decimal.info Open in urlscan Pro
65.9.44.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://decimal.info/
Effective URL:
https://decimal.info/
Submission: On July 21 via api (July 21st 2022, 1:11:56 pm UTC) from CH — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 61 HTTP transactions. The main IP is 65.9.44.112, located in United States and belongs to AMAZON-02, US. The main domain is decimal.info.
TLS certificate: Issued by Amazon on June 22nd 2022. Valid for: a year.

This is the only time decimal.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	65.9.44.112 65.9.44.112	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
61	16

6 65.9.44.112 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-44-112.arn54.r.cloudfront.net

decimal.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	365 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296	91 KB
6	decimal.info 1 redirects decimal.info	24 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
3	gstatic.com www.gstatic.com	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2841	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	85 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	914 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	113 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	28 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	645 B
61	12

	Domain	Requested by
15	pagead2.googlesyndication.com	decimal.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net decimal.info tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com decimal.info googleads.g.doubleclick.net
6	decimal.info	1 redirects decimal.info
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	decimal.info googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	decimal.info www.googletagmanager.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
61	16

This site contains no links.

Subject Issuer	Validity	Valid
decimal.info Amazon	`2022-06-22` - `2023-07-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://decimal.info/
Frame ID: 47370F0F566B32F1A9841B6BF9EBC94C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Frame ID: CA5C26E15B85125312CAAA4870A8BD6B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5465481939459128&output=html&adk=1812271804&adf=3025194257&lmt=1612474611&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdecimal.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658409111334&bpp=4&bdt=279&idt=147&shv=r20220719&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2477536264392&frm=20&pv=2&ga_vid=567037669.1658409111&ga_sid=1658409111&ga_hid=57944910&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068511%2C31062930&oid=2&pvsid=460852303401272&tmod=497524129&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=164
Frame ID: A38D8DC124844FAFBCD1ECDEE5E2F66F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2094D2C95F10F59EC3CE4033FB5E8DAB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A66DD7D6B6A5C54D5A0B14196CDFF59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMrCv84BMAE&v=APEucNXvIxrVmhn-binpIwj5omnp4UvcZjsh9j8uTI6jIWzw1PibDb0QSAJ5odYgyK9l56qF06GP851cYlblVaTH0vjVVNkHVA
Frame ID: DA1F1EAB0E2B09255E45B20C31865339
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFH7uJU2ybAGHc0Sjkyx_sX14QBbmhue-IxNsfJemZTW3Hu0_BAMiGdgSuSfvzJXOyaGV5n5BtvMM9gkQUYOD-YdIAAQ&cry=1&dbm_d=AKAmf-CCrAZRJ5dfbuqR3K4qg0mZKVTD5hXCyJwdD57eYHi6B_1NEcWPy4lv7ha4CccsMv6LyJiV0Ced5t0TfqxP-MdBZUar1WLKO7iRnvjDKmdm4MsgCQdVsS9taW6PJACW_5vPk5p7zWuhPlrgfI3rBKfJV_FgljkcpSHiT7vNSdoiPr-IkRhRk_W3paxZD_INXrYjfwNRkmYILky2ZkILcfP4FQ1Qp3ZLdb--3MDxsptnYbn2iRpVpo-jtWjgot_if5dH-x5QSjMmiNymmcJimkHCoiBs5A4gBS0e5Lw0rRwV0lxV1SPhkrj4cIF8a7NcQoWVczfNS69XNcQr49fL2CcA1cvTsIXuIbZxTKh-pcUAT-hcVvZopRFla2lEEClcjIddyzm7wYH0PGczKoJypBxNozJ3wnlbphKz-ZyY0D1dFD_BFV9tKEsVUV0ytUPYMWSL_jnZts8kjjhYY02ngV0CXZSJaUpRCnKa0N0DADJYmxWXNH_rDNI_CUCe40lBnfy9tH-xnKIH1nBQdpzB_mynqrpnUDqT4ftVHVc4JZaS22rI0OiEu9XALv0YaDVi56rLFLPhRBOJKkmA9qpTceLFE03_52jo_xfFqpcXq7P3tglgzEKmh-GByOtMV0Dg2Q8vGes4IfbYxTRiIFVXCNLql6dRnU7v3FuWDExVwtGPMuksfu6vsCe2d8BuGfB9M__1a5-kyETl5nWxLciZ8DQQotsY1-UOFADKCuWCDDGtVHIUyLP82DNNkokG_p0JY7xm6jRNDZmtN3VHhD3yB-pb9GjtPppOw4ok4PwyjacQQVXkarA1v-_hKvRZynoQMk1q8fUbKJyayFlYd_YfjiyH05KqHoiN5RrasKtwzZjRU_LQDeAlpMVh5MCjZ-3Il2Zo2NpWjrRTnITAwwk2Cq_V2AIOgEfexRo4_0Dla-4x8ARWyS0QrdlkO5a1PGSyxxZR6uOWZRF5LwvH3SWeXZ1wS7JlsopKccCgLpYosrPtTG7oJTSC9NLNXLx_nJ_fjL0ztvtoJcATmz0lQu5k8QgnagbPOEerFoyKbl-c6DJFXOAWtiWTQoS6SQUK0pL6yxLvE53Wbvhu8rcWzF_7FId8Mlm8pLE4c5Ytd2SDjy7kwvzjLlu1d4F-ZQVeawm1NKXHjXFJH5dGzNPPSUsFgd1laYLWx6SqEVxHVgARWfMFEpgQ2r3kVmGFZxqwN3Ok2_rZSBbzSBapZ5A7icu88hEJwZQ6vCdd4Nt4s9HT3jnHT7-MTLiCnnSsctVnjp0LrFOV0L8l5aEeYZe6yyaHaVtpwyh4SvLcB4uBa-rVNG_J_QvfVCU81Y6oWixYfojRXoSrbiXJ40ASP9xCvURnv7JtgE9uam0iF5Xa9SQ7Bv2nEYXcNnlohEDpTZLdQKxnBTFh4FKEqAE2y-z8e2uvBzbbXaDJH8jHtamArxL9plSJLHH01r2MkbsWPVDcW1W8RR6v0icBmL3R3E9BZw17-uIh3MaCH13EWzxZB83U9tynZU1zZZE2nG1rqG5OBU2zl0uoxQVvmb4TzIhPssAk-kFDLlHFfY8WhG9hXVg9xPt0xl9GRE8B9cZ71AtJ76ReHM-apOGrVWmP7VHjZlVwwRKi63uAbu8ARKuBBTwCUOp_-FjlqQ5O6CklfgmOWV0a-DqpL-3LplCra3rspvzpUeALXUU4MTNSy2RB4LTuNXGOTiR-e2PoQcUEetVMRERQGNtQUzc00WzPx5lqIuLFtlfh6u8wve_jGZowh7FzJrrIip2r2NW5hrFIuxLILM3FssATaMLUp63W7_foPFgQG_n5NMVxKZ8luiOe2KThgBjYKxqeMR-u1EvIUshk7SGhJUkOg9A71sBugBElfeFvQwWCMjvaT_NipNigP4bVLWGMpmyncfwTmHy0sF0fAp4y75ny_lBqTz9jZAe0K_2qNly9MkOBcAZtweVRbn6qwqhc0TpiHtW9NSgxi-0DlHkr-uCqA_t2WMNASYIFT2HP7WdfgW7dZdCHKyAMZelPnKPduOmidKYlYkoY-D_Ep07t_y3wgtvyxiWvCEsc0_-QJ6wwZmK4us7FuV6YPPUzwkEBBLUyfUJo1Em_SgdsBTgVVLSk-a8lczglUlnquly7QfH4AOdK3MNpzZNegKMKMz-QGib4-V7ytvg0CrgQp64mXBk3pu9TnPesFCJSrGb0Pm0RLRbePUQ2NC8i_B2svSpE4-PrfRGOR3NstiXEBd0FcYbIqPfLI7u9T_G4PvLUKHcpfxSxYCMCL5RuwHOZPkRKEm5zSaxjrWlzDDYCB628iwjVmc_aDhjjJ5fP-IQuBa_KOV-E3s6kz0feeb_NvMCSjgP8dahajhlPDauMJie14iTc5FB7MW42_2Dr-wsEZeov6-fodO7P1wux0j5ye-eJdAxcSvcKdp36FBo2J3L9jRAiTsOoW0QPNOaFmFrEnB6HwBxizxHtg-kY-bHfJjztcipqmgn9kagrCKvJ5mhJxZY3E0eXka3KGZ8yHSari7Wd0tEpz4HcejQNs7IuaM9LF4OWN9NE-iSWQm3sawiFrN6dH3e1SSjMcXfRolhAyoKaHciZGpL1tC-mqNuFzRU0lTgrTZBDTrPiiR8WNrUxljDtBdBHdzXfFBAm2KwIRqS0VuzgfmgdyPuyGRjwLNLRpfF8KivO-26JNakRsXtM1y7F8_A4EGzNP1EG-cy3b21L8lSzQep6HFmR6sdtmr3OOXwNYtFv2M3pFVd0UKBZqhwYWG07ZnnSWJIcJqbK3ta_nukqLc5ITwt9bZKfp6Bw27lmWooGcLj0wNXgAdPUyiRknBdTkSjHFsqJmCorTbYwxD5FSvMLEA77-uYD9x_5HLviFqoLtn7WMP1BhGc231t_k7ZoXoMtnacKhGWVHJnhWWvj1yPYSijrJwYom0JUpGOblN5qBrepEB4R0pNuJT2z6odgYH70oi1ZPdysoHesXnlMFE8TQGYfBSQC5Y7NNfAkfPOF3x5jtUU2qGC6v_IVWzeId8o7_7ucI6YMBdU9ypd-fNpmmbDhWpp6QlHKJIDFjiWRllyuqhS97v-D3QUvTp-4Zw2pPbIqkaOqG0xSpijxYLjjlRClPtBIFla1APuI0WQ&cid=CAASBORoQjw&rfl=2%2Chttps%253A%252F%252Fdecimal.info%252F%240
Frame ID: 5306E4D5E598651A02ACF23CD4B562BC
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: AB313DB7AB8AE0CD5626BD1766D5FC50
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 61CACD5B45201E7CC36435E4D9D24374
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23A979C9128B08F900CA5A85519BBC1A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A881D95192B1187AF5C1782B3BFA60F4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 442167379BEB5565C363FF610CF5276C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: 8560838478DFAA4A46497808EAB2C979
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Decimal

Page URL History Show full URLs

http://decimal.info/ HTTP 301
https://decimal.info/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

100 %
HTTPS

80 %
IPv6

12
Domains

16
Subdomains

16
IPs

3
Countries

746 kB
Transfer

1966 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://decimal.info/ HTTP 301
https://decimal.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
decimal.info/
Redirect Chain

http://decimal.info/
https://decimal.info/

8 KB
8 KB

139ms
71ms

Document
text/html

65.9.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://decimal.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.44.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-44-112.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed1d38d66822f832b0bb6f7285c964d68ef3fef1ceede998d8773989bb647d27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16748
content-length: 8242
content-type: text/html
date: Thu, 21 Jul 2022 08:32:38 GMT
etag: "9e0606b4eb21c09d9d88f95a18b6827d"
last-modified: Thu, 04 Feb 2021 21:36:51 GMT
server: AmazonS3
via: 1.1 9dc04feb591f6b5ae6ea4527a23d28da.cloudfront.net (CloudFront)
x-amz-cf-id: tHJCJ1TJCwSLZEEf9aomMebn7F05RkkMiJb6t5eyHocN1XHfaotv_g==
x-amz-cf-pop: ARN54-C1
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Thu, 21 Jul 2022 13:11:45 GMT
Location: https://decimal.info/
Server: CloudFront
Via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: -dISUg2QrC1CCuma_JrtjeLvxyZfDWghzOwOYoZWhOGYRz5kck3UZw==
X-Amz-Cf-Pop: ARN54-C1
X-Cache: Redirect from cloudfront

GET
H2 200 rm2.css
decimal.info/css/rm2/ 1 KB
1 KB 28ms
28ms Stylesheet
text/css 65.9.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://decimal.info/css/rm2/rm2.css
Requested by: Host: decimal.info
URL: https://decimal.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.44.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-44-112.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad0efc678567591152521173d4eb92894874270809794b8e2f53abf1a40f2f6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 06:23:43 GMT
via: 1.1 9dc04feb591f6b5ae6ea4527a23d28da.cloudfront.net (CloudFront)
last-modified: Sat, 22 Dec 2018 06:44:14 GMT
server: AmazonS3
age: 24483
etag: "fe5a084d520dd42df0b7a4eaaae3bb95"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: ARN54-C1
content-length: 1120
x-amz-cf-id: dPHNQrTtrM5FuQZg3OdxILWLmGPMpccDitBWbVznEb4o8TtuzQim2Q==

GET
H2 200 checkCookieConsent2.js Show response
decimal.info/css/rm2/ 2 KB
3 KB 29ms
29ms Script
application/x-javascript 65.9.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://decimal.info/css/rm2/checkCookieConsent2.js
Requested by: Host: decimal.info
URL: https://decimal.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.44.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-44-112.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e5d3deb9af3437b4591a0092ceb1bf6649c3cf664ba0a89fcb9f5e1141db542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 07:01:21 GMT
via: 1.1 9dc04feb591f6b5ae6ea4527a23d28da.cloudfront.net (CloudFront)
last-modified: Sat, 22 Dec 2018 06:44:14 GMT
server: AmazonS3
age: 22225
etag: "93f75c0be8226c5775193eb29b8edfaf"
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-cf-pop: ARN54-C1
content-length: 2437
x-amz-cf-id: iV2iJUF86CttJ6oBEmB776kbeKvmSWQ3ekH4ouoP2sL7iH18FiYPpw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 173ms
73ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2857d3922d77d491fde84c7933efc53137663fc5e1ccf6bab3d8f1d94d8ecc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56861
x-xss-protection: 0
server: cafe
etag: 4568490513420412787
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:45 GMT

GET
H2 200 directory.png
decimal.info/css/rm2/ 792 B
1 KB 29ms
28ms Image
image/png 65.9.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://decimal.info/css/rm2/directory.png
Requested by: Host: decimal.info
URL: https://decimal.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.44.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-44-112.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61c2f0a084d7a89440fe67abce0357ca0b087bb250f7c687960bc694fcefce62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 04:25:20 GMT
via: 1.1 9dc04feb591f6b5ae6ea4527a23d28da.cloudfront.net (CloudFront)
last-modified: Sat, 22 Dec 2018 06:44:14 GMT
server: AmazonS3
age: 31586
etag: "0eb9e78a2c046c911f805f544273fea2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: ARN54-C1
content-length: 792
x-amz-cf-id: mMLgDeAXIOb37raxC6Jq5l5iIQ55p0Dq4F4u0Ho9HFgYjI96RnyB7Q==

GET
H2 200 Decimal.png
decimal.info/Images/ 10 KB
10 KB 62ms
62ms Image
image/png 65.9.44.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://decimal.info/Images/Decimal.png
Requested by: Host: decimal.info
URL: https://decimal.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.44.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-44-112.arn54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ecc4cce7fd93e1d55ae275239f468f715df8eaf5497af937227430ea372fbe1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 08:32:38 GMT
via: 1.1 9dc04feb591f6b5ae6ea4527a23d28da.cloudfront.net (CloudFront)
last-modified: Fri, 02 Nov 2018 22:55:58 GMT
server: AmazonS3
age: 16748
etag: "09e4264175012ec379b7ba5aa3d4eb8b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: ARN54-C1
content-length: 9940
x-amz-cf-id: f0t9kSd1AJWdW2lKAuqDk5FrIsSkv40p3bw_cl_dDEQVAvyX9hUEHQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 140ms
54ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10151966-27

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a8bdd1d8cc2553f7fc5452ebf4039f23de9b1e49c0665304475d1fd5f45dca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43077
x-xss-protection: 0
expires: Thu, 21 Jul 2022 13:11:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
71 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MLXDRZJV6J&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10151966-27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6188b164c8484e4b728a8736120fa497bb8e4b984f9f888ea743712a81c4a8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:45 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72370
x-xss-protection: 0
expires: Thu, 21 Jul 2022 13:11:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 132ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10151966-27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 585
date: Thu, 21 Jul 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 21 Jul 2022 15:02:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/ 341 KB
121 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5465481939459128&plah=decimal.info&bust=31068511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

922324068b3f56da26774156cf57ee10761ffa52f596f064d77b900af71ee892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123220
x-xss-protection: 0
server: cafe
etag: 3343245144360272448
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/ Frame CA5C 10 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://decimal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48348
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 23:45:57 GMT
etag: 8616628553774171045
expires: Wed, 03 Aug 2022 23:45:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 111ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MLXDRZJV6J&gtm=2oe7i0&_p=57944910&_z=ccd.v9B&cid=567037669.1658409111&ul=en-us&sr=1600x1200&_s=1&sid=1658409111&sct=1&seg=0&dl=https%3A%2F%2Fdecimal.info%2F&dt=Decimal&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MLXDRZJV6J&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://decimal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 116ms
43ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=57944910&t=pageview&_s=1&dl=https%3A%2F%2Fdecimal.info%2F&ul=en-us&de=UTF-8&dt=Decimal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=751456293&gjid=844640838&cid=567037669.1658409111&tid=UA-10151966-27&_gid=923714341.1658409111&_r=1&gtm=2ou7i0&z=159061404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://decimal.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://decimal.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 156ms
37ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=decimal.info&callback=_gfp_s_&client=ca-pub-5465481939459128

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5465481939459128&plah=decimal.info&bust=31068511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

18d5eff0a8b3d63022a256dea5678a5d9ebb3e78371dbb0ea3ae3e008c778088

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 140ms
46ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=decimal.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=decimal.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fdecimal.info%2F&tn=DIV&cls=topmenubar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A38D 166 KB
47 KB 974ms
974ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5465481939459128&output=html&adk=1812271804&adf=3025194257&lmt=1612474611&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdecimal.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658409111334&bpp=4&bdt=279&idt=147&shv=r20220719&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2477536264392&frm=20&pv=2&ga_vid=567037669.1658409111&ga_sid=1658409111&ga_hid=57944910&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068511%2C31062930&oid=2&pvsid=460852303401272&tmod=497524129&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=164

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570d77dc4006151be42d5924c7afe3e11fd1ec65e5c8898852e6d342e3d3196a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://decimal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48068
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:11:46 GMT
expires: Thu, 21 Jul 2022 13:11:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 132ms
54ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3367197a0d71dfb9b4fda39ec2983d3e86d6b6a76992cd1261d13e1bb849c1b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10972
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/ 150 KB
54 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/reactive_library_fy2019.js?bust=31068511

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

162e0f9185b3265a33984bda212bddc95fd2b304ba3afcd9080397c72cb858a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54815
x-xss-protection: 0
server: cafe
etag: 13722051924421059354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 13:11:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 130ms
48ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=decimal.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 119ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=decimal.info

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/ Frame 2094 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://decimal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 23:37:55 GMT
etag: 8616628553774171045
expires: Wed, 03 Aug 2022 23:37:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/ Frame 3A66 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://decimal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 23:37:55 GMT
etag: 8616628553774171045
expires: Wed, 03 Aug 2022 23:37:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 193ms
81ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 13:11:47 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2094 4 KB
1 KB 56ms
24ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 13:08:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 13:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 13:11:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2094 205 B
518 B 127ms
45ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 11:21:15 GMT
x-content-type-options: nosniff
age: 6632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Jul 2023 11:21:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2094 604 B
694 B 127ms
46ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:00:48 GMT
x-content-type-options: nosniff
age: 659
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 21 Jul 2023 13:00:48 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 2094 19 KB
9 KB 124ms
36ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:01:20 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DA1F 0
20 B 50ms
50ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMrCv84BMAE&v=APEucNXvIxrVmhn-binpIwj5omnp4UvcZjsh9j8uTI6jIWzw1PibDb0QSAJ5odYgyK9l56qF06GP851cYlblVaTH0vjVVNkHVA

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:11:47 GMT
expires: Thu, 21 Jul 2022 13:11:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5306 60 KB
30 KB 80ms
78ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFH7uJU2ybAGHc0Sjkyx_sX14QBbmhue-IxNsfJemZTW3Hu0_BAMiGdgSuSfvzJXOyaGV5n5BtvMM9gkQUYOD-YdIAAQ&cry=1&dbm_d=AKAmf-CCrAZRJ5dfbuqR3K4qg0mZKVTD5hXCyJwdD57eYHi6B_1NEcWPy4lv7ha4CccsMv6LyJiV0Ced5t0TfqxP-MdBZUar1WLKO7iRnvjDKmdm4MsgCQdVsS9taW6PJACW_5vPk5p7zWuhPlrgfI3rBKfJV_FgljkcpSHiT7vNSdoiPr-IkRhRk_W3paxZD_INXrYjfwNRkmYILky2ZkILcfP4FQ1Qp3ZLdb--3MDxsptnYbn2iRpVpo-jtWjgot_if5dH-x5QSjMmiNymmcJimkHCoiBs5A4gBS0e5Lw0rRwV0lxV1SPhkrj4cIF8a7NcQoWVczfNS69XNcQr49fL2CcA1cvTsIXuIbZxTKh-pcUAT-hcVvZopRFla2lEEClcjIddyzm7wYH0PGczKoJypBxNozJ3wnlbphKz-ZyY0D1dFD_BFV9tKEsVUV0ytUPYMWSL_jnZts8kjjhYY02ngV0CXZSJaUpRCnKa0N0DADJYmxWXNH_rDNI_CUCe40lBnfy9tH-xnKIH1nBQdpzB_mynqrpnUDqT4ftVHVc4JZaS22rI0OiEu9XALv0YaDVi56rLFLPhRBOJKkmA9qpTceLFE03_52jo_xfFqpcXq7P3tglgzEKmh-GByOtMV0Dg2Q8vGes4IfbYxTRiIFVXCNLql6dRnU7v3FuWDExVwtGPMuksfu6vsCe2d8BuGfB9M__1a5-kyETl5nWxLciZ8DQQotsY1-UOFADKCuWCDDGtVHIUyLP82DNNkokG_p0JY7xm6jRNDZmtN3VHhD3yB-pb9GjtPppOw4ok4PwyjacQQVXkarA1v-_hKvRZynoQMk1q8fUbKJyayFlYd_YfjiyH05KqHoiN5RrasKtwzZjRU_LQDeAlpMVh5MCjZ-3Il2Zo2NpWjrRTnITAwwk2Cq_V2AIOgEfexRo4_0Dla-4x8ARWyS0QrdlkO5a1PGSyxxZR6uOWZRF5LwvH3SWeXZ1wS7JlsopKccCgLpYosrPtTG7oJTSC9NLNXLx_nJ_fjL0ztvtoJcATmz0lQu5k8QgnagbPOEerFoyKbl-c6DJFXOAWtiWTQoS6SQUK0pL6yxLvE53Wbvhu8rcWzF_7FId8Mlm8pLE4c5Ytd2SDjy7kwvzjLlu1d4F-ZQVeawm1NKXHjXFJH5dGzNPPSUsFgd1laYLWx6SqEVxHVgARWfMFEpgQ2r3kVmGFZxqwN3Ok2_rZSBbzSBapZ5A7icu88hEJwZQ6vCdd4Nt4s9HT3jnHT7-MTLiCnnSsctVnjp0LrFOV0L8l5aEeYZe6yyaHaVtpwyh4SvLcB4uBa-rVNG_J_QvfVCU81Y6oWixYfojRXoSrbiXJ40ASP9xCvURnv7JtgE9uam0iF5Xa9SQ7Bv2nEYXcNnlohEDpTZLdQKxnBTFh4FKEqAE2y-z8e2uvBzbbXaDJH8jHtamArxL9plSJLHH01r2MkbsWPVDcW1W8RR6v0icBmL3R3E9BZw17-uIh3MaCH13EWzxZB83U9tynZU1zZZE2nG1rqG5OBU2zl0uoxQVvmb4TzIhPssAk-kFDLlHFfY8WhG9hXVg9xPt0xl9GRE8B9cZ71AtJ76ReHM-apOGrVWmP7VHjZlVwwRKi63uAbu8ARKuBBTwCUOp_-FjlqQ5O6CklfgmOWV0a-DqpL-3LplCra3rspvzpUeALXUU4MTNSy2RB4LTuNXGOTiR-e2PoQcUEetVMRERQGNtQUzc00WzPx5lqIuLFtlfh6u8wve_jGZowh7FzJrrIip2r2NW5hrFIuxLILM3FssATaMLUp63W7_foPFgQG_n5NMVxKZ8luiOe2KThgBjYKxqeMR-u1EvIUshk7SGhJUkOg9A71sBugBElfeFvQwWCMjvaT_NipNigP4bVLWGMpmyncfwTmHy0sF0fAp4y75ny_lBqTz9jZAe0K_2qNly9MkOBcAZtweVRbn6qwqhc0TpiHtW9NSgxi-0DlHkr-uCqA_t2WMNASYIFT2HP7WdfgW7dZdCHKyAMZelPnKPduOmidKYlYkoY-D_Ep07t_y3wgtvyxiWvCEsc0_-QJ6wwZmK4us7FuV6YPPUzwkEBBLUyfUJo1Em_SgdsBTgVVLSk-a8lczglUlnquly7QfH4AOdK3MNpzZNegKMKMz-QGib4-V7ytvg0CrgQp64mXBk3pu9TnPesFCJSrGb0Pm0RLRbePUQ2NC8i_B2svSpE4-PrfRGOR3NstiXEBd0FcYbIqPfLI7u9T_G4PvLUKHcpfxSxYCMCL5RuwHOZPkRKEm5zSaxjrWlzDDYCB628iwjVmc_aDhjjJ5fP-IQuBa_KOV-E3s6kz0feeb_NvMCSjgP8dahajhlPDauMJie14iTc5FB7MW42_2Dr-wsEZeov6-fodO7P1wux0j5ye-eJdAxcSvcKdp36FBo2J3L9jRAiTsOoW0QPNOaFmFrEnB6HwBxizxHtg-kY-bHfJjztcipqmgn9kagrCKvJ5mhJxZY3E0eXka3KGZ8yHSari7Wd0tEpz4HcejQNs7IuaM9LF4OWN9NE-iSWQm3sawiFrN6dH3e1SSjMcXfRolhAyoKaHciZGpL1tC-mqNuFzRU0lTgrTZBDTrPiiR8WNrUxljDtBdBHdzXfFBAm2KwIRqS0VuzgfmgdyPuyGRjwLNLRpfF8KivO-26JNakRsXtM1y7F8_A4EGzNP1EG-cy3b21L8lSzQep6HFmR6sdtmr3OOXwNYtFv2M3pFVd0UKBZqhwYWG07ZnnSWJIcJqbK3ta_nukqLc5ITwt9bZKfp6Bw27lmWooGcLj0wNXgAdPUyiRknBdTkSjHFsqJmCorTbYwxD5FSvMLEA77-uYD9x_5HLviFqoLtn7WMP1BhGc231t_k7ZoXoMtnacKhGWVHJnhWWvj1yPYSijrJwYom0JUpGOblN5qBrepEB4R0pNuJT2z6odgYH70oi1ZPdysoHesXnlMFE8TQGYfBSQC5Y7NNfAkfPOF3x5jtUU2qGC6v_IVWzeId8o7_7ucI6YMBdU9ypd-fNpmmbDhWpp6QlHKJIDFjiWRllyuqhS97v-D3QUvTp-4Zw2pPbIqkaOqG0xSpijxYLjjlRClPtBIFla1APuI0WQ&cid=CAASBORoQjw&rfl=2%2Chttps%253A%252F%252Fdecimal.info%252F%240

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b4c3bb733a1446d7b1976dfa6c6602f3cb44eca38aa51fbb5af6d854e604513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30431
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 5306 3 KB
1 KB 150ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 12:23:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5306 137 KB
43 KB 146ms
55ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 13:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame 5306 17 KB
7 KB 112ms
42ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 12:58:33 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5306 42 B
63 B 73ms
72ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJGigfjyssC_I4kCIVs2-jiABy1VeMGYTtjpUP2vdGM6bK7jNY5HxtYftq0REcsJQUeYHM26lvKrys2cLoDP1LGkbNgXLG7ge3A3n4heyBfwZjTqc

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AB31 8 KB
893 B 50ms
21ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:45:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 13:11:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 13:11:47 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame AB31 2 KB
982 B 93ms
79ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:07:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame AB31 21 KB
9 KB 87ms
73ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:00:57 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame AB31 3 KB
1 KB 94ms
80ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:23:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2925
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 12:23:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB31 137 KB
42 KB 143ms
108ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 13:11:47 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/ Frame AB31 17 KB
7 KB 60ms
47ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 794
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: cafe
etag: 1169380200214664902
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 12:58:33 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame AB31 30 KB
13 KB 43ms
37ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 21:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55239
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 23:08:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Oct 2022 21:51:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 5306 27 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFH7uJU2ybAGHc0Sjkyx_sX14QBbmhue-IxNsfJemZTW3Hu0_BAMiGdgSuSfvzJXOyaGV5n5BtvMM9gkQUYOD-YdIAAQ&cry=1&dbm_d=AKAmf-CCrAZRJ5dfbuqR3K4qg0mZKVTD5hXCyJwdD57eYHi6B_1NEcWPy4lv7ha4CccsMv6LyJiV0Ced5t0TfqxP-MdBZUar1WLKO7iRnvjDKmdm4MsgCQdVsS9taW6PJACW_5vPk5p7zWuhPlrgfI3rBKfJV_FgljkcpSHiT7vNSdoiPr-IkRhRk_W3paxZD_INXrYjfwNRkmYILky2ZkILcfP4FQ1Qp3ZLdb--3MDxsptnYbn2iRpVpo-jtWjgot_if5dH-x5QSjMmiNymmcJimkHCoiBs5A4gBS0e5Lw0rRwV0lxV1SPhkrj4cIF8a7NcQoWVczfNS69XNcQr49fL2CcA1cvTsIXuIbZxTKh-pcUAT-hcVvZopRFla2lEEClcjIddyzm7wYH0PGczKoJypBxNozJ3wnlbphKz-ZyY0D1dFD_BFV9tKEsVUV0ytUPYMWSL_jnZts8kjjhYY02ngV0CXZSJaUpRCnKa0N0DADJYmxWXNH_rDNI_CUCe40lBnfy9tH-xnKIH1nBQdpzB_mynqrpnUDqT4ftVHVc4JZaS22rI0OiEu9XALv0YaDVi56rLFLPhRBOJKkmA9qpTceLFE03_52jo_xfFqpcXq7P3tglgzEKmh-GByOtMV0Dg2Q8vGes4IfbYxTRiIFVXCNLql6dRnU7v3FuWDExVwtGPMuksfu6vsCe2d8BuGfB9M__1a5-kyETl5nWxLciZ8DQQotsY1-UOFADKCuWCDDGtVHIUyLP82DNNkokG_p0JY7xm6jRNDZmtN3VHhD3yB-pb9GjtPppOw4ok4PwyjacQQVXkarA1v-_hKvRZynoQMk1q8fUbKJyayFlYd_YfjiyH05KqHoiN5RrasKtwzZjRU_LQDeAlpMVh5MCjZ-3Il2Zo2NpWjrRTnITAwwk2Cq_V2AIOgEfexRo4_0Dla-4x8ARWyS0QrdlkO5a1PGSyxxZR6uOWZRF5LwvH3SWeXZ1wS7JlsopKccCgLpYosrPtTG7oJTSC9NLNXLx_nJ_fjL0ztvtoJcATmz0lQu5k8QgnagbPOEerFoyKbl-c6DJFXOAWtiWTQoS6SQUK0pL6yxLvE53Wbvhu8rcWzF_7FId8Mlm8pLE4c5Ytd2SDjy7kwvzjLlu1d4F-ZQVeawm1NKXHjXFJH5dGzNPPSUsFgd1laYLWx6SqEVxHVgARWfMFEpgQ2r3kVmGFZxqwN3Ok2_rZSBbzSBapZ5A7icu88hEJwZQ6vCdd4Nt4s9HT3jnHT7-MTLiCnnSsctVnjp0LrFOV0L8l5aEeYZe6yyaHaVtpwyh4SvLcB4uBa-rVNG_J_QvfVCU81Y6oWixYfojRXoSrbiXJ40ASP9xCvURnv7JtgE9uam0iF5Xa9SQ7Bv2nEYXcNnlohEDpTZLdQKxnBTFh4FKEqAE2y-z8e2uvBzbbXaDJH8jHtamArxL9plSJLHH01r2MkbsWPVDcW1W8RR6v0icBmL3R3E9BZw17-uIh3MaCH13EWzxZB83U9tynZU1zZZE2nG1rqG5OBU2zl0uoxQVvmb4TzIhPssAk-kFDLlHFfY8WhG9hXVg9xPt0xl9GRE8B9cZ71AtJ76ReHM-apOGrVWmP7VHjZlVwwRKi63uAbu8ARKuBBTwCUOp_-FjlqQ5O6CklfgmOWV0a-DqpL-3LplCra3rspvzpUeALXUU4MTNSy2RB4LTuNXGOTiR-e2PoQcUEetVMRERQGNtQUzc00WzPx5lqIuLFtlfh6u8wve_jGZowh7FzJrrIip2r2NW5hrFIuxLILM3FssATaMLUp63W7_foPFgQG_n5NMVxKZ8luiOe2KThgBjYKxqeMR-u1EvIUshk7SGhJUkOg9A71sBugBElfeFvQwWCMjvaT_NipNigP4bVLWGMpmyncfwTmHy0sF0fAp4y75ny_lBqTz9jZAe0K_2qNly9MkOBcAZtweVRbn6qwqhc0TpiHtW9NSgxi-0DlHkr-uCqA_t2WMNASYIFT2HP7WdfgW7dZdCHKyAMZelPnKPduOmidKYlYkoY-D_Ep07t_y3wgtvyxiWvCEsc0_-QJ6wwZmK4us7FuV6YPPUzwkEBBLUyfUJo1Em_SgdsBTgVVLSk-a8lczglUlnquly7QfH4AOdK3MNpzZNegKMKMz-QGib4-V7ytvg0CrgQp64mXBk3pu9TnPesFCJSrGb0Pm0RLRbePUQ2NC8i_B2svSpE4-PrfRGOR3NstiXEBd0FcYbIqPfLI7u9T_G4PvLUKHcpfxSxYCMCL5RuwHOZPkRKEm5zSaxjrWlzDDYCB628iwjVmc_aDhjjJ5fP-IQuBa_KOV-E3s6kz0feeb_NvMCSjgP8dahajhlPDauMJie14iTc5FB7MW42_2Dr-wsEZeov6-fodO7P1wux0j5ye-eJdAxcSvcKdp36FBo2J3L9jRAiTsOoW0QPNOaFmFrEnB6HwBxizxHtg-kY-bHfJjztcipqmgn9kagrCKvJ5mhJxZY3E0eXka3KGZ8yHSari7Wd0tEpz4HcejQNs7IuaM9LF4OWN9NE-iSWQm3sawiFrN6dH3e1SSjMcXfRolhAyoKaHciZGpL1tC-mqNuFzRU0lTgrTZBDTrPiiR8WNrUxljDtBdBHdzXfFBAm2KwIRqS0VuzgfmgdyPuyGRjwLNLRpfF8KivO-26JNakRsXtM1y7F8_A4EGzNP1EG-cy3b21L8lSzQep6HFmR6sdtmr3OOXwNYtFv2M3pFVd0UKBZqhwYWG07ZnnSWJIcJqbK3ta_nukqLc5ITwt9bZKfp6Bw27lmWooGcLj0wNXgAdPUyiRknBdTkSjHFsqJmCorTbYwxD5FSvMLEA77-uYD9x_5HLviFqoLtn7WMP1BhGc231t_k7ZoXoMtnacKhGWVHJnhWWvj1yPYSijrJwYom0JUpGOblN5qBrepEB4R0pNuJT2z6odgYH70oi1ZPdysoHesXnlMFE8TQGYfBSQC5Y7NNfAkfPOF3x5jtUU2qGC6v_IVWzeId8o7_7ucI6YMBdU9ypd-fNpmmbDhWpp6QlHKJIDFjiWRllyuqhS97v-D3QUvTp-4Zw2pPbIqkaOqG0xSpijxYLjjlRClPtBIFla1APuI0WQ&cid=CAASBORoQjw&rfl=2%2Chttps%253A%252F%252Fdecimal.info%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10561
x-xss-protection: 0
server: cafe
etag: 14610481443806215460
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:10:32 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 5306 8 KB
3 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 13:04:21 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5306 0
622 B 165ms
78ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFUdaZr7EmYi2EaCibYU1M7bGpzucIn6-Dc4lleV1C1ssytp_ZXcEbKHb0ep3C1Ik1tAYX3LhFFArwPtMlKBaEOa2EUepT8_R4Kt0aE6pwygyt619bc-9S0CMfS3x1592vz789u_qXQNgIAEgkSI8u0iO5EQ0JSW8tU_sO2VG6QuwZBp7R8PNeZA84pLuS34LTzh7Ff30WeXAyu6sBYRH-ADy9aDTKaxgsSr9gJY5rD4oliWwHDTsSp7NlE8Jw7Eowu3PJFx023BOaB7wD6P1NXT7npE3tHgR_UWJoLv6Lfry8_4E0N-9NJX_W1VbhREONmtwAEAkEsMkcoYshtJeBE9kUMJ5oEH-5mZYwcwqeGNnhpTd0GMwCt1AIf24rIZl-l8wkCaa_A9tlBPKdj9X3I2IBG0KrkweUMRDspHcGdTNroX2hp_S7AVrBlcVQzM2tuZbwFKlO63PgPSCpMgLsSOR05e44Y_fFlemT0s6GpLYZZGLAzxatT39S5a29auU8MZXlhmIZxYc0_gNCnJy8c8pYUR6f_-X7qjLe8ih8cCyIS8dIL8NRuqscmZBFBxyQO3LDmGjWT9YbNIzFt_OUBb5QCzH7UoR9SvMbLJKpJJrO7XfK6RkcFI0OlqU_-1mqzYHd-HAMIIvbdG5ad1e7zIKo1GsBb92gAC74yETYwVecdjYaVEQ9xubF-m8vlRFHH5-Zhh41brCAMqXefNcHws8u7fN4ebBUGxQxXKe9TddRhxLCEz1ObZOXOStJqvvgYPATtcgFyShvXQqRfNXXResaQn5DHqpnRlvST1UezGmE7KYRdjlMOdU_LymiMmIxcjmyixUtgN-LhBI6y76x3HS_LKC5nqMyI01S_KS2m-q-jnzIsORKYS0vWlw8vcOVtXbTYUOp6iFh7--GA9ZnXXDY8FoN7hm_iLtcSD-Ey9RzgUMu1wETwl4J0BG8uf0t9lna1DMtjgmXWa5wgACO6mENc6Z3450G-DczdSVb61tFHbvk4MKYBq4gyrMG1x71dyQZqX2u5tuDFv9GDE1_cOxHlatT8e_PTYF75WSyxO4NEK1N_aVZoF2rReJmPtP2T5_wZpqi5Vpy942SYUnPi79Ug-BZbn2BnqqkRxcFs03cOQ2WIuTY1yUtdYApdnt4MPjZwm8wNlr_ja59LUrs0LUbvF13u6zjihyCxw&sai=AMfl-YSe8eUYoGgmFxfFEKV7kjqB_bBxU1dTivdSi4ybphllBgLaJjZ4y7bjqZgtVmisHwQV08TFR6qft1xNYGzLw5CiBJp08YiQX9PBSdmPZQ7V2t7n_Q&sig=Cg0ArKJSzK0TCisUXoCWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220719.94041&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 21 Jul 2022 13:11:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5306 41 KB
15 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 10:19:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183135
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 10:19:32 GMT

GET
H2 200 12215285190748449399
s0.2mdn.net/simgad/ Frame 5306 27 KB
28 KB 147ms
41ms Image
image/png 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12215285190748449399?sqp=-oaymwENCNgFEFogAUhkUAFYAQ&rs=AOga4qlvsPLbnaYZqDZ_R2ESB6Pk_N16KA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f93d612ea32e1806e7e4d32bffe8ad85a43e7c11ab0b2ffce81602a5dc2ae9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 04:30:58 GMT
x-content-type-options: nosniff
age: 117649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28088
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 19:27:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 20 Jul 2023 04:30:58 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61CA 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 13:10:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23A9 13 KB
5 KB 119ms
38ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://decimal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 12:44:27 GMT
expires: Fri, 21 Jul 2023 12:44:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A881 783 B
1 KB 138ms
49ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

393785445640b09a0ccb879c5c68904ccf4f331df44888be8d04d54fc6341add

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LY_CuVeVofMthpM2Xy6NeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://decimal.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LY_CuVeVofMthpM2Xy6NeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 13:11:47 GMT
expires: Thu, 21 Jul 2022 13:11:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4421 22 KB
8 KB 104ms
40ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 02:38:07 GMT
expires: Fri, 21 Jul 2023 02:38:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5306 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21bed7b52700d449f726b0895c2813585356acb65d2645cf6aabe9112bff7dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 61CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

107ms
107ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 13:11:47 GMT
expires: Thu, 21 Jul 2022 13:11:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 13:11:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5306 0
26 B 135ms
70ms Ping
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 13:11:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 4421 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 12:44:24 GMT

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 23A9 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 12:44:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A881 0
0 88ms
88ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220719&jk=460852303401272&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8560 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Host: decimal.info
URL: https://decimal.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 12:44:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 12:44:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 23A9 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0fGZig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 13:11:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4421 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br9VAk1DZYrLxCsul9u8PjPWy4AYAAAAAOAHgBAI&bg=!c3ClcDTNAAZlvz3gRb87ACkAdvg8Wml2V_bxyEGKvSNuJidO2ML4L9so02xozMOMbwx-0Nyiseu8eAIAAADZUgAAAAJoAQcKAFKiPpRkviREsLQOTx82qcssO7JEAMEBx2eGEvuSk3bNcPk45HKJ0U4p02-pnKihdYed2su-kKvhWCa6PlET4TwT66RVRVD0noeKOfE3oRKJGl8BmQL6VidSeYj6YjXHrzaL_vtScrmbAzE1IwRkt_xgrLA3rF7h2UpjohDWI0OZh8kU22w8tq-Wank8rq1zHq-RoGVAJl-FShyO5EWz525P2nxiIu30TD0dzggERO9wdvQcOFt73ifwpDBay5s-dkYZUNoy6Z58SACkkdSykYXAYfSYhddfUA8ZnToCVI4yzL5hnTlW5bRsOAqavBmFicuA-VYnyuBF_VaIxev_py4ut70LVyo4LhiPPOTmf1G8IbrFLF5bs_nF8xdPka8xa2cvCJ-_nZolo3zDqKZ1n01oAA-WWbb9Ab_2KELL2ztuOWsOCmkibA7Pp2SkVNcNYZURben9JBFdRx39NCvXKML30A0Cvkpjl987RTfqOORCioHskKNNn1MgdtQScyaq-6Pt9mtfl2_ZXnvlwW_3nI1A2Lm8wryi4JnOfkRAWJa_Ze2l9K6wcDm2O4_FkNXK_10kOGuCMV5nXcIMjlDTj7U1_MjtVupPCoGQJG1WRHG8NVTwwcWY2_Howjkw41M90bfE8FqBwJCz7qeJInRfpPo2jcW6AmCeBwH0fMwqo9OEiYyoj0oY10tD-ys3ASYo4a8EQeUvfQItIs49jtI9NMKPl2zoWAffxLFDp385CFrbsPtLAR8ZEc2Vj35iiwVRQ4ttLmA5Y4m43gD2d4eKRf75A4dCpqbt_knnsrv_9wmRSYa23zJdzZb1McFltAb1BjBMiGq4QBYIuiSAh1uagkprzvmv2GfkwPvLfFZQQjCjK7R3HkxQvCkYQV315qju5VR8L_CIwTVD7AHXaa2dJ4EyPf6GDNIsven_hJ-Xdk0G41DMJ_VmvI9cHc8P_vCjvkp5xL8LyOWzhAiskPrIHKJKmyRhRLp0UYOVgWZBoVRHJCZyTnfxWqXBB_2vSMBTspCbSrznN-OzhkkMZQDrK1hg9xhIILK1bjo9D_wxT90K_enIAvMcfBJ5APpIRjhYLsY5y-9H6FWAGYazG5NA4KRilJGgefIhMHb1njdvBafu

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220719&jk=460852303401272&bg=!ERKlElbNAAZlvz3gRb87ACkAdvg8Wokdwq2Eq3pvEQRvtfb-ERsVJApodL-sSRhpuBlBEW0yM_PKgwIAAACMUgAAAAJoAQcKABPvC_3j9VEYoczudvmjSw6I1EcImQKOc3Ai6D_ifSanvUgnJuUXU132euKGWg_YdKC5nrZz5GoXOazquUh3FN5XwSua6pMX0mvhRxLFiNjlrjpaA4dOZi8bPtivs33foRYxJG9PlxAwAcDCec9EjXaNDTP9vGWYiGFI1bfw9tUqfGO-275qTBdDdIyNd77f58FLRi3jLjHy11-7BaylE60bMbfP3OkcPODWQh3BE9pR3lv3Fx0d_3DnZRf9Ia3R-az8XOc8Nx1MYw_7-hjEj8JVdrNPRJXnLNaun4PcQqhLrSyrinysz4s9nIjMCZRp_BHYI97GOJchpYUNRsi4eRBroj-DGwqTmYlM2HHscTpKiKM2hKtmfXtRWUBx2mWrfGegXnfTV8_hZIkESOlHdCtN2NL_Q-kj90QuZsFS8dz_OmWyfyU6KBCoysM5BIvvZAQ9T7fenFbyz2ehJjljL-ZQFQjyF5r5kCiMGJK7j-WL5cufNOVFTapmVsWyxayfCV6Q0e70Ht8q78rI1VdeZsb-0DxLBhwhVQav6f5CY7Tu8VLcHJVNncYjvTZ9HgbRKzODddlY_6W7Pl6U1D_61Rp4T8wvef4DKm2nEea2qXV8gi14xBQ1yzKr1Dk1fTbFLjDT028fly2nLKBfsA1zGomVI5GLOF_1tbqzxL5JggnDWVkusEo5lgpZjBTaX2fPqAQWKaJBLTtKWK2CvliRw-vg3a-TLNbiteDYaKH1wdBaTrrijLme7P8UfMlr752woKKz9DktgduhvU7sPrdme9j3HHOuwoHrsFTmJRAI8W7byLx-XTPW6-a3VH_r2cvKuCMCvYOggbr6QVwxTscQBzZObET3Z_kiPgTOAx8D7Gm5PGh78riKMh5Buv-s5i6CP4xaMFSz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://decimal.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5306 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfF1f1O9oG4fB8aGO7fZ2pKxZ_r5ojI3gCgFwdDCmdFOB5nYz3CeDRWNo_WoLsQGXg1LyJGAVxOwojV8SgxdyOxTUphi7jSUUej7jOsRLH4FpvrhMk8UcIHqK3yfmyVZFHb0E9QQ&sai=AMfl-YSGrs0pSQHLkl1Hx8kH481sWstavVAwe_zl_v9v6ALkCutpah4jo2eH34R67rOkMmsJosljO53xJGX3&sig=Cg0ArKJSzOqeTWYqoyqKEAE&cid=CAASBORoQjw&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=388,881,1001,1001,1001&tos=388,493,120,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658409112689&rpt=312&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 13:11:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.decimal.info/	1970-01-20 22:11:21	Name: _ga_MLXDRZJV6J Value: GS1.1.1658409111.1.0.1658409111.0
.decimal.info/	1970-01-20 22:11:21	Name: _ga Value: GA1.2.567037669.1658409111
.decimal.info/	1970-01-20 04:41:35	Name: _gid Value: GA1.2.923714341.1658409111
.decimal.info/	1970-01-20 04:40:09	Name: _gat_gtag_UA_10151966_27 Value: 1
.decimal.info/	1970-01-20 14:01:45	Name: __gads Value: ID=74dbaf139e6b34d1-2275f43fd3cd0018:T=1658409106:RT=1658409106:S=ALNI_MaoRPhmsZ3V4SUIAS2cpKvwnjTZlQ
.doubleclick.net/	1970-01-20 14:01:45	Name: IDE Value: AHWqTUn7kQeisYIVnkNEtBmwx-eDPO_cTKlZjPGpBsNjc6qB48nsiwLHGSezJXmZaQs
.doubleclick.net/	1970-01-20 04:40:12	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
decimal.info
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.66
142.250.74.194
2001:4860:4802:34::36
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400e:80c::200a
65.9.44.112
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
162e0f9185b3265a33984bda212bddc95fd2b304ba3afcd9080397c72cb858a5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65
18d5eff0a8b3d63022a256dea5678a5d9ebb3e78371dbb0ea3ae3e008c778088
1a8bdd1d8cc2553f7fc5452ebf4039f23de9b1e49c0665304475d1fd5f45dca5
21bed7b52700d449f726b0895c2813585356acb65d2645cf6aabe9112bff7dfb
25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2f93d612ea32e1806e7e4d32bffe8ad85a43e7c11ab0b2ffce81602a5dc2ae9b
3367197a0d71dfb9b4fda39ec2983d3e86d6b6a76992cd1261d13e1bb849c1b6
393785445640b09a0ccb879c5c68904ccf4f331df44888be8d04d54fc6341add
3b4c3bb733a1446d7b1976dfa6c6602f3cb44eca38aa51fbb5af6d854e604513
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570d77dc4006151be42d5924c7afe3e11fd1ec65e5c8898852e6d342e3d3196a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
6188b164c8484e4b728a8736120fa497bb8e4b984f9f888ea743712a81c4a8e3
61c2f0a084d7a89440fe67abce0357ca0b087bb250f7c687960bc694fcefce62
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5d3deb9af3437b4591a0092ceb1bf6649c3cf664ba0a89fcb9f5e1141db542
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
922324068b3f56da26774156cf57ee10761ffa52f596f064d77b900af71ee892
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
a163b80061e9d2d04c92e16d194fcb8d79fd0f175738736b0aebcd98600d0175
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ad0efc678567591152521173d4eb92894874270809794b8e2f53abf1a40f2f6d
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc4cce7fd93e1d55ae275239f468f715df8eaf5497af937227430ea372fbe1c
ed1d38d66822f832b0bb6f7285c964d68ef3fef1ceede998d8773989bb647d27
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2857d3922d77d491fde84c7933efc53137663fc5e1ccf6bab3d8f1d94d8ecc1

decimal.info Open in urlscan Pro 65.9.44.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

80 %IPv6

12 Domains

16 Subdomains

16 IPs

3 Countries

746 kBTransfer

1966 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

decimal.info Open in urlscan Pro
65.9.44.112 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

80 %
IPv6

12
Domains

16
Subdomains

16
IPs

3
Countries

746 kB
Transfer

1966 kB
Size

7
Cookies

61 HTTP transactions
1 data transactions