.0/svg/ 4 KB
2 KB 34ms
9ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f338.svg

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

ff7f12f30aa1e6821bbbd96871fcda9b7f581bd30dad075171a82a328b111fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 06 Dec 2023 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2728.svg
s.w.org/images/core/emoji/14.0.0/svg/ 1 KB
789 B 33ms
8ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2728.svg

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 06 Dec 2023 13:07:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: max-age=315360000
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0CE4 248 KB
55 KB 2052ms
2052ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&adk=1812271804&adf=3025194257&lmt=1701868048&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x675_l%7C140x675_r&format=0x0&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868048631&bpp=25&bdt=128&idt=243&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3065351757635&frm=20&pv=2&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8584915394232324&plah=discordlogin.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c26b0b3f29ff47c9da2eeae31bcb93d8bc039bf4bbb6a5be0abae7c8fc35a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56489
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:07:30 GMT
expires: Wed, 06 Dec 2023 13:07:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7DE 160 KB
47 KB 1486ms
1486ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701868048&rafmt=1&to=qs&pwprc=1064844143&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868048656&bpp=2&bdt=153&idt=247&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31afc6a5fce534fef322e1ff9610f0367ec38d1c37bead2dc9e12cfe44ed173d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47850
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:07:30 GMT
expires: Wed, 06 Dec 2023 13:07:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame C7DE 14 KB
2 KB 41ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701868048&rafmt=1&to=qs&pwprc=1064844143&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868048656&bpp=2&bdt=153&idt=247&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:53:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:07:30 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame C7DE 2 KB
875 B 31ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame C7DE 24 KB
9 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:03:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame C7DE 3 KB
1 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9092
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:35:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame C7DE 20 KB
9 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7DE 202 KB
64 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:30 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame C7DE 37 KB
16 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H2 400 data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
mts0.google.com/vt/ Frame C7DE 0
0 103ms
41ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=1255086581&adf=1180966693&pi=t.aa~a.108489206~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1701868048&rafmt=1&to=qs&pwprc=1064844143&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868048656&bpp=2&bdt=153&idt=247&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=167&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C7DE 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C7DE 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C7DE 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C7DE 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C7DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e16a51ce209a92f0416a9dc7de86eda2503b3af1d17da066e387ac0a700892fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame C7DE 33 KB
34 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:01 GMT
x-content-type-options: nosniff
age: 138149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C7DE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CNps4EXJwZdfqA_aXpt8P_Mag6A7t356IdMvCn4qNEoqc3cjBARABIJyL1ihglaqUgqAHoAGQ6_ieAcgBCakCzohQprAZsj6oAwHIA8sEqgToAU_QOPDEtnK2GwEtoh8y31wgI7_ova9mfYp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215007895170025026119%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%2...

0
0

60ms
43ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215007895170025026119%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225238685590509624449%22}&andc=true

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15007895170025026119","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"5238685590509624449"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 13:07:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 13:07:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15007895170025026119","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"5238685590509624449"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 38B8 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
43ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 13:07:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adcc36220d1d690b7b210c45f7f959ab8d3705309a519c3d45124722e349d9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55946
x-xss-protection: 0
server: cafe
etag: 15762396791467158649
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B104 162 KB
48 KB 788ms
788ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8dbcd0ac4354a8ed88b782658699f4915cb47eb9d7bef6f20ddd196f5c9444d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 49361
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:07:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA3F 162 KB
48 KB 871ms
871ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5bdbc71b4745aca5860f19ee8f3af9772a9c8a3df96eef19fe3815f66decc6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 49509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:07:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6694 157 KB
47 KB 907ms
906ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6573081b3d058ce8bcf8cd6e0fa2ec7920dd9cb42914a990d506183ad07a853d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 47860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:07:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/ Frame F6A2 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:42:25 GMT
etag: 5585625838579639069
expires: Tue, 19 Dec 2023 15:42:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F6A2 4 KB
767 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:51:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F6A2 205 B
520 B 9ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:58:29 GMT
x-content-type-options: nosniff
age: 155342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 17:58:29 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F6A2 604 B
696 B 10ms
9ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:38:28 GMT
x-content-type-options: nosniff
age: 120543
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Dec 2024 03:38:28 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame F6A2 16 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75831
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:03:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/ Frame F6A2 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:42:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2581 2 KB
480 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:26:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 2581 2 KB
822 B 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 2581 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:03:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 2581 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:35:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 2581 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2581 202 KB
64 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 2581 37 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231204/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 0251 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7DE 42 B
174 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttNGDZxXk2O6GUkMmCruMILPhLv9bczT9LXY9AfOUjIAmGROLXLZn-rNHtTgFiyb7zpV1egoFzM-FrdxLBysnPczckqkptbR0DZa8Q8hLDi34S9hA_cq3Tkx4kez31o5R6gkykJx5lWz5J&sai=AMfl-YQMPdKCkmZjctHUeJm7wRXicsLmebVs867ue2KfgFyLumI4EJ_uYfSVzNoPOjW50mc4WyKgwiEnYTNqSYcxvp-dHW9u5kyUgpKwE9rQHCSyRUXGp3jp1FRk2dFCSLpT7m4snkPJtjARCeag-mhU83j28qkCuX3okhQE&sig=Cg0ArKJSzGG24MWDo-lPEAE&cid=CAQSTwDICaaNOUk23MpyFwIzsddoweaVSRFbHGKtVa6trnilOTlqISFfmKN9ydxvoVTIVxrY1kSjAU9viwC4O75KgmK5XPOVA6yd4HvFsm4AuUAYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1255086581&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701868048905&rpt=1639&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B104 14 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:13:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame B104 2 KB
822 B 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame B104 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:03:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame B104 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:35:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DDBD 1 KB
643 B 10ms
9ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame B104 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B104 0
0 39ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQK-eoaibZF-Op5UgJqSb8ZyrZd7o-XzzZOCD3trqPyTnGA_uy79wiu0EGCWKDsdS_2dJ9IADz_XWz_yE5wY4L8q7evUg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B104 202 KB
64 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame B104 37 KB
15 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H2 400 data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
mts0.google.com/vt/ Frame B104 0
0 42ms
41ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B104 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B104 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B104 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B104 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B104 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 948e95f0217e5043c99c30678b23a36e04ab7fdddd8ba2e77c4b416cb01cb07a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame DDBD 0
104 B 102ms
74ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDQg84777pOB7r5WzRfhOnY&google_cver=1&google_push=AXcoOmR27COtlHZIc2Pzxug26xrs-_G2X_2k44OPeCy2ZZyxJlSAQVsrNCL_JIcAXoaIwL62Z7MqvYPCpyMRgOyd-0-nzCkThuTGKLQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DDBD
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_push=AXcoOmQXn7jO8nSut3GtQMFBglrIFW1n3E82itVHiOv39m15jImhb83IDD...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_push=AXcoOmQXn7jO8nSut3GtQMFBglrIFW1n3E82itVHiOv39m15jImhb83IDDozuSf7Ox0MpeuDykmpc2kp8HL4oBfyjTS1TbdrVeCU7g

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220049-FRA
pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701868052.888837,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_push=AXcoOmQXn7jO8nSut3GtQMFBglrIFW1n3E82itVHiOv39m15jImhb83IDDozuSf7Ox0MpeuDykmpc2kp8HL4oBfyjTS1TbdrVeCU7g
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DDBD
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECR7R2Lv8MfZjfnjm5gGtNY&google_cver=1&google_push=AXcoOmSodr166bBDUWqjXGbIsDj_MrKHXgTqHAp8TNIkTj_CVOC57PsrOSC4LGuFGBmJY6v4wGpLjZm...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSodr166bBDUWqjXGbIsDj_MrKHXgTqHAp8TNIkTj_CVOC57PsrOSC4LGuFGBmJY6v4wGpLjZmclIwXSFn9TaZ-YKNP60iP8SE&google_hm=cjlwFfrvSae4cG...

170 B
232 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSodr166bBDUWqjXGbIsDj_MrKHXgTqHAp8TNIkTj_CVOC57PsrOSC4LGuFGBmJY6v4wGpLjZmclIwXSFn9TaZ-YKNP60iP8SE&google_hm=cjlwFfrvSae4cGOCfi_EcMY

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSodr166bBDUWqjXGbIsDj_MrKHXgTqHAp8TNIkTj_CVOC57PsrOSC4LGuFGBmJY6v4wGpLjZmclIwXSFn9TaZ-YKNP60iP8SE&google_hm=cjlwFfrvSae4cGOCfi_EcMY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame DDBD 0
98 B 48ms
17ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRyweC5jlF5XT27WsDL9GLtWlE50R6lu27NhsvB2-hzBCX6FA21SYtlnMvIUs5sEuZ4VocP1aKa9qzaboC4mNmBmeoI7nevXGs&google_gid=CAESEFP9uW3GnbIX1uV5N7U4Dho&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3988897314&pi=t.aa~a.1381849204~i.15~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=2&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280&nras=3&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame DDBD 43 B
363 B 46ms
14ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTwLkSs4n5p34F0X9FflO939oqpmT4m4b7DAx_2o-hY1Muo4kikf7Axtk1Ql25ffGivOWezjJ2_LobDD1IxposJW-BgjFXAtgo&google_gid=CAESEGPiikaAbgLNRBLWeMq5lPc&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 255519
expires: Wed, 06 Dec 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DDBD
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHWBNfmv4NLv4RTmgutHdjM&google_cver=1&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1EJK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEHWBNfmv4NLv4RTmgutHdjM&google_cver=1&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXo...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMxMjc1OTY3MzI1NTgwOTA5NQ&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1E...

170 B
188 B

17ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMxMjc1OTY3MzI1NTgwOTA5NQ&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1EJKXh5C5ix-9EpZJV9Xj74dZQ

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjMxMjc1OTY3MzI1NTgwOTA5NQ&google_push=AXcoOmQwAj6xXlJc1mVkSQlhsrhYbN1JV6jqUwFwoHb8Qn38Ipo3m1st-TEQJuijVppN7QXQoXoF1EJKXh5C5ix-9EpZJV9Xj74dZQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DDBD
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHdR4UmqLHv4-CmK2tpF1T8&google_cver=1&google_push=AXcoOmQxtG9DyfrmRReAtzOTVbZwQqwE7jgdOTZNI2Du3tDKR_izjZVUa9s-Q5-ZDTN8biEE8hcq0Boy35l7...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxtG9DyfrmRReAtzOTVbZwQqwE7jgdOTZNI2Du3tDKR_izjZVUa9s-Q5-ZDTN8biEE8hcq0Boy35l7Iq8U3LMgMzLo9PZO4A

170 B
329 B

25ms
17ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxtG9DyfrmRReAtzOTVbZwQqwE7jgdOTZNI2Du3tDKR_izjZVUa9s-Q5-ZDTN8biEE8hcq0Boy35l7Iq8U3LMgMzLo9PZO4A

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQxtG9DyfrmRReAtzOTVbZwQqwE7jgdOTZNI2Du3tDKR_izjZVUa9s-Q5-ZDTN8biEE8hcq0Boy35l7Iq8U3LMgMzLo9PZO4A
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DDBD 0
130 B 52ms
15ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IoB15OBkJh-FihgoDbRNJ-6gIDXNyCs9Sf9aV5AUB-Cet9ag2SRkjdHRBj3kFJ5yAqtl7N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B104 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:01 GMT
x-content-type-options: nosniff
age: 138150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B104
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cq5ebE3JwZdSECteqpt8Pir69sA7t356IdMvCn4qNEoqc3cjBARABIJyL1ihglaqUgqAHoAGQ6_ieAcgBCakCzohQprAZsj6oAwHIA8uEgIAEqgToAU_QCQXnE6wue_Kit38PH1nchIxEozN...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210804838895952834337%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%2...

0
0

135ms
134ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210804838895952834337%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229881675600775992273%22}&andc=true

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10804838895952834337","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"9881675600775992273"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 13:07:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 13:07:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10804838895952834337","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"9881675600775992273"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame FA3D 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FA3F 14 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:52:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame FA3F 2 KB
822 B 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame FA3F 24 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:03:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame FA3F 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:35:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A2A8 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame FA3F 20 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA3F 0
0 17ms
16ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkogsknbqSHvt096fgLcB3GDggi8OY3_H0LD5pd54ZjxpDpx6o46IVzcCUYezF3bx6ayS6c3Ht2N0AZzCdlK6xS42iAQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA3F 202 KB
64 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame FA3F 37 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

GET
H3 400 data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
mts0.google.com/vt/ Frame FA3F 0
0 42ms
42ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame FA3F 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA3F 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA3F 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA3F 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 6694 14 KB
1 KB 23ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 11:52:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 6694 2 KB
822 B 9ms
8ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/ Frame 6694 24 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:03:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 08:03:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 6694 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Dec 2023 10:35:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/ Frame 6694 20 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231204/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:30:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0
server: cafe
etag: 636498438165408290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:30:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6694 0
0 18ms
18ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyou4in9dzK2q7BRpo6jQjcHh22ElAveTvDqcGieP-LKqhlpmU-GXmNMY-TyVsSIB1Tr13ah2VZdF2uTNddP2gqEibgw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6694 202 KB
64 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 13:07:31 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 6694 37 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 05:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 04 Mar 2024 05:25:25 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 13:07:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6694
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CwMNkE3JwZZibC8qPpt8P0bSj2Ant356IdMvCn4qNEoqc3cjBARABIJyL1ihglaqUgqAHoAGQ6_ieAcgBCakCzohQprAZsj6oAwHIA8uEgIAEqgToAU_Qm7Fhj__2oL72pxiRd1LkKCDa1kJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22922382026038017744%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%222...

0
0

42ms
42ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22922382026038017744%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221946470124449588833%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"922382026038017744","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"1946470124449588833"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 13:07:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 13:07:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"922382026038017744","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"1946470124449588833"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9186 1 KB
643 B 12ms
8ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Wed, 06 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A2A8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEM3fg937l19CoqxSEJoVyWE&google_cver=1&google_push=AXcoOmRBhBBmLaLDLUkZlZbwhhKGsi_bupyU1ne3ksm3O1vrL76F_ZNG4gPg5moljeSkcitjlgZ0g4EztptbbpSpoGz-jUYvtmxplzs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI2NjAxNzQxNzE4OTU5ODk2Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM3fg937l19CoqxSEJoVyWE&google_cver=1

43 B
398 B

122ms
121ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM3fg937l19CoqxSEJoVyWE&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEM3fg937l19CoqxSEJoVyWE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame A2A8 35 B
463 B 43ms
13ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFp3BSCmlUduvPvGZOdUQIg&google_cver=1&google_push=AXcoOmSkxHLsMktkLnqRIJmazYYjbL7jnlBfSXgDMWjjYl73uG6Ga_vDxCshqJLEYUgWmRSAO9UB2kFeBSl2N5a2sWQ6Mj-v0-8i6QE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A2A8
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEACexO_gshZn8zJVvhI19us&google_cver=1&google_push=AXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQI...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACexO_gshZn8zJVvhI19us&google_cver=1&google_push=AXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nn...

43 B
418 B

181ms
163ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACexO_gshZn8zJVvhI19us&google_cver=1&google_push=AXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8314c09e29483661-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 726
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEACexO_gshZn8zJVvhI19us&google_cver=1&google_push=AXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSuHwoiWoXGQ4rp2a0v8Q7YMhDIwVH1kT7nwl_slcUd__BXQqzE6_GE7zXLok4eDR86D5u1_rOeFZUtIkigBH4vc3VG_nnQIw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8314c09cefe63661-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2A8
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECR7R2Lv8MfZjfnjm5gGtNY&google_cver=1&google_push=AXcoOmSCgefNjWfSrrGjFXdrxaqd72ZbOuECsDlUnW6280fzdUB1qQnll2FiKZNRyATp5uSRMQejmuE...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSCgefNjWfSrrGjFXdrxaqd72ZbOuECsDlUnW6280fzdUB1qQnll2FiKZNRyATp5uSRMQejmuE4l-5EZ5oBOGT-xwlAF4nI2-s&google_hm=cjlwFfrvSae4cG...

170 B
188 B

19ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSCgefNjWfSrrGjFXdrxaqd72ZbOuECsDlUnW6280fzdUB1qQnll2FiKZNRyATp5uSRMQejmuE4l-5EZ5oBOGT-xwlAF4nI2-s&google_hm=cjlwFfrvSae4cGOCfi_EcMY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSCgefNjWfSrrGjFXdrxaqd72ZbOuECsDlUnW6280fzdUB1qQnll2FiKZNRyATp5uSRMQejmuE4l-5EZ5oBOGT-xwlAF4nI2-s&google_hm=cjlwFfrvSae4cGOCfi_EcMY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2A8
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEC32kg6gRuIMCxnkv7Bjq04&google_cver=1&google_push=AXcoOmRa0kMuK9JY-SCYnVhyK_xoevkncxWHKYaaaNM56_dLUs8NF8QjoeYR9w-YeY2YSchqf2YNkzCCGh1rjuy8laOdymAKNNMzstY
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRa0kMuK9JY-SCYnVhyK_xoevkncxWHKYaaaNM56_dLUs8NF8QjoeYR9w-YeY2YSchqf2YNkzCCGh1rjuy8laOdymAKNNMzstY&google_hm=Q0FFU0VDMzJrZzZnUn...

170 B
188 B

127ms
127ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRa0kMuK9JY-SCYnVhyK_xoevkncxWHKYaaaNM56_dLUs8NF8QjoeYR9w-YeY2YSchqf2YNkzCCGh1rjuy8laOdymAKNNMzstY&google_hm=Q0FFU0VDMzJrZzZnUnVJTUN4bmt2N0JqcTA0

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 06 Dec 2023 13:07:31 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRa0kMuK9JY-SCYnVhyK_xoevkncxWHKYaaaNM56_dLUs8NF8QjoeYR9w-YeY2YSchqf2YNkzCCGh1rjuy8laOdymAKNNMzstY&google_hm=Q0FFU0VDMzJrZzZnUnVJTUN4bmt2N0JqcTA0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A2A8
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEHdR4UmqLHv4-CmK2tpF1T8&google_cver=1&google_push=AXcoOmQNSgbkXCRImhQgWIc5FT-up7rUORK33v3S5S64ecTXHEwBlUllk0IX6V17VeIina6YeRZ6-HnBRVF6...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNSgbkXCRImhQgWIc5FT-up7rUORK33v3S5S64ecTXHEwBlUllk0IX6V17VeIina6YeRZ6-HnBRVF6-kOiddBuHto4NVPlkLM

170 B
232 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNSgbkXCRImhQgWIc5FT-up7rUORK33v3S5S64ecTXHEwBlUllk0IX6V17VeIina6YeRZ6-HnBRVF6-kOiddBuHto4NVPlkLM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQNSgbkXCRImhQgWIc5FT-up7rUORK33v3S5S64ecTXHEwBlUllk0IX6V17VeIina6YeRZ6-HnBRVF6-kOiddBuHto4NVPlkLM
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame A2A8
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENO4ehzVqBSg...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRndgMrvCt7MpVMpwI9Xn3XZqS6fAGsKBQhrpwlD0eF4gRcfWBbE7Eyd83VuxXrItoXqsmGIwHC8K9XFc4Ou2eOYKLORSHFj4zZ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

51ms
51ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 06 Dec 2023 13:07:32 GMT
pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A2A8 0
40 B 21ms
12ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2mDW5CLah3bnb_3zw-wv1HO5J2wHhLFQABZbCbDLvAhOhFOp9UVb0qLI3j5ILxB3xNAdguA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame FA3F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6d7748e3977150de790f3960299bfc0ac372e68b66480586d995376e1d6ac26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 400 data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
mts0.google.com/vt/ Frame 6694 0
0 150ms
149ms Image
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6694 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6694 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6694 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6694 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FA3F 33 KB
33 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:01 GMT
x-content-type-options: nosniff
age: 138150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FA3F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfv5HE3JwZcqZC4Kn9wWFtY64B-3fnoh0y8Kfio0SipzdyMEBEAEgnIvWKGCVqpSCoAegAZDr-J4ByAEJqQLOiFCmsBmyPqgDAcgDywSqBOgBT9DgPQO88TbzagS2VB4bTS_uvnVuFd5DCsD...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223149225413408875257%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22...

0
0

44ms
44ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223149225413408875257%22,%22debug_reporting%22:true,%22destination%22:%22https://google.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22333329808%22],%224%22:[%2212-06%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222417483388781573105%22}&andc=true

Requested by

Host: discordlogin.com
URL: https://discordlogin.com/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3149225413408875257","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"2417483388781573105"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 06 Dec 2023 13:07:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 06 Dec 2023 13:07:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3149225413408875257","debug_reporting":true,"destination":"https://google.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["333329808"],"4":["12-06"],"6":["true"]},"priority":"500","source_event_id":"2417483388781573105"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6694 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 091c78f88a09aef421003f1ccb3862353520932c3962f5df04354a7aec9d7ee6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9186
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhCeUV3QUU3c1o5WGdCSA==&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_cver=1&google_push=AXcoOmRNuQ0Uc3bRN7EvP4n79pXndMgQ47...

170 B
188 B

20ms
19ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhCeUV3QUU3c1o5WGdCSA==&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_cver=1&google_push=AXcoOmRNuQ0Uc3bRN7EvP4n79pXndMgQ47U9EXhc9BRLXcqZFJnFyYd54cB1UL6G73Zex6dSvCT3mBGW38xid7xhfGdaEAHsYXvj_56O

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220049-FRA
pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701868052.008780,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlhCeUV3QUU3c1o5WGdCSA==&google_gid=CAESEDTbgRxTT4w0pAA1pB0Y-TY&google_cver=1&google_push=AXcoOmRNuQ0Uc3bRN7EvP4n79pXndMgQ47U9EXhc9BRLXcqZFJnFyYd54cB1UL6G73Zex6dSvCT3mBGW38xid7xhfGdaEAHsYXvj_56O
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9186
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBueVHs3YyUzwX9Bj4cjudE&google_cver=1&google_push=AXcoOmSgp7hjn6mMnbU8hKtARIqVbvxeK2E67lwe45P7eEmFBqtaRFfXtfdN2O3IOHrmfGAXavaDZ3nxqcP6MBNsTOvzT2DMK0_57ZQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A79AEAE2D207419AADCE7B109ACDE987&google_push=AXcoOmSgp7hjn6mMnbU8hKtARIqVbvxeK2E67lwe45P7eEmFBqtaRFfXtfdN2O3IOHrmfGAXavaDZ3nxqcP6MBN...

170 B
188 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A79AEAE2D207419AADCE7B109ACDE987&google_push=AXcoOmSgp7hjn6mMnbU8hKtARIqVbvxeK2E67lwe45P7eEmFBqtaRFfXtfdN2O3IOHrmfGAXavaDZ3nxqcP6MBNsTOvzT2DMK0_57ZQ

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 13:07:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A79AEAE2D207419AADCE7B109ACDE987&google_push=AXcoOmSgp7hjn6mMnbU8hKtARIqVbvxeK2E67lwe45P7eEmFBqtaRFfXtfdN2O3IOHrmfGAXavaDZ3nxqcP6MBNsTOvzT2DMK0_57ZQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 05 Dec 2023 13:07:32 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9186 70 B
149 B 203ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOKtgCPR0vfZmQPW7fqgmME&google_cver=1&google_push=AXcoOmSXN9njKtZXCFQYCr86ECl2IgQXBseuTkBTSVKmIHqHRi44D1EAhBstS6v5tUJTEy66UdFyeofUvsJP9htsgenMnGBJQHHFum9g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9186
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESECR7R2Lv8MfZjfnjm5gGtNY&google_cver=1&google_push=AXcoOmQsqgvhxv6vVNjulDy8EWZ22__JDBqJyag1cLS_8v3m3Eu1sLIqJQjON7KkUPb_Hlj2aK0GW3h...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQsqgvhxv6vVNjulDy8EWZ22__JDBqJyag1cLS_8v3m3Eu1sLIqJQjON7KkUPb_Hlj2aK0GW3hUFfuMBbUDmqZ_qmVZ_1kfvGzM&google_hm=cjlwFfrvSae4c...

170 B
188 B

18ms
18ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQsqgvhxv6vVNjulDy8EWZ22__JDBqJyag1cLS_8v3m3Eu1sLIqJQjON7KkUPb_Hlj2aK0GW3hUFfuMBbUDmqZ_qmVZ_1kfvGzM&google_hm=cjlwFfrvSae4cGOCfi_EcMY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQsqgvhxv6vVNjulDy8EWZ22__JDBqJyag1cLS_8v3m3Eu1sLIqJQjON7KkUPb_Hlj2aK0GW3hUFfuMBbUDmqZ_qmVZ_1kfvGzM&google_hm=cjlwFfrvSae4cGOCfi_EcMY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 9186 43 B
146 B 138ms
11ms Image
image/gif 52.29.184.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKM5IK_AFebKi629ek2K3nc&google_cver=1&google_push=AXcoOmSCiGxmfB-3sRr5jG7YbwH8XhPS30rb-i6ayf6l3pv_CX9bQ1cAHQZuJdtzI0cFxkw21-7L4JspOLsL8FKM3mA5DWBpLpTEiUdH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.184.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-184-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 9186 43 B
362 B 117ms
115ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSJZV0G4WxCGFMCVAE_PjrnczTZXpy7l0s4UXEqUcbNrVjzU372DbuCRYT5c73Z2LqUe1epplyWTH16Rj5nt-faGxdZh4_E0D2f&google_gid=CAESEGPiikaAbgLNRBLWeMq5lPc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:31 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 225383
expires: Wed, 06 Dec 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 9186
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENO4ehzVqBSg...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRVHmRrEqtYhVhXeXJ-btnKrdsY1pL0gviNxWh3FCH_Q51u1EuWrl80XgG7BrdKs6ZsDrIETiQ19wehu71UKo5FkO6QE-s1Op5f
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

50ms
50ms

Image
image/gif

2.19.217.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 2.19.217.101 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-217-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 06 Dec 2023 13:07:32 GMT
pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9186 0
12 B 121ms
119ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JrUk2SHPFve7skNIeGnlG9lgkssYbY8yAefAzVEA7N2az5R8IoH2ip7J4u-g3gqQS8dEveag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 85F8 51 KB
19 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=3699123815&pi=t.aa~a.1381849204~i.29~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=-M&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2372&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6694 33 KB
33 KB 117ms
117ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:01 GMT
x-content-type-options: nosniff
age: 138151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:01 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 146ms
146ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 13:07:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 06 Dec 2023 13:07:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
57ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231204&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da7013a75a2e8e95df67df46112be8d1eedae48fce057cfde6979cfa22caccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12262
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame A868 51 KB
19 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8584915394232324&output=html&h=280&adk=3753071425&adf=258345551&pi=t.aa~a.1381849204~i.35~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1701868051&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1064844143&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fdiscordlogin.com%2F&ea=0&fwr=0&pra=3&rh=200&rw=1200&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701868051000&bpp=1&bdt=2497&idt=0&shv=r20231204&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8fb59bb179412e89%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg&gpic=UID%3D00000ce3ee8baea4%3AT%3D1701868048%3ART%3D1701868048%3AS%3DALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=3065351757635&frm=20&pv=1&ga_vid=1382404037.1701868049&ga_sid=1701868049&ga_hid=1292561013&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079826%2C31079920%2C44795921%2C44806140%2C44807764%2C44808149%2C44808285&oid=2&psts=AOrYGslMghnEKk-hXUVoOuNRw5AZdicNGJXmTZ5o9qOiKP23FpztRDmWOmYspMdn1ItfXkHxt4cRllTgUvJDuAQsEk5Uf276&pvsid=4193956873164686&tmod=2004284041&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 170047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 13:07:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AC73 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 10:37:42 GMT
expires: Thu, 05 Dec 2024 10:37:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C26 829 B
559 B 19ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d521b726642cb08742215afd5f931a29ae888110051895c4ed145a16f6ecd37e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2n9kigaFs8s5lTjgCGFUjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://discordlogin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2n9kigaFs8s5lTjgCGFUjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 13:07:32 GMT
expires: Wed, 06 Dec 2023 13:07:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame AC73 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:36:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Dec 2024 10:36:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1C26 0
0 41ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231204&jk=4193956873164686&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AC73 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?O12S7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 13:07:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231204&jk=4193956873164686&bg=!Z2SlZCvNAAY3kmNgF5I7ADQBe5WfOOAeIx2YykxvP1FpA2BrA2boCFrM8TBYROIuQCVvMmYeLeGSDv9xJ9m9PuLl8h8aAgAAACxSAAAAAmgBBwoAsWCHJm3dE2dv1Slt1dcFSZDdEozqc8Jxj9R7GFWxe6bKRqmY4m2zehT-x7MWG8rgYeKTaKBUnM1wtEqT9f7JnhTSpoHdoE06SPPnJTKmr1hx9wfuJicj7-jN7Afowt75aPP5tkOE_RwaJ1U1KkHFINj5-TyKRy7dQ7b453CXe8NwQmeUpmUnFZ_Vt6scvRsTaEh5NrGWnNLc41VgS1EjEx8hagg8zu5PuqvgKgLErsy515kC0gFAemzWEWg_F-f9nBQboE-2C_llAYCNUcABukhGXMk20JDvlbL97Xgcnam1CKOm_Pi8sb2uSO8s3Wzp6n35MO1hOcB_ZiZ63zAqOJTGCrA5xO1L8pBlbwRrAUR64XTL_wndPaz5xwhbR5eAVdCWSXNJiRxukueuRKO7B5MPYnD6cSipXnEPZ54yIZC5NTQcHGLRohU29S6iH8dMwNeGuKRvXKS9HQT4jwMi5CLFc46iHIc31bm5HhJS-mOzewzeo-S3Tvd6p9NUWZxgN_k9wWLzZPcgJGqtcKCCCBwVRuT1lthVLsLr7EAMnH8mgCi8v1ZANHU3AwZwbpA2evqLvFnfBRJG88oFkxq_a2_HnI4nWmV0yxL-50utlVXxALdilVS04dVK5sQiw4MM0NapaNd4m4jpe-zA9yIAa1tz09M4xZuUbikMtZyM-b7Kc01bJNFhJffhwLdA664LPZCQmboEb8O1R0ikIh5acYW8wA4GQzBc936V_v9L2g9PNdjpo5CCzKYuqn6UCXszszAlh4bD8wgmKOgmoOWXiEhHs3dmu9dxD6oDnZ1-aw4DGmJ5TqhvhYtY7QbmcXg6yvj4rW-1RMqbnH8euXQwklHvEFxN7juuPs_wznAWDGNoJwwkQd2lGiBs2qZQuJ8YKjL7JkxroeAG28JP2N3eisi-rcwMrcnzYBpARB_kdsDpSuBYf4JoFPPjcmP9JeN4BFKOGNV3WIbEePYsEVDzHw3AOq7JavNNOd62_Vn8OD0B_pE8ewm9UF_jU9sk2NFrOZuKTkmSpoyFFNd-9g1xvv4yRB8KK3BSseHdBR2zKsfHfAMLf-oPNpS0ZJ4-jZ6Tw1Wg1zGHY4qOBsjAbMvtfMPgesubCMo7MSCWwsK4Yf-JLPAczi44zGxaL9jqFldFtRT_ZUGuQ51STxqDOmlo5PIxG9P50zZiwEijF9fWPOd4fG9S6KzK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://discordlogin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.discordlogin.com/	1970-01-21 02:06:04	Name: __gads Value: ID=8fb59bb179412e89:T=1701868048:RT=1701868048:S=ALNI_MYdgmbchglRVSqp2YwibYs0ghoKeg
.discordlogin.com/	1970-01-21 02:06:04	Name: __gpi Value: UID=00000ce3ee8baea4:T=1701868048:RT=1701868048:S=ALNI_MYrd9XimrwAmwo0LghGhWDsSG1ZSw
.doubleclick.net/	1970-01-21 02:06:04	Name: IDE Value: AHWqTUngX2DDFnckAP1XZu8cIGuF6sEm1wz8O_CJKJDG0gVwYdQmiyxr_PgFY2EH41I
.googleadservices.com/	1970-01-20 18:54:04	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 16:44:28	Name: test_cookie Value: CheckForPermission
.ctnsnet.com/	1970-01-21 01:30:04	Name: gid_CAESECR7R2Lv8MfZjfnjm5gGtNY Value: 1
.adform.net/	1970-01-20 17:29:06	Name: C Value: 1
.ctnsnet.com/	1970-01-21 01:30:04	Name: cid Value: 72397015faef49a7b87063827e2fc470
.everesttech.net/	1970-01-21 01:30:04	Name: everest_g_v2 Value: g_surferid~ZXByEwAE7sZ9XgBH
.adform.net/	1970-01-20 18:10:52	Name: uid Value: 6312759673255809095
.quantserve.com/	1970-01-20 18:54:04	Name: d Value: EH4BCQHMKoEA
.quantserve.com/	1970-01-21 02:14:42	Name: mc Value: 65707213-f280d-255fe-e32be
.agkn.com/	1970-01-21 01:30:04	Name: ab Value: 0001%3ApbB0jEKvi8F%2Bzw3fFiQkF742F3LZv4yg
.agkn.com/	1970-01-21 01:30:04	Name: u Value: C\|0CEAtAy6ULQMulAAAAAAAAQ13AQCAAQpAAAAAAA
.simpli.fi/	1970-01-21 01:31:30	Name: suid Value: A79AEAE2D207419AADCE7B109ACDE987
.tribalfusion.com/	1970-01-20 18:54:04	Name: ANON_ID Value: a0ntuJS3n0gryoxDmDmSUsQtuQtHYLtjMnRAqeTZcABwWYELqgk4dFZcRM3Me8kYDu89CxZcl78t9yTgsrt6BiQbn0Q
.turn.com/	1970-01-20 21:03:40	Name: uid Value: 3266017417189598963

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmRyweC5jlF5XT27WsDL9GLtWlE50R6lu27NhsvB2-hzBCX6FA21SYtlnMvIUs5sEuZ4VocP1aKa9qzaboC4mNmBmeoI7nevXGs&google_gid=CAESEFP9uW3GnbIX1uV5N7U4Dho&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://mts0.google.com/vt/data=U6qfbsdj1gGwC9JLsb1Y7Ku5PU8dqet70sHVsF6X--kvojUjSAe1tJfDSNIruDNDGi9QKLobGJwsVDPeolXtww Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dclk-match.dotomi.com
dis.criteo.com
discordlogin.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
ipac.ctnsnet.com
match.adsrvr.org
mts0.google.com
onetag-sys.com
pagead2.googlesyndication.com
r.turn.com
s.tribalfusion.com
s.w.org
sync-tm.everesttech.net
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.186.162
15.197.193.217
151.101.2.49
178.250.1.9
192.0.77.48
2.19.217.101
216.58.206.34
23.111.167.173
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:fa8:8806:13::1370
35.157.159.187
35.186.193.173
35.204.74.118
35.244.174.68
37.157.6.233
46.228.164.11
51.89.9.251
52.29.184.165
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
0740cb0048b96f764cb425b6a73b9f80800a75f516c02425ea4a5cdc3a406cc7
091c78f88a09aef421003f1ccb3862353520932c3962f5df04354a7aec9d7ee6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
296a9b7b702577c4f5ca389a7f5a5b29cc999b1590af6cd6ee0f4fcbbbd25129
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31afc6a5fce534fef322e1ff9610f0367ec38d1c37bead2dc9e12cfe44ed173d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6573081b3d058ce8bcf8cd6e0fa2ec7920dd9cb42914a990d506183ad07a853d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
7a5b47703d2aa636762f8b39205a2e03a85ae2de2904d81e6c6a469486ca81e9
82260fadb8ebf4099e2327662fe80b298a61bb590c32371cbdbbf5e2b5c1a8d5
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8c26b0b3f29ff47c9da2eeae31bcb93d8bc039bf4bbb6a5be0abae7c8fc35a3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbcd0ac4354a8ed88b782658699f4915cb47eb9d7bef6f20ddd196f5c9444d0
9271962e9fc8257ce9e008bde83ac1408a2f196db6142548769f290873b70b93
948e95f0217e5043c99c30678b23a36e04ab7fdddd8ba2e77c4b416cb01cb07a
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
adcc36220d1d690b7b210c45f7f959ab8d3705309a519c3d45124722e349d9d5
b6d7748e3977150de790f3960299bfc0ac372e68b66480586d995376e1d6ac26
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
d070526ec221a9737f545da26087ff61396ce6cb1dc630a72330667764e3a442
d521b726642cb08742215afd5f931a29ae888110051895c4ed145a16f6ecd37e
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
da7013a75a2e8e95df67df46112be8d1eedae48fce057cfde6979cfa22caccf9
dad39c73d18fb713314a41970f77c187dd70bc639fa767fbd111b6a1fc1eb4e8
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
e16a51ce209a92f0416a9dc7de86eda2503b3af1d17da066e387ac0a700892fb
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5bdbc71b4745aca5860f19ee8f3af9772a9c8a3df96eef19fe3815f66decc6e
ff7f12f30aa1e6821bbbd96871fcda9b7f581bd30dad075171a82a328b111fe7

discordlogin.com Open in urlscan Pro 23.111.167.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

85 %HTTPS

43 %IPv6

24 Domains

30 Subdomains

23 IPs

8 Countries

1663 kBTransfer

4187 kBSize

17 Cookies

3 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

discordlogin.com Open in urlscan Pro
23.111.167.173 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

85 %
HTTPS

43 %
IPv6

24
Domains

30
Subdomains

23
IPs

8
Countries

1663 kB
Transfer

4187 kB
Size

17
Cookies

122 HTTP transactions
20 data transactions