adshort.live Open in urlscan Pro
172.67.151.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://adshort.co/RuaY
Effective URL:
https://adshort.live/RuaY
Submission: On October 02 via manual (October 2nd 2021, 4:09:20 pm UTC) from ES — Scanned from DE

Summary HTTP 145 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 26 domains to perform 145 HTTP transactions. The main IP is 172.67.151.51, located in United States and belongs to CLOUDFLARENET, US. The main domain is adshort.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 29th 2020. Valid for: a year.

This is the only time adshort.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	104.21.46.40 104.21.46.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	172.67.151.51 172.67.151.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.179.25 172.67.179.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
1	172.67.223.144 172.67.223.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.87.12 13.225.87.12	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
4	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
2	139.45.197.248 139.45.197.248	9002 (RETN-AS) (RETN-AS)
6	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
32	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
5	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	139.45.197.243 139.45.197.243	9002 (RETN-AS) (RETN-AS)
12	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	104.26.8.123 104.26.8.123	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
3 9	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
20	142.250.74.193 142.250.74.193	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
2	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
3	176.9.121.243 176.9.121.243	24940 (HETZNER-AS) (HETZNER-AS)
3	13.224.193.92 13.224.193.92	16509 (AMAZON-02) (AMAZON-02)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
145	33

3 104.21.46.40 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

adshort.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.adshort.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.151.51 (United States)

ASN13335 (CLOUDFLARENET, US)

adshort.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.179.25 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adshort.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.223.144 (United States)

ASN13335 (CLOUDFLARENET, US)

static.adshort.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-12.fra2.r.cloudfront.net

tags.orquideassp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.recaptcha.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.248 (United Kingdom)

ASN9002 (RETN-AS, GB)

zunsoach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

dozubatan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.243 (United Kingdom)

ASN9002 (RETN-AS, GB)

onmarshtompor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.8.123 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.228 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.9.121.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.121.9.176.clients.your-server.de

app.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-92.fra2.r.cloudfront.net

acdn.flickstree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	396 KB
22	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net	104 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	633 KB
12	google.com 3 redirects adservice.google.com www.google.com	37 KB
9	adshort.live adshort.live	93 KB
5	toglooman.com toglooman.com	127 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	311 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	googletagservices.com www.googletagservices.com	149 KB
4	recaptcha.net www.recaptcha.net	23 KB
4	adshort.co 1 redirects adshort.co static.adshort.co	32 KB
3	flickstree.com acdn.flickstree.com	386 KB
3	playstream.media app.playstream.media	2 KB
3	dozubatan.com dozubatan.com	30 KB
2	wowreality.info o.wowreality.info	399 B
2	2mdn.net s0.2mdn.net	54 KB
2	rtmark.net my.rtmark.net	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	zunsoach.com zunsoach.com	23 KB
2	orquideassp.com tags.orquideassp.com	2 KB
2	adshort.media ads.adshort.media	79 KB
1	lalaping.com static.lalaping.com	34 KB
1	googleadservices.com partner.googleadservices.com	660 B
1	onmarshtompor.com onmarshtompor.com	833 B
1	googletagmanager.com www.googletagmanager.com	39 KB
145	26

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
18	pagead2.googlesyndication.com	tags.orquideassp.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	www.gstatic.com	www.recaptcha.net www.gstatic.com googleads.g.doubleclick.net
9	www.google.com	3 redirects adshort.live tpc.googlesyndication.com
9	adshort.live	adshort.live
6	fonts.gstatic.com	fonts.googleapis.com www.recaptcha.net
5	toglooman.com	zunsoach.com toglooman.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	www.recaptcha.net	adshort.live www.gstatic.com www.recaptcha.net
3	acdn.flickstree.com	ads.adshort.media
3	app.playstream.media	ads.adshort.media imasdk.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
3	dozubatan.com	zunsoach.com dozubatan.com
3	static.adshort.co	adshort.live
3	fonts.googleapis.com	adshort.live googleads.g.doubleclick.net
2	o.wowreality.info	static.lalaping.com
2	imasdk.googleapis.com	ads.adshort.media imasdk.googleapis.com
2	s0.2mdn.net	googleads.g.doubleclick.net imasdk.googleapis.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	my.rtmark.net	onmarshtompor.com dozubatan.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	zunsoach.com	adshort.live
2	tags.orquideassp.com	adshort.live
2	ads.adshort.media	adshort.live ads.adshort.media
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.lalaping.com	toglooman.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	onmarshtompor.com	zunsoach.com
1	www.googletagmanager.com	adshort.live
1	adshort.co	1 redirects
145	35

This site contains links to these domains. Also see Links.

Domain
adshort.co
adshort.media

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-12-29` - `2021-12-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tags.orquideassp.com Amazon	`2021-06-29` - `2022-07-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
zunsoach.com R3	`2021-09-14` - `2021-12-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
dozubatan.com R3	`2021-08-10` - `2021-11-08`	3 months	crt.sh
toglooman.com R3	`2021-09-07` - `2021-12-06`	3 months	crt.sh
onmarshtompor.com R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.playstream.media AlphaSSL CA - SHA256 - G2	`2021-04-06` - `2022-05-08`	a year	crt.sh
acdn.flickstree.com Amazon	`2021-07-09` - `2022-08-07`	a year	crt.sh
wowreality.info R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://adshort.live/RuaY
Frame ID: C4BCB7336FFFAB00277AD9EEC6C3B90C
Requests: 59 HTTP requests in this frame

Frame: https://onmarshtompor.com/fac.php?OAID=7b2f07dcfe76463d8a349f0dba752a8d&oaidts=1633190954
Frame ID: 78292CA4D8CDBEC60456EBD2195A7885
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135
Frame ID: 5FC9E52ABF822661ABD11FE3188E649D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954285&bpp=3&bdt=271&idt=127&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=650&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGuJskwjQ3&p=https%3A//adshort.live&dtd=129
Frame ID: 8514999DAC065964887A338B0C549BE3
Requests: 15 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNob3J0LmxpdmU6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=3hbk3n4qbafb
Frame ID: 160555FDDCCF42D50FE9BD576EB06D69
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195
Frame ID: BD85CDD676D20DA786AC6B889B9A99AD
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206
Frame ID: F3E6F57C39666A66E9DFD7B9DBD17FBC
Requests: 9 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt
Frame ID: C6DBBEA96B126F149EF140BB98D367E3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-FFBDqij8YwKSStAEwAQ&v=APEucNVK_Zfq4aDlnYfru3ofX_L9bBBoEd48SsdQ8E7CPr1bXUsom3SY32t_zjk7cBy-my5FOndVLydXPLbn2KCCqdN6um98pQ
Frame ID: A130E6194448D257925EA5E13BFC4CDF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 67837A542A5523AC7F5815E1DFE23FA3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B90D6BDA33DD06FDB6C34606C749562B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9555E67F259CB7F607D79B751EB6DD2C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6C71F2106C30C6B607799DF0653CDE6C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 1F4E7A45F3A637DA4F814162679C457B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: AA8DF523DA42E4D499039A7B926D4D09
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: 4E8125F5D2BE04F48CA9F4982B1DE362
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1633190955&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fadshort.live%2FRuaY&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190955333&bpp=1&bdt=1319&idt=1&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b89da9025a53e0-2294751de3ca00bf%3AT%3D1633190954%3ART%3D1633190954%3AS%3DALNI_MZ7BX7tagHDkCCMEyMIHt-CQD18AA&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&nras=1&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&psts=AGkb-H_t9XHu7ZQtNzkkeDDLcpnEVMdinP5BlhbNVNxOqi9YRnrTLk8VRhy_5nY8fElDTWolFm0n3Jj3aPE%2CAGkb-H-YlU_lkZb3a4Ui5xUDVS23QKBqbVMYDOZI4kQRe55RqCjHpr9kJk1xUKusRUuK1xkQGul_CL9Q-1ffq-0%2CAGkb-H_ilfsQZ2onGHh8TJTqh2Wy2x-4KHyukRgyeCjZPZjZ4gcX2JD-7W6xiXSMzhZJ9GtbuX4Vf7NF6EA%2CAGkb-H9lCMib1rJiNS1lSnf52pe7FPMkj2Nib8_RqIkJpFJkUZvUrYpRVbeVboeK-P1Gx09EfIcFtHIXJ1M&pvsid=3317493134243206&pem=823&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=18
Frame ID: 191AA229BFC025612F395476F15539D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 91E6EEA216ECA1A5C0A55D9A7F590D49
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC8B88E5A5ED5EA2E72B74E99DE04B90
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Frame ID: 846B6ADBCC62E3916883918F70E65988
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://adshort.co/RuaY HTTP 301
https://adshort.live/RuaY Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

145
Requests

99 %
HTTPS

0 %
IPv6

26
Domains

35
Subdomains

33
IPs

5
Countries

2577 kB
Transfer

6091 kB
Size

29
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://adshort.co/
Title: Home

Search URL Search Domain Scan URL

URL: https://adshort.co/privacidad
Title: Privacidad

Search URL Search Domain Scan URL

URL: https://adshort.co/rates
Title: Payout Rates

Search URL Search Domain Scan URL

URL: https://adshort.co/auth/signup
Title: Join Us

Search URL Search Domain Scan URL

URL: https://adshort.media/
Title: AdShort Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://adshort.co/RuaY HTTP 301
https://adshort.live/RuaY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YViEKh6F0c.7h5nmhcg8ogAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1&google_hm=2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEtTfMS4iggkXdkHO1s7z4&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEtTfMS4iggkXdkHO1s7z4%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyNjM3MjE4MjE0NTM2NDA3Nw%3D%3D

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

145 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request RuaY Show response
adshort.live/
Redirect Chain

https://adshort.co/RuaY
https://adshort.live/RuaY

67 KB
22 KB

425ms
376ms

Document
text/html

172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c96949afbdf9cfc05685df82a5c6f729cd884de54cfe55f10e1d1b761cbafc0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: adshort.live
:scheme: https
:path: /RuaY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=0a986f426added815edf89e7e7ed42c3; path=/; HttpOnly csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LtJc%2BYeJoaqdxAmX8gHPeEvvyL92NjwRHGWbrpMhh2zUEVa7CQm1%2FRby7RgSrQb0clfT5da8DfKrX0kne0hIMI%2FBfHhrK9agqkVm%2B4IP9%2Fi2Q8wPrXFmdegLxm%2BfV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f31a44fa6f9ce-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 02 Oct 2021 16:09:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: AppSession=e91a536e11cd89edfbd93eb2b0bbd61d; path=/; HttpOnly csrfToken=6e7addfde84d6b9ea376b7621eecdfd280c1589c1764794219ec6dccbdd2fb72ebe85f570fc95d5df89e52b31bfec48dcc1630bf77f25cdbc0dd2c7281ef2f9e; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
location: https://adshort.live/RuaY
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oW7%2BvBXxe06t9eUVJANfO2KZSoi5dZ5Y5rtt1NtnhiyWrKMfnVsnB%2F%2BxLvNdNicR9CM%2B84%2BSwPYDsz5T0zIlKC%2FNojo86zuAA757EURaAuC5OKWtf0j20HI%2F01E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697f31a1997c411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 float_1001.js Show response
ads.adshort.media/video/ 554 B
1008 B 62ms
35ms Script
application/javascript 172.67.179.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adshort.media/video/float_1001.js

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.179.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16531e6baac0c4cccbf1c1fb4438526bcb69ece6c6d40d35d321c65ab817c22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2245243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Sep 2021 16:28:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUgWkUBn4lU83KLhk9oGlELjr%2FgRasx02KY0ICOFDZs7qkJq70d2c4yjduwbBloN15RT1D7FVPy1Q1sHWEmaALQ2pQzTCw8bd4ZSzRkJQvGr4saRmvMjLSrSupMCrrSkVmCY7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 697f31a6ee4e1756-FRA
expires: Wed, 06 Oct 2021 16:28:31 GMT

GET
H2 200 floatern.js Show response
ads.adshort.media/video/ 259 KB
79 KB 24ms
23ms Script
application/javascript 172.67.179.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adshort.media/video/floatern.js

Requested by

Host: ads.adshort.media
URL: https://ads.adshort.media/video/float_1001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.179.25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f560daca1101514999b3b7fd3c5f87507e52d301abd49925f0208e21a2e43964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1190648
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jan 2021 16:29:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8krVaaSIM55Y%2FVGXaKryLBlJ4HrRyqfv5Tg8YIttOUGWznM%2Fy0sJx%2BN7Iwmo%2FGDEQQSJDyQLLd83PtTsAUKxTNHbqAwRxrKsV5%2FkZmkn2N0mnq5dy%2B%2FEoU%2Bw5vEKbXhYMXbo4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 697f31a71e9c1756-FRA
expires: Mon, 18 Oct 2021 21:25:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 1020 B
1 KB 58ms
21ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Questrial

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 15:11:52 GMT
server: ESF
date: Sat, 02 Oct 2021 16:09:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 bootstrap.css
static.adshort.co/link/css/ 107 KB
19 KB 34ms
25ms Stylesheet
text/css 104.21.46.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adshort.co/link/css/bootstrap.css
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2020 16:45:13 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FjbyHUjtMJrweMLrCpSYtqcfHTz19hkTJUddwO426%2BNGEzM6fE%2BRCcc7oQbtpbeJEhFhr2ViwmtM18vr8eEsHF%2FLRQ1HQlKceGw4WB2a2BighT0lPH11ENGiJIZm8Wy4LMrcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a76c9d411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify

GET
H2 200 link.css
static.adshort.co/link/css/ 5 KB
2 KB 30ms
21ms Stylesheet
text/css 104.21.46.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adshort.co/link/css/link.css
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.46.40 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef2e6b76c28447ceba52be082a4e1bebe5e6866d91c8b6fd74fa2ad4b932d6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5809
cf-polished: status=cannot_optimize
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 24 Feb 2020 16:45:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH1rMiY2QxiR4X6gFzdlQoWXrAewL%2F%2F5UqruCA9Gjrk%2Bkq%2BE%2BOGsPgK%2Fw8hVtMCGAa3Q27cyOAiPr%2FvKbcQSf8rNLCzmekngSJ9mcJcPCtUiYk1SQxN9GD9vWz5ec2cpaIHadQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 697f31a76c9f411f-PRG
cf-bgj: minify

GET
H3 200 logo.png
static.adshort.co/ 10 KB
11 KB 42ms
21ms Image
image/png 172.67.223.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adshort.co/logo.png
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.223.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4edeb7cd021290261f7f7dc72cd26cd53ece78918bd11a23b4af3484f3a6abfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Feb 2020 16:53:20 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbWmx3MLdeyUTEAYWMTm4gtQGMYqAsmV0DyHuyMUTGdZU26lNhYSoWdL83xphxoXB0GX%2B%2BadarVcxq7jxLtR3vH0NS1kcttThQZTgguPdDbsDodTdpDJTqYdYY9m2h3e0F%2Fa0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 697f31a7a8b927b4-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10737

GET
H2 200 7583 Show response
tags.orquideassp.com/tag/ 338 B
840 B 47ms
8ms Script
text/javascript 13.225.87.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/7583

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-12.fra2.r.cloudfront.net

Software

nginx/1.16.1 /

Resource Hash

aa38ff0849c214cc33ad1ed8c5c61a9900290fdc9984e732966d07e4117c724e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3338
x-dns-prefetch-control: off
x-edge-origin-shield-skipped: 0
date: Sat, 02 Oct 2021 15:47:43 GMT
x-cache: Hit from cloudfront
content-length: 338
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"152-wqO6WylYGKT5rKRdKKrYBgW430Y"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: K00u6F6QAUGyEYmrAjzi-iAmFPYFwmPY8PyRtFCDcjLI_7qCz7_atg==

GET
H2 200 7582 Show response
tags.orquideassp.com/tag/ 339 B
844 B 47ms
8ms Script
text/javascript 13.225.87.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/7582

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-12.fra2.r.cloudfront.net

Software

nginx/1.16.1 /

Resource Hash

d308fb931a42c9f8f56e1bbb404c6dcd4b7a137aac13aa691303fa21d4f5318d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3664
x-dns-prefetch-control: off
x-edge-origin-shield-skipped: 0
date: Sat, 02 Oct 2021 15:47:43 GMT
x-cache: Hit from cloudfront
content-length: 339
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"153-2FvX+a+jDWMG1KK2BZZMJknCz44"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: FnV-pQuRxZRQXbqoB69ipTZwaRpQjMMu3bL1EIIGmIwyRGWKLQSGSQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 41ms
19ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-40605702-4

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d9accab68397ef9f88fe4f4dcffd4958ca64fcf8040593c18224bbdd500f66ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38974
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 ads.js Show response
adshort.live/js/ 191 B
705 B 36ms
18ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/js/ads.js
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca

Request headers

:path: /js/ads.js
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TShz3dW3MG9EHCr33KsGEgN%2BN%2FWw1MkLSyVX15nIE9QCUoDfbRTvPRXYM1m%2BrJfCxOajjgdL1J26qbqG8ayn%2FWf%2FmKjYczorwf%2FnJW%2BoGD0ErrhYQlDoLMUEOlBAFu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a883413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
adshort.live/vendor/ 84 KB
31 KB 51ms
33ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/vendor/jquery.min.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

Request headers

:path: /vendor/jquery.min.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXwcQOkcgWNJWqATAlKtzrKOkJG8WrhuRO0lpN%2FQkpaD3DfhTmxqc6TQbJlCgpDttFldDP6pLZ2HCstva25deX5%2FTLljc1Ya9RttCLi5CuVPVe%2F41JkSI%2FwTWX9CvGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a882413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
adshort.live/vendor/bootstrap/js/ 39 KB
12 KB 49ms
32ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

:path: /vendor/bootstrap/js/bootstrap.min.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yX9Xeh9weOGOsikX5HCpi%2BHtUlVwkQ9cKLynKOvBY%2FafMmoJZW6bju1GOUuVrB5S7wcED3Xhm1xmerU3w%2FnM7xOI8eACl2M%2B%2F0FuUNTS5mdu0VFpG%2Fblgux0ARldH08%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a881413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 owl.carousel.min.js Show response
adshort.live/vendor/owl/ 43 KB
12 KB 37ms
19ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/vendor/owl/owl.carousel.min.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

:path: /vendor/owl/owl.carousel.min.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8IYXv17SlLJlHlhID%2BY%2BnPzz%2FoDI7nKTwlrqpdoL%2FaMnaeXsfwwqa%2FFdAagS7HulDNzuZTIy6CdGv%2F1Wx7nhvXHcBNgYI7UE2epkcwEgYlXzQKlngZddFeMjwnKnUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a887413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 wow.min.js Show response
adshort.live/vendor/ 8 KB
3 KB 49ms
32ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/vendor/wow.min.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

:path: /vendor/wow.min.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FRx2bwTcOuF063rGZg%2BFn5apKCscAO%2BvqTyKtFmZEZk%2B55Fpwwoxnc5daIS8MA0vWp9w%2BRDmXcOn2%2B1aflOfUik8atuTETzq%2FassN2tHiuPLEbfN1%2FYrNJqNqmtTso%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a87f413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 clipboard.min.js Show response
adshort.live/vendor/ 11 KB
4 KB 36ms
19ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/vendor/clipboard.min.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4

Request headers

:path: /vendor/clipboard.min.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Sep 2019 23:24:50 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeltU9nnKjcnWr3wsfDnJQQYU2aYW3S7p7MIOMa8V7Nz63kUZpzS0bVhjmwc4YeT2t8CDm3eo%2Fv5hDLu7nvhSJI1%2FtHxqXtaK%2Bui2FMXDISa0TlcpIptF74jwcsW4%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a884413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 front.js Show response
adshort.live/costo_theme/js/ 4 KB
2 KB 62ms
45ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/costo_theme/js/front.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02527ae379ddcc3151dfdc7967b127675308ce92f5e1242db4d8bfaf8ec93297

Request headers

:path: /costo_theme/js/front.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Nov 2019 14:20:37 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tB4%2B%2F6M%2BRfKZu4owwFpbyYDRD1ioQrFQUl6lhYoKr%2FNk5RWmpYk8o8ZUQ1rkW%2BdWri60zwhsfCSW6CPdsJUiQZXHtAyBMQkJA6eX%2FJBomSMZf2bmEKve6lwMFObQ5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a888413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 21 Sep 2021 16:17:20 GMT

GET
H3 200 app.js Show response
adshort.live/js/ 29 KB
6 KB 61ms
44ms Script
application/javascript 172.67.151.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adshort.live/js/app.js?ver=6.4.0
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.151.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78

Request headers

:path: /js/app.js?ver=6.4.0
pragma: no-cache
cookie: AppSession=0a986f426added815edf89e7e7ed42c3; csrfToken=ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: adshort.live
referer: https://adshort.live/RuaY
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/RuaY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 18 Sep 2021 17:29:00 GMT
server: cloudflare
age: 5809
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YibybGNwA%2B9Xe%2BAnZre1TNK8ZQcUC%2FQkFtduW8PpioME1iawTHaVvQhxBAI3zupP%2FOJ1MReRcZNE52FqHEiVYZ%2BD0CDfQwMn1tOYHjT8Jm2yp1YIU1KJMt2fQGYz7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a7a885413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 api.js Show response
www.recaptcha.net/recaptcha/ 921 B
1016 B 40ms
16ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

GSE /

Resource Hash

4d044221b8b51e3b5a3d9f271009088047a4d2ae210863b54536b1992f269ad0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 / Show response
zunsoach.com/5/4063360/ 3 KB
2 KB 60ms
24ms XHR
application/json 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zunsoach.com/5/4063360/?oo=1
Requested by: Host: adshort.live
URL: https://adshort.live/RuaY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 08d97689169a2348acdc2de920bbaf8a8cba8ccdab8d965b80169d81e5a6cdb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: aa537b76de493636f2da64969f16e37f
pragma: no-cache, no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
server: nginx
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://lukomol.com>; rel="preconnect dns-prefetch"
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://adshort.live
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
zunsoach.com/ 62 KB
21 KB 57ms
23ms Script
text/javascript 139.45.197.248
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://zunsoach.com/tag.min.js

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.248 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
access-control-max-age: 86400
content-length: 20625
x-trace-id: 3412218f3428b07e1fb1a9179a77be2d
pragma: no-cache
last-modified: Sat, 02 Oct 2021 15:05:53 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 QdVUSTchPBm7nuUeVf70viFl.woff2
fonts.gstatic.com/s/questrial/v13/ 19 KB
19 KB 30ms
7ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/questrial/v13/QdVUSTchPBm7nuUeVf70viFl.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Questrial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://adshort.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:51:12 GMT
x-content-type-options: nosniff
age: 451082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19404
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:43:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 10:51:12 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 112 KB
40 KB 44ms
23ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/7583

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1db3f07e68acf7af3d77f524418fc27631f604f3d64db6d8e43cca81666883f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adshort.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40447
x-xss-protection: 0
server: cafe
etag: 18111021241897322189
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 4490549 Show response
dozubatan.com/400/ 84 KB
30 KB 61ms
27ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/400/4490549

Requested by

Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

54b830d5f49da73ef8c34100fa8c66d12f5470b7e30680ffbf90039d40b5d8cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-trace-id: 71e490e5ab1c04e2c4c4bd8b9e24fad0
pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 1 Show response
toglooman.com/ 7 KB
4 KB 45ms
12ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/1?z=4074563
Requested by: Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4c389210ba707c8d4d5289ad6cf1792031f6e984739e96ab87a03fbd5e2c4a37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-sc: PCy7CpzjOhS0ay-DYTmKjx1Ma3mrfSVpL_yVRV6DVi0PXNsYnU2Sj47aBmZzJdy1qGHT6LZE725HFHt-Ds0tXlwKdv0=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/javascript
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 fac.php Show response
onmarshtompor.com/ Frame 7829 203 B
833 B 43ms
15ms Document
text/html 139.45.197.243
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://onmarshtompor.com/fac.php?OAID=7b2f07dcfe76463d8a349f0dba752a8d&oaidts=1633190954

Requested by

Host: zunsoach.com
URL: https://zunsoach.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.243 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

0a926ca8dad38f118dd9a48888cf9d86bdeca576f3b106bc67650adb68fef68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: onmarshtompor.com
:scheme: https
:path: /fac.php?OAID=7b2f07dcfe76463d8a349f0dba752a8d&oaidts=1633190954
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

server: nginx
date: Sat, 02 Oct 2021 16:09:14 GMT
content-type: text/html; charset=utf8
content-length: 203
x-trace-id: 546e3b7ccc40bce5412560425d230e72
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: * *
set-cookie: OAID=7b2f07dcfe76463d8a349f0dba752a8d; expires=Sun, 02 Oct 2022 16:09:14 GMT; path=/; secure; SameSite=None oaidts=1633190954; expires=Sun, 02 Oct 2022 16:09:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 257 KB
95 KB 45ms
31ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97122
x-xss-protection: 0
server: cafe
etag: 2748859267989515757
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ 346 KB
136 KB 28ms
7ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adshort.live/
Origin: https://adshort.live
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 02 Oct 2022 14:23:30 GMT

GET
H2 200 043bb9c437268a22b344502b9f8a2877 Show response
toglooman.com/27/ 374 KB
123 KB 26ms
25ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/043bb9c437268a22b344502b9f8a2877

Requested by

Host: toglooman.com
URL: https://toglooman.com/1?z=4074563

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7af9cf2ae6c35abc3ff236e8013570de63759fad2037bda34078bc89587b7620

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 01 Oct 2021 12:55:03 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Fri, 31 Oct 2081 12:55:03 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
495 B 48ms
47ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=4074563
Requested by: Host: toglooman.com
URL: https://toglooman.com/1?z=4074563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 28ms
6ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-40605702-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4634
date: Sat, 02 Oct 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 02 Oct 2021 16:52:00 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 7829 43 B
491 B 37ms
11ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=7b2f07dcfe76463d8a349f0dba752a8d

Requested by

Host: onmarshtompor.com
URL: https://onmarshtompor.com/fac.php?OAID=7b2f07dcfe76463d8a349f0dba752a8d&oaidts=1633190954

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onmarshtompor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
660 B 65ms
24ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=adshort.live&callback=_gfp_s_&client=ca-pub-7913044002918072

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

f469927eca6346eff4143e3602d22d0fc890a0f7df41dcf6a30fbf1266a539a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 39ms
18ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adshort.live

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FC9 12 KB
7 KB 318ms
318ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

07af63aa581f9bb86b354f6bdcf06555f4af630d0d1816cd1391b604a8dd3f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 16:09:14 GMT
server: cafe
content-length: 7037
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 16:24:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:14 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8514 65 KB
17 KB 336ms
336ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954285&bpp=3&bdt=271&idt=127&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=650&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGuJskwjQ3&p=https%3A//adshort.live&dtd=129

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7ffacbf94722b4089663cab096b066074a696645a1af00256585b1ee596ce72c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954285&bpp=3&bdt=271&idt=127&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=650&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGuJskwjQ3&p=https%3A//adshort.live&dtd=129
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 16:09:14 GMT
server: cafe
content-length: 17305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 16:24:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:14 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=7557566&t=pageview&_s=1&dl=https%3A%2F%2Fadshort.live%2FRuaY&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1812851607&gjid=1721740721&cid=1746049382.1633190954&tid=UA-40605702-4&_gid=1489493993.1633190954&_r=1&gtm=2ou9r0&z=275242220

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://adshort.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://adshort.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
34 KB 60ms
20ms Script
application/javascript 104.26.8.123
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/043bb9c437268a22b344502b9f8a2877
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 4103
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k16VMxi39dboRz7x943Xn12pepGacB0bcuvBoTh%2F5uspTYTVKbX%2FdvB6WlZYucNow0lRvL9BYUxppV8T%2B8DpcN%2FgLYNtRG25vcgugnPeTJdLCI0Zwz37%2B51bSaU4lA9%2BY9Ol1Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 697f31a9b99c277c-PRG

POST
H2 200 9 Show response
toglooman.com/ 7 B
544 B 15ms
15ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=4074563&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fadshort.live%2FRuaY&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/043bb9c437268a22b344502b9f8a2877
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Referer: https://adshort.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: https://adshort.live
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 7
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 52ms
16ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=4074563&ng=1&ix=0&pt=0&np=0&gp=3&bp=4&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fadshort.live%2FRuaY&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=1&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://adshort.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 02 Oct 2021 16:09:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://adshort.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 anchor Show response
www.recaptcha.net/recaptcha/api2/ Frame 1605 40 KB
21 KB 42ms
28ms Document
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNob3J0LmxpdmU6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=3hbk3n4qbafb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

GSE /

Resource Hash

09bc7e9cd667d4f4e1abad830f7c0f64a06bf8fea9babbaac2f5c3eea50ad6f5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VBBWqEEOt8pCyEMfyDOCfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNob3J0LmxpdmU6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=3hbk3n4qbafb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Oct 2021 16:09:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-VBBWqEEOt8pCyEMfyDOCfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20977
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD85 81 KB
26 KB 424ms
424ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

52ecfd8b202a7fac4992df9c9d536849d591b2148185b0757656861fa3c0d1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 16:09:14 GMT
server: cafe
content-length: 26151
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 16:24:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:14 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F3E6 57 KB
21 KB 335ms
334ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

107479a9d8b2424bbb66627b9ea3dc50ad9703563474cb23dc21a04a68959918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 02 Oct 2021 16:09:14 GMT
server: cafe
content-length: 21588
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 16:24:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:14 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
458 B 62ms
20ms XHR
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-40605702-4&cid=1746049382.1633190954&jid=1812851607&gjid=1721740721&_gid=1489493993.1633190954&_u=YAhAAUAAAAAAAC~&z=1060771179

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://adshort.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 02 Oct 2021 16:09:14 GMT
content-type: text/plain
access-control-allow-origin: https://adshort.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 1605 52 KB
25 KB 40ms
16ms Stylesheet
text/css 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNob3J0LmxpdmU6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=3hbk3n4qbafb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 15:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 01 Oct 2022 15:26:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame 1605 346 KB
135 KB 39ms
16ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 02 Oct 2022 14:23:30 GMT

GET
H2 200 googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 41ms
16ms Image
image/png 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5087
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 41ms
17ms Image
image/png 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5969
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
13 KB 47ms
24ms Image
image/png 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 46ms
22ms Image
image/png 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 39ms
16ms Image
image/png 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: adshort.live
URL: https://adshort.live/RuaY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 12ms
12ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4490549

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e2d81bdbe9506200ecbbd46fc4609263f09d5bd50523173ee56134e9b3e4d1fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://adshort.live
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
DATA 200
OK truncated
/ Frame 1605 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1605 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1605 2 KB
2 KB 16ms
16ms Image
image/png 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:54:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 450909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 04 Oct 2021 10:54:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1605 15 KB
15 KB 40ms
16ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recaptcha.net/
Origin: https://www.recaptcha.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 418261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:58:13 GMT

GET
H2 204 4490549 Show response
dozubatan.com/500/ 0
442 B 26ms
26ms XHR
text/plain 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dozubatan.com/500/4490549?excludes=&oaid=7b2f07dcfe76463d8a349f0dba752a8d&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fadshort.live%2FRuaY&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: dozubatan.com
URL: https://dozubatan.com/400/4490549

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://adshort.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: ac69a2889377414d836beb4553e7a1f4
pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-allow-origin: https://adshort.live
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H2 200 4490549
dozubatan.com/500/ Frame 0
0 38ms
12ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://adshort.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 02 Oct 2021 16:09:14 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://adshort.live
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H3 200 webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 1605 102 B
134 B 16ms
15ms Other
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

GSE /

Resource Hash

28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt&co=aHR0cHM6Ly9hZHNob3J0LmxpdmU6NDQz&hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&size=normal&cb=3hbk3n4qbafb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 bframe Show response
www.recaptcha.net/recaptcha/api2/ Frame C6DB 7 KB
1 KB 16ms
16ms Document
text/html 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

GSE /

Resource Hash

d54345195357890c0cd7b934f18bd6912855348e142720014140d5e4c9c27439

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-/gNsSNczFcWC0/tcQ5f2ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.recaptcha.net
:scheme: https
:path: /recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 02 Oct 2021 16:09:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-/gNsSNczFcWC0/tcQ5f2ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1108
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FC9 42 B
63 B 15ms
15ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DFw9hxjEcWxTciWRY7EhS1UVncnCUXNCalKANCC3HqIgc6KwtEXy90irr_yENUWsK7xSpC54yk5Eo7rItNkJgcjaM82MGTGZAPSBy5U1nKTq1WnkM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 5FC9 3 KB
1 KB 29ms
8ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:06:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FC9 122 KB
37 KB 98ms
41ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
server: sffe
etag: "1633087504575570"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 5FC9 14 KB
7 KB 28ms
7ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A130 624 B
300 B 32ms
32ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-FFBDqij8YwKSStAEwAQ&v=APEucNVK_Zfq4aDlnYfru3ofX_L9bBBoEd48SsdQ8E7CPr1bXUsom3SY32t_zjk7cBy-my5FOndVLydXPLbn2KCCqdN6um98pQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CI-FFBDqij8YwKSStAEwAQ&v=APEucNVK_Zfq4aDlnYfru3ofX_L9bBBoEd48SsdQ8E7CPr1bXUsom3SY32t_zjk7cBy-my5FOndVLydXPLbn2KCCqdN6um98pQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 02 Oct 2021 16:09:14 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure IDE=AHWqTUkVHgIoCbrdSDY7x2sYpbSPk4dfYt2ul4T-qfUHkuBRwd14j7W-uJjQwFPE; expires=Mon, 02-Oct-2023 16:09:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5FC9 53 KB
25 KB 45ms
45ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8vCbeXY0j152k953f2Nno7EfRg-0RNw9cJd8Ofi4yb7-KM6HrKPYtXoM4kbJ-59Ce1bOHj1NiZbcT0F3zami06qA1mRj2LXH3toKiMy-2mxgPRLCYuQobckRa944WYQ2ZIxKbCGGF0XDCANO2EAzuvX9A3w&dbm_d=AKAmf-DFUpaMIXF14C-akZtY72QGNlSzGMqZRrxm6ZiTF610JsXKnUHC40b0H244d7eiC2F__Q0i6ujFHucsq4YYZ12Dr2tAtevU06W-5gdZOnqTVmP_vwt9ddTkJYRjr9eno5YZ0rfLJjWV8kZzvEW5PiH60fpnBhdDcWAikV5Y2kXpChV0W-bdQoaJUKIRay6LFqvdDXuHLRaWt72guMvDlwQ9ZC7zFSsT7wEubPVhfM1rNAC7ePkm4wTFUEsfoJDaXY-zzRItkFsacVUCGg0nstZPVUhy2zKuPVDrU-M8Y6co-3wJQVuXDyEl53eTZ2F7ns5gfQ6Z5oEpujeGQfqvYCsE5I2pbF4jApucAriagQmOQFmD3TdSUZxTZpEhVfjydx_lX9eOHcgsLHQeU0cxLnojZZnZIpz7QtS6_nx1e9Wywo_vMWIoyDQkbF3qnFTG26G1OyB2Wr_57k0qY1HvUtJmKWA4cD5FigSyhwFulcwrtLDVtvmg_vnT24MuX-HKUn-Yt6AKlYqjXFjwdveR3xHdaMr0KPIyE622nsbjjqVEH5X77PA4fTcqxvQOMtP78dP5RRm2i9Bg-KHGw5uGWibtx6KQ-50YrVneWLTMvGtxTxwhfuLZ9dS90XNtvbA9jEcWWHu5OXoNBmasdz_4fIqg-GkM2AHrTc_6BqkHqV-oe3EqxSSSKiVwBhEmHb2j9i3ZPMfMy4HM7uWj2qqQRgh2qnAd6Yo393VvEpEoAaIayudPAFZqQY_xoxkZcWgWa50G3wPOxNYiAQz7HLvH9Kd4MxKispEVdi7t-IKqnPEvF-yMw3XMsh69sVne64kR8hyzoF_mqwWpcgLRqkFwaXS6xDXbXyq-p1kODTkfwxfMjyhpnFn-MfG4Ws9QYkCv_P_YIE4npX1nOYe-m9_6_secHMjzsWAiNQV4_y1-og2CUmn8eTK4yI604LJnTh0M1DRK-O4Gm3sjSOpig_sNJOCktfC1XhkkY8rh69ZGb4wxA94jX_FtjzR8Jehi9LxhKy1-Y-RMK_pzs9GiQWd0uv4xkvY1f5qswGFdpt_PVht4i8IfIVJRKzvwT3sAZPZDX8CTTx7xY7keWvN2J9U0lbJurWUjLe-BM7GT9UIJO1O85qq0TH_hWApSgPxyWvfWF1WeT3zpihPjPE-91ScNcL4OurOCShROERlz2voDVlriyfHMPNZRrucPVJwMiMi6XUJCjQZFjjH0ddF8z44He98DconrF6RVALNhlH9Z3bW8ehR6LM5Gte1_5Ac7Zu7zUxsSEW-_s3L9i_WQFOgqTUjW-Hbz9tMq42a-XHxfNVx0pJV_AeT3aNZT7zsFqJT85XXaChd9jq_xk6cTydQaYohQPxulkKGKSPfs1ZSIwR_nlHd7afNnL2gvX2tdGwyIhD-shBKuAlNzM3MvsUYZHQEnv7Q5hr-DbbC6gPspjoq_S9sPCjTFi4TK8y1MkcxI6COrLQUYT2bgPq-syWWi3qocXn6qlWJB4wjgKKj83FKJHz6oP-pPOgPaEWXZOI4UyBPgT7saiEqVZASdClN4tnvh--Sx17CUJdiv4B44I_DIEgcq9OCQtyuKdbLdD29fmt8mWkTRIs90sP0jN0JMpf59ItfcHszUihxBcxS7OdT7Dk2bCk3QqC6M4qB0rw_2p61pqtf2o6SsPbtHG4u8Lx8JkBnpOvhUT1rx0IgLh1RqOYlgkNO5fx4Dzkr7l5ylbg4hpVK1xouVgARX2lO4Gg_kZhwkMneFSCr_lrlopRZDXF7-1reBVZ8cVhyqXEzbUhSbasXkzRfs1uSGNqDYp1wWchUThiu6zLHKy2ZGlZ1ahTd0C2VycfiC7NCW46ASIaQEefoMg9Gze94mQ7tWxV36XilOnn5Ry752H7boQV_6mMB2b-XGbNtfp05GFkJl54xHCsfxssnouokMwJGFGOu3OeOdaFQZE48E-Nd0aDxkFD35gMp0lGVHiqF0GmqTPpzqDlMSw2zu7yxzIdgfA9K2dHOP2R8DtyNOffyBI0bnDDE-sS39ooAU_0cgIVv7bpUJY2x37_bzPMbVoRTk-1-k4Vd_iCxp0rqV0dVjyB3XStDN-xG6RgYGCTKq5LKs64gX4BLYbECkhaoxKGT37ygRtKPUgKtI1YrIt0OVhMm17k5GxwaX9saPe2Si3t_mqki6ifp9xf2hOmCl5M9EMkNO9DXevznLMRT8rNatondnraV55W00i6SI3iwiMBBSKeM4utVCILd4z9VIiiY3UgrKyl-DNvLWEuXtQppV1avnNpt46hkTuiNduCbamE93RrmtuVda0aKavVbHV5hxjqHf-EbR6tH-nbaT7Lqv6k_tS7cGUD3XpBcbUX7gWew62HCLc6rYH4yO6NgEYMPqUTHvohTRqpagPwf7oNV2t9Z1uAY0K50g-qQH61E4_siCKl03zLsbsvjAAUL_qSbDrVGHmZqwI5JINNkmcaGxJv2Tq5ziM7u5W4UIGRF08EY9DyZjpwhoO3WWosRa6x0ylD88uUxEG29Fe9DZtOgD3gdkMCdOGMR3XQIkqo2ndJt6Q8qzuQujkKCj22WaZ2McznZffMY2vMMrmDk2pkvqRph2y4ys6XYmgkJ0ogJOCiafkNLuY-k9kypKnpKkxL7ghlOEKpzOSNvf6-E5SaPLpfc7EB1ApbzcDQA_qKSTMuEZDIMUx8mCAnc8Z_9-W1ouaBPpw7fa4kDZ5GopftxYih9ghMX7BKsjgp69KG-1IlN_xGZYAl22vhSoNrWDSU5zXQEdLvxDqpMPLCKV88orpzNErJ0qV0DWxYtBhYeZAQyPSePHepf03uIhdS3VaK3B-YO7rdSJ_AfVShYIKQmPsZkH315WNmS2HLAKMVoTEub_4pGatPKhvGAIzSz9B15bJ7-sW5G6f_zjkKjmMWJ1XJ_EtU0NPVplozmIp8JlIVboXnsSndVg&cid=CAASBORooFg&rfl=1%2Chttps%253A%252F%252Fadshort.live%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2cf8df575eefa92f9e167ced7f0827e40c1f794ff24b797c66f11a3099006a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=90&slotname=www.adshort.live&adk=1589949922&adf=2802373691&pi=t.ma~as.www.adshort.live&w=728&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954270&bpp=14&bdt=257&idt=121&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=4282504127767&frm=20&pv=2&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=xjoHtKKhbj&p=https%3A//adshort.live&dtd=135
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25424
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame C6DB 52 KB
25 KB 17ms
16ms Stylesheet
text/css 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/styles__ltr.css

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 15:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 01 Oct 2022 15:26:33 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ Frame C6DB 346 KB
135 KB 17ms
17ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=-TriQeni1Ls-Mdq_ssN2cUL5&k=6LdSZE0UAAAAAHSSWFpxbsKcnMF8aGCyGdtee6Zt

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.recaptcha.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6344
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sun, 02 Oct 2022 14:23:30 GMT

GET
H3 200 b349715971fc02f992e4cc58b88ce41f.js Show response
www.gstatic.com/mysidia/ Frame 8514 7 KB
3 KB 17ms
17ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954285&bpp=3&bdt=271&idt=127&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=650&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGuJskwjQ3&p=https%3A//adshort.live&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 31 Dec 2021 14:00:33 GMT

GET
H3 200 a1aae16d08f1cf4ca3f32f832dc900b8.js Show response
www.gstatic.com/mysidia/ Frame 8514 8 KB
3 KB 26ms
26ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1aae16d08f1cf4ca3f32f832dc900b8.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3426
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 29 Dec 2021 05:15:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8514 3 KB
580 B 31ms
16ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 14:12:22 GMT
server: ESF
date: Sat, 02 Oct 2021 16:09:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 8514 1 KB
879 B 11ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:06:24 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 8514 18 KB
8 KB 6ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 8514 3 KB
1 KB 10ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:06:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8514 122 KB
38 KB 51ms
23ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
server: sffe
etag: "1633087504575570"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 8514 14 KB
6 KB 24ms
8ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:24 GMT

GET
H3 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame 8514 27 KB
11 KB 19ms
16ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 29 Dec 2021 15:25:16 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A130
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1

43 B
1014 B

25ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-FFBDqij8YwKSStAEwAQ&v=APEucNVK_Zfq4aDlnYfru3ofX_L9bBBoEd48SsdQ8E7CPr1bXUsom3SY32t_zjk7cBy-my5FOndVLydXPLbn2KCCqdN6um98pQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 16:09:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 02 Oct 2021 16:09:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A130
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YViEKh6F0c.7h5nmhcg8ogAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1&google_hm=2

43 B
894 B

17ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-FFBDqij8YwKSStAEwAQ&v=APEucNVK_Zfq4aDlnYfru3ofX_L9bBBoEd48SsdQ8E7CPr1bXUsom3SY32t_zjk7cBy-my5FOndVLydXPLbn2KCCqdN6um98pQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 16:09:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 02 Oct 2021 16:09:14 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENtFh7oWxLbxGiwNnoPiZEk&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A130
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAEtTfMS4iggkXdkHO1s7z4&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEtTfMS4iggkXdkHO1s7z4%26google_cver%3D1

43 B
1 KB

127ms
127ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEtTfMS4iggkXdkHO1s7z4%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-FFBDqij8YwKSStAEwAQ&v=APEucNVK_Zfq4aDlnYfru3ofX_L9bBBoEd48SsdQ8E7CPr1bXUsom3SY32t_zjk7cBy-my5FOndVLydXPLbn2KCCqdN6um98pQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 16:09:15 GMT
X-Proxy-Origin: 216.131.114.216; 216.131.114.216; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5cb49c38-9fdd-4110-aad9-c9c7f241d19e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 16:09:14 GMT
X-Proxy-Origin: 216.131.114.216; 216.131.114.216; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7e9008c6-72c2-4758-8749-eac9c338f658
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAEtTfMS4iggkXdkHO1s7z4%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A130
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyNjM3MjE4MjE0NTM2NDA3Nw%3D%3D

170 B
188 B

21ms
17ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyNjM3MjE4MjE0NTM2NDA3Nw%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Oct 2021 16:09:14 GMT
X-Proxy-Origin: 216.131.114.216; 216.131.114.216; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1240db71-796b-4d4b-9c87-55a7b03b9e75
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTAyNjM3MjE4MjE0NTM2NDA3Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 5FC9 23 KB
9 KB 7ms
6ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8vCbeXY0j152k953f2Nno7EfRg-0RNw9cJd8Ofi4yb7-KM6HrKPYtXoM4kbJ-59Ce1bOHj1NiZbcT0F3zami06qA1mRj2LXH3toKiMy-2mxgPRLCYuQobckRa944WYQ2ZIxKbCGGF0XDCANO2EAzuvX9A3w&dbm_d=AKAmf-DFUpaMIXF14C-akZtY72QGNlSzGMqZRrxm6ZiTF610JsXKnUHC40b0H244d7eiC2F__Q0i6ujFHucsq4YYZ12Dr2tAtevU06W-5gdZOnqTVmP_vwt9ddTkJYRjr9eno5YZ0rfLJjWV8kZzvEW5PiH60fpnBhdDcWAikV5Y2kXpChV0W-bdQoaJUKIRay6LFqvdDXuHLRaWt72guMvDlwQ9ZC7zFSsT7wEubPVhfM1rNAC7ePkm4wTFUEsfoJDaXY-zzRItkFsacVUCGg0nstZPVUhy2zKuPVDrU-M8Y6co-3wJQVuXDyEl53eTZ2F7ns5gfQ6Z5oEpujeGQfqvYCsE5I2pbF4jApucAriagQmOQFmD3TdSUZxTZpEhVfjydx_lX9eOHcgsLHQeU0cxLnojZZnZIpz7QtS6_nx1e9Wywo_vMWIoyDQkbF3qnFTG26G1OyB2Wr_57k0qY1HvUtJmKWA4cD5FigSyhwFulcwrtLDVtvmg_vnT24MuX-HKUn-Yt6AKlYqjXFjwdveR3xHdaMr0KPIyE622nsbjjqVEH5X77PA4fTcqxvQOMtP78dP5RRm2i9Bg-KHGw5uGWibtx6KQ-50YrVneWLTMvGtxTxwhfuLZ9dS90XNtvbA9jEcWWHu5OXoNBmasdz_4fIqg-GkM2AHrTc_6BqkHqV-oe3EqxSSSKiVwBhEmHb2j9i3ZPMfMy4HM7uWj2qqQRgh2qnAd6Yo393VvEpEoAaIayudPAFZqQY_xoxkZcWgWa50G3wPOxNYiAQz7HLvH9Kd4MxKispEVdi7t-IKqnPEvF-yMw3XMsh69sVne64kR8hyzoF_mqwWpcgLRqkFwaXS6xDXbXyq-p1kODTkfwxfMjyhpnFn-MfG4Ws9QYkCv_P_YIE4npX1nOYe-m9_6_secHMjzsWAiNQV4_y1-og2CUmn8eTK4yI604LJnTh0M1DRK-O4Gm3sjSOpig_sNJOCktfC1XhkkY8rh69ZGb4wxA94jX_FtjzR8Jehi9LxhKy1-Y-RMK_pzs9GiQWd0uv4xkvY1f5qswGFdpt_PVht4i8IfIVJRKzvwT3sAZPZDX8CTTx7xY7keWvN2J9U0lbJurWUjLe-BM7GT9UIJO1O85qq0TH_hWApSgPxyWvfWF1WeT3zpihPjPE-91ScNcL4OurOCShROERlz2voDVlriyfHMPNZRrucPVJwMiMi6XUJCjQZFjjH0ddF8z44He98DconrF6RVALNhlH9Z3bW8ehR6LM5Gte1_5Ac7Zu7zUxsSEW-_s3L9i_WQFOgqTUjW-Hbz9tMq42a-XHxfNVx0pJV_AeT3aNZT7zsFqJT85XXaChd9jq_xk6cTydQaYohQPxulkKGKSPfs1ZSIwR_nlHd7afNnL2gvX2tdGwyIhD-shBKuAlNzM3MvsUYZHQEnv7Q5hr-DbbC6gPspjoq_S9sPCjTFi4TK8y1MkcxI6COrLQUYT2bgPq-syWWi3qocXn6qlWJB4wjgKKj83FKJHz6oP-pPOgPaEWXZOI4UyBPgT7saiEqVZASdClN4tnvh--Sx17CUJdiv4B44I_DIEgcq9OCQtyuKdbLdD29fmt8mWkTRIs90sP0jN0JMpf59ItfcHszUihxBcxS7OdT7Dk2bCk3QqC6M4qB0rw_2p61pqtf2o6SsPbtHG4u8Lx8JkBnpOvhUT1rx0IgLh1RqOYlgkNO5fx4Dzkr7l5ylbg4hpVK1xouVgARX2lO4Gg_kZhwkMneFSCr_lrlopRZDXF7-1reBVZ8cVhyqXEzbUhSbasXkzRfs1uSGNqDYp1wWchUThiu6zLHKy2ZGlZ1ahTd0C2VycfiC7NCW46ASIaQEefoMg9Gze94mQ7tWxV36XilOnn5Ry752H7boQV_6mMB2b-XGbNtfp05GFkJl54xHCsfxssnouokMwJGFGOu3OeOdaFQZE48E-Nd0aDxkFD35gMp0lGVHiqF0GmqTPpzqDlMSw2zu7yxzIdgfA9K2dHOP2R8DtyNOffyBI0bnDDE-sS39ooAU_0cgIVv7bpUJY2x37_bzPMbVoRTk-1-k4Vd_iCxp0rqV0dVjyB3XStDN-xG6RgYGCTKq5LKs64gX4BLYbECkhaoxKGT37ygRtKPUgKtI1YrIt0OVhMm17k5GxwaX9saPe2Si3t_mqki6ifp9xf2hOmCl5M9EMkNO9DXevznLMRT8rNatondnraV55W00i6SI3iwiMBBSKeM4utVCILd4z9VIiiY3UgrKyl-DNvLWEuXtQppV1avnNpt46hkTuiNduCbamE93RrmtuVda0aKavVbHV5hxjqHf-EbR6tH-nbaT7Lqv6k_tS7cGUD3XpBcbUX7gWew62HCLc6rYH4yO6NgEYMPqUTHvohTRqpagPwf7oNV2t9Z1uAY0K50g-qQH61E4_siCKl03zLsbsvjAAUL_qSbDrVGHmZqwI5JINNkmcaGxJv2Tq5ziM7u5W4UIGRF08EY9DyZjpwhoO3WWosRa6x0ylD88uUxEG29Fe9DZtOgD3gdkMCdOGMR3XQIkqo2ndJt6Q8qzuQujkKCj22WaZ2McznZffMY2vMMrmDk2pkvqRph2y4ys6XYmgkJ0ogJOCiafkNLuY-k9kypKnpKkxL7ghlOEKpzOSNvf6-E5SaPLpfc7EB1ApbzcDQA_qKSTMuEZDIMUx8mCAnc8Z_9-W1ouaBPpw7fa4kDZ5GopftxYih9ghMX7BKsjgp69KG-1IlN_xGZYAl22vhSoNrWDSU5zXQEdLvxDqpMPLCKV88orpzNErJ0qV0DWxYtBhYeZAQyPSePHepf03uIhdS3VaK3B-YO7rdSJ_AfVShYIKQmPsZkH315WNmS2HLAKMVoTEub_4pGatPKhvGAIzSz9B15bJ7-sW5G6f_zjkKjmMWJ1XJ_EtU0NPVplozmIp8JlIVboXnsSndVg&cid=CAASBORooFg&rfl=1%2Chttps%253A%252F%252Fadshort.live%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9205
x-xss-protection: 0
server: cafe
etag: 2170525750406684717
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:57 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/elements/html/ Frame 5FC9 8 KB
3 KB 7ms
6ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210928/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:01:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5FC9 0
394 B 92ms
89ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXVWxhONyP6olmWo3pEeJa3Zoys17glXlPbQr_k1io7WvSoUeY7axTRR9uBj_lB3RUeIxWUFSM20pXxYN68F-nNUfa8ajPIdV-gZR3ur4Njra31jdHnDAow6lhYyF-8lT0wOkhfGwJoXhD1l31yBtDam-vIKKuPrBF9nFRrFOeIMU5ncgMUMu2-2B20vJ62lDSorcMVsiFyeE6Qqz3JPItJD73wSthEJZLX7SyLWzU9GmNJUQbpNpnnC70G3saEdgMW0beYfYoNqz8aV3cIaM7Z5Hd7VLu0QUo7n1MbfFPXBF3Hw1K3tbCAxX4ON3W8IzxULmr3XF54RNON8M7gPFx49RcaLE8pIYYXMF8adk1xoy_hzQIiTX-7UuQcM_iIgbyk8sbGOPTmdVN3egyX00X-ykZJZwNn_0Ok66jJYkltecOiGf1Tp5tKSy1LSjGKU0BSIkN914fQ5uaKFVLnLs31oahsUyCKH-IEkIn0Uv4T9hqlJ-zxgT7M2wSQB35HRCP00Ynar2psJ_v4VvZuXfGuLFCs8X0SMsn3Ma2Cbjc3keYqbbRbOX3SVC6-0QXR98ZFrC_Iz4Jjq2KbtcRXP3wMAQjkqT6m4LMdOlGnQGKCA_6OkG9uNGZMnimzIv3G_2UCsEYCsBNnRh6JnVhaCcr9Gf2TzN-GgMDcfvzksKRc1JjiEaavqEa7wX-mpkoLWKenBXzjPhy-ijj6bLFU1LEG754rfIGdQ6Wcwo7NwlFpSkxTo0WBnw3EAISvcz7AHVtgf1xilbcmpncG3ZJOLePa9GhGHTx4oOt_-RKsIOmdZ0Fe11Fgbg_2xDkLnOEe44lEO7MueF39YVXjiQggJUG7j_OcUAHvgsp-uVy_L3UmGRpnNAcwnZuvz0Gqfo_Zxgjy7wFF6VxNPofktMFdNKlowGU7ZzWfeAGDp7p_bWbc8mNyBSaKap7MjexL6lO70ZnfkNjhHyDiqP0u8_ZibsoEHKzfTZUkhqJhX8wd8p1sEcQMTLusUNXWV6sAyGyxTVOHVUwySg9zGPlbbmK0nzbdHgP3ax6egnxXFCTspuyftwvWhrDUfqkBF-V4YgkWWcrvF-poLitql6fh3e44-cmK-QgKx4vASl5syLE9t1UEjhW5Lo7GHuWMINSG7hCWh2cxWDNdfa2UCu7yLjlOexgFgR9&sai=AMfl-YT-nnNII1cRvD6Oq_YCnzi9vLCIHWpyeOSr0U2PYtCd3AafXZ6ho4sxufcm4L3El9v7GoT0aWY__kZl8GlY5t_eKSEwQFh2QeK8nFQPyyKOZtKF-01OSZ_3HBHZb04EPdCX&sig=Cg0ArKJSzCAFoK9yGHEPEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210928.11424&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 02 Oct 2021 16:09:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FC9 41 KB
15 KB 8ms
7ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 12:36:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12766
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 02 Oct 2022 12:36:28 GMT

GET
H2 200 09102021-060408873-728x90-1.jpg
s0.2mdn.net/5472331/ Frame 5FC9 37 KB
37 KB 30ms
7ms Image
image/jpeg 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5472331/09102021-060408873-728x90-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

sffe /

Resource Hash

3a63695777c76d381099607ec61ed4864d54d933e46544ea9d6811689592b76f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 05:21:41 GMT
x-content-type-options: nosniff
age: 38853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37580
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 13:04:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Oct 2021 05:21:41 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5962255563661156191/ Frame 8514 3 KB
3 KB 7ms
7ms Image
image/png 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5962255563661156191/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

d375b958c605f2c7d6fdc81e3be171709da862eedcd0bb078336446a411e7a48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:50:31 GMT
x-content-type-options: nosniff
age: 418723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3046
x-xss-protection: 0
last-modified: Thu, 02 Jan 2020 19:24:59 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:50:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6783 143 B
163 B 8ms
7ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954285&bpp=3&bdt=271&idt=127&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=650&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGuJskwjQ3&p=https%3A//adshort.live&dtd=129
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954285&bpp=3&bdt=271&idt=127&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=650&ady=282&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=xGuJskwjQ3&p=https%3A//adshort.live&dtd=129

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 02 Oct 2021 16:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8514 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98d04826882d2d356a17f903105ae579a03eca1d749f9a741c5b29b0e344bb17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5FC9 0
60 B 50ms
49ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 16:09:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B90D 22 KB
8 KB 7ms
7ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Sat, 02 Oct 2021 12:36:28 GMT
expires: Sun, 02 Oct 2022 12:36:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 12766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8514 21 KB
21 KB 16ms
16ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:46:29 GMT
x-content-type-options: nosniff
age: 418965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:46:29 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 8514 21 KB
21 KB 19ms
19ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 19:16:07 GMT
x-content-type-options: nosniff
age: 334387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Sep 2022 19:16:07 GMT

GET
DATA 200
OK truncated
/ Frame 5FC9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea5278fc87200a0aa1ba27d9cfbeed6d2cab98f0d774690e73a1d469c562d9fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6633660166523901887
tpc.googlesyndication.com/simgad/ Frame F3E6 36 KB
36 KB 8ms
7ms Image
image/gif 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6633660166523901887

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

6a17e12d3482fc928606ee5ebd33ffa0b8f452bce2cda5f32593374ca3f6d02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:24:26 GMT
x-content-type-options: nosniff
age: 204288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36466
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 22:00:23 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Sep 2022 07:24:26 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame F3E6 18 KB
7 KB 7ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame F3E6 3 KB
1 KB 11ms
10ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3E6 122 KB
37 KB 38ms
25ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
server: sffe
etag: "1633087504575570"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame F3E6 14 KB
6 KB 6ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame F3E6 27 KB
11 KB 11ms
11ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 13:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 13:57:11 GMT

GET
H3 200 b349715971fc02f992e4cc58b88ce41f.js Show response
www.gstatic.com/mysidia/ Frame BD85 7 KB
3 KB 16ms
16ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 31 Dec 2021 14:00:33 GMT

GET
H3 200 a1aae16d08f1cf4ca3f32f832dc900b8.js Show response
www.gstatic.com/mysidia/ Frame BD85 8 KB
3 KB 17ms
16ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1aae16d08f1cf4ca3f32f832dc900b8.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:15:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3426
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 29 Dec 2021 05:15:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BD85 3 KB
554 B 17ms
16ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

6fc17625384e809c0779b2805fc2937ac53b2ddabf27b2db0ab5c980bb27227b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 14:16:05 GMT
server: ESF
date: Sat, 02 Oct 2021 16:09:14 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame BD85 1 KB
879 B 7ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:06:24 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame BD85 18 KB
7 KB 6ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:40 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame BD85 3 KB
1 KB 8ms
7ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:06:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD85 122 KB
37 KB 38ms
38ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
server: sffe
etag: "1633087504575570"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Sat, 02 Oct 2021 16:09:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame BD85 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:08:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Oct 2021 16:08:24 GMT

GET
H3 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame BD85 27 KB
11 KB 16ms
16ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 15:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 29 Dec 2021 15:25:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6783
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 02-Oct-2021 17:09:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:14 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9555 143 B
163 B 7ms
7ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 02 Oct 2021 16:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame B90D 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 02 Oct 2022 14:28:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C71 143 B
163 B 7ms
6ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 02 Oct 2021 16:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F3E6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c20449a1d19acdcb8110afe4c5f3b01068366dc57687d7af0fac2c939b95e68c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BD85 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c92ad61040b993485415670a60833337e9014503a1392bf13964b24e3b94fe13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9555
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 02-Oct-2021 17:09:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F4E 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954292&bpp=3&bdt=278&idt=202&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=927&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=9Wi6yRM9K2&p=https%3A//adshort.live&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 02 Oct 2022 14:28:14 GMT

GET
H3 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame BD85 29 KB
29 KB 17ms
17ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:52:04 GMT
x-content-type-options: nosniff
age: 418631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:52:04 GMT

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame BD85 33 KB
33 KB 19ms
19ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:24:37 GMT
x-content-type-options: nosniff
age: 247478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Sep 2022 19:24:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C71
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:15 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 02-Oct-2021 17:09:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:15 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 346 KB
119 KB 37ms
15ms Script
text/javascript 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

sffe /

Resource Hash

3a641f236a23c5a62a5bfe6a7dc8c739753e908df1e46349a826808466f68afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121639
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Sat, 02 Oct 2021 16:09:15 GMT

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame AA8D 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&h=250&slotname=www.adshort.live&adk=455789945&adf=2802373691&pi=t.ma~as.www.adshort.live&w=300&lmt=1633190954&url=https%3A%2F%2Fadshort.live%2FRuaY&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190954290&bpp=2&bdt=277&idt=192&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=www.adshort.live%2Cwww.adshort.live&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=596&ady=616&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&pvsid=3317493134243206&pem=823&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=r5r6UqFQ7D&p=https%3A//adshort.live&dtd=195

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 02 Oct 2022 14:28:14 GMT

GET
H2 200 urlChecker Show response
app.playstream.media/api/ 15 B
201 B 167ms
100ms Fetch
application/json 176.9.121.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/urlChecker?url=https://adshort.live/RuaY
Requested by: Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.121.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.121.9.176.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.22
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: br
server: nginx/1.17.10
x-powered-by: PHP/7.4.22
vary: Origin
content-type: application/json
access-control-allow-origin: https://adshort.live
cache-control: no-cache, private

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
50 KB 26ms
25ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

306a4bfd44a3d49f7bf124992a7fbcd053fe1670a812306c1812608f73c855b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50834
x-xss-protection: 0
server: cafe
etag: 10144551912283205218
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Oct 2021 16:09:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 37ms
23ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3ca08d77465d160d969bb691107a209e65aa7d8ec1132244668a75cd4cbd319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8506
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B90D 0
20 B 18ms
18ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmZISKoRYYdXvLZqz3gPdnKf4AQAAAAA4AeAEAg&bg=!ubqluv7NAAZE-GIIRPg7ACkAdvg8WrhB6ZuigfMFtp7MdmEMUe0oLztiaF2zWydz-HAxg8lHoXzu5wIAAADhUgAAABNoAQeZAsjqbbSdMvW9bwMiiv1D6qM0JCK9b040javm0SOOB8v6vw_v_U8IAvQkhYXc6OKjzfZ44cM3_f-_Jhgfgmipj4H5gGA-1a1wkEL9Q3urciDXKwMleOoSroxGNmTa9Cs3_LfWkrcuefqCC1emqqK_XN_naFA2PJGjoy3fxvCAm2zqMlwkCYHQVX5yf3NPMQPTV4lCazorP7QsqTnI4ZDpeSqrv5XJo34aGfptY13RgIYHqr9Gg_FPfJSX2rPS63HteH5-h8dkEe00Q38m6G6eJzRUVP08TarSUGLKwoXN-35CIZb2QuAGWjjZ6Zf5wz8ncxFudH9Gj8zYwXY_c_08wsBSqIFXEMiyQEklHDp9p-IqF5k9nD7aXVV-qqFkgc0JuKAghP0z-02r8XaEpxQ1YDnI7CoeZ4_ZfwuSfMRAnY2RLcETrdFfAG8Vzy-mc45JBBuiVG06YwWhqEqzmTjZ5K00H-THqdjGpQKj10HaIPirMkl701lJ2014qdWdSzMcMeLCqcMVbKN1GqmvUm0GJML1f7fHljUIdEledMS-vrAGhHuwfjQXnqkJpCU2HS_cH2-HS5SlFi1oKyg9wZxAuVJxzXgAAyjRNVaqYyxj8tSssfJXRToxv4pBokBmhJfFTtgSR-TX131GPNr3sMtCaSxJBfOZbf5TMdYm0C0MAOa6-9HNZAKED5TEBiEaPgIWv42jCsZLNtMaw4FP5HiGP-ATOZO4XC9pNogZ7kCa78wzLJntfCOkYrrcv3df1ekGjuRbN9-_7fncdKhmDh6mH33CKdMBtaeoYK_fsm2WQB6aFdN5W0EYDwdOwdpmHhL1vcMlbJAOXwzEuUoUlqRe1alXIgBaMdeD1u0MaQi0bbZzfXQ91_SKB55o-U6r-DTT5sbG48PHxXliZDQxodK2jS5IplMmxM-HMKXvSVvdPqqi7nOD5RKII6L5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 02 Oct 2021 16:09:15 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame 4E81 10 KB
5 KB 8ms
7ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210928/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 01 Oct 2021 23:27:01 GMT
expires: Fri, 15 Oct 2021 23:27:01 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 60134
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adshort.live

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 191A 0
19 B 29ms
29ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1633190955&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fadshort.live%2FRuaY&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190955333&bpp=1&bdt=1319&idt=1&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b89da9025a53e0-2294751de3ca00bf%3AT%3D1633190954%3ART%3D1633190954%3AS%3DALNI_MZ7BX7tagHDkCCMEyMIHt-CQD18AA&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&nras=1&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&psts=AGkb-H_t9XHu7ZQtNzkkeDDLcpnEVMdinP5BlhbNVNxOqi9YRnrTLk8VRhy_5nY8fElDTWolFm0n3Jj3aPE%2CAGkb-H-YlU_lkZb3a4Ui5xUDVS23QKBqbVMYDOZI4kQRe55RqCjHpr9kJk1xUKusRUuK1xkQGul_CL9Q-1ffq-0%2CAGkb-H_ilfsQZ2onGHh8TJTqh2Wy2x-4KHyukRgyeCjZPZjZ4gcX2JD-7W6xiXSMzhZJ9GtbuX4Vf7NF6EA%2CAGkb-H9lCMib1rJiNS1lSnf52pe7FPMkj2Nib8_RqIkJpFJkUZvUrYpRVbeVboeK-P1Gx09EfIcFtHIXJ1M&pvsid=3317493134243206&pem=823&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=18

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7913044002918072&output=html&adk=1812271804&adf=3025194257&lmt=1633190955&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fadshort.live%2FRuaY&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633190955333&bpp=1&bdt=1319&idt=1&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D18b89da9025a53e0-2294751de3ca00bf%3AT%3D1633190954%3ART%3D1633190954%3AS%3DALNI_MZ7BX7tagHDkCCMEyMIHt-CQD18AA&prev_slotnames=www.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live%2Cwww.adshort.live&nras=1&correlator=4282504127767&frm=20&pv=1&ga_vid=1746049382.1633190954&ga_sid=1633190954&ga_hid=7557566&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944&oid=2&psts=AGkb-H_t9XHu7ZQtNzkkeDDLcpnEVMdinP5BlhbNVNxOqi9YRnrTLk8VRhy_5nY8fElDTWolFm0n3Jj3aPE%2CAGkb-H-YlU_lkZb3a4Ui5xUDVS23QKBqbVMYDOZI4kQRe55RqCjHpr9kJk1xUKusRUuK1xkQGul_CL9Q-1ffq-0%2CAGkb-H_ilfsQZ2onGHh8TJTqh2Wy2x-4KHyukRgyeCjZPZjZ4gcX2JD-7W6xiXSMzhZJ9GtbuX4Vf7NF6EA%2CAGkb-H9lCMib1rJiNS1lSnf52pe7FPMkj2Nib8_RqIkJpFJkUZvUrYpRVbeVboeK-P1Gx09EfIcFtHIXJ1M&pvsid=3317493134243206&pem=823&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=18
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 02 Oct 2021 16:09:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: private

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 91E6 12 KB
5 KB 7ms
6ms Document
text/html 142.250.74.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 02 Oct 2021 15:20:56 GMT
expires: Sun, 02 Oct 2022 15:20:56 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC8B 783 B
536 B 16ms
16ms Document
text/html 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

e088b875661fa75a31c1fcc1b4b372dc0b2fdd5f52eac348f480c594074b6b18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l6j+62sK1EIdQO1+KQZxNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 02 Oct 2021 16:09:15 GMT
date: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-l6j+62sK1EIdQO1+KQZxNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC8B 0
0 31ms
31ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=3317493134243206&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js Show response
pagead2.googlesyndication.com/bg/ Frame 91E6 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 14:28:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13343
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 10:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sun, 02 Oct 2022 14:28:14 GMT

GET
H2 200 850e8d48-f3df-42d3-951d-201cbc68c416 Show response
app.playstream.media/api/getVideos/ 308 B
374 B 57ms
57ms Fetch
application/json 176.9.121.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/getVideos/850e8d48-f3df-42d3-951d-201cbc68c416
Requested by: Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.121.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.121.9.176.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.22
Resource Hash: 83340c88140898fb866005da0aaa1f62ab396caddd3e299098a62fcbddcb8352

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: no-cache, private
server: nginx/1.17.10
content-encoding: br
x-powered-by: PHP/7.4.22
content-type: application/json

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 270p.m3u8 Show response
acdn.flickstree.com/V3Xnghz8-Owdi-oONd-fOUW-CtAd392IY1iy/ 1 KB
2 KB 47ms
8ms XHR
application/octet-stream 13.224.193.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/V3Xnghz8-Owdi-oONd-fOUW-CtAd392IY1iy/270p.m3u8
Requested by: Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-92.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a50a351f2cf696c2836dd41cc9e05279255fbf05be0527be85ffddf97b5322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 06:00:35 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
vary: Origin
age: 36521
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 1103
last-modified: Thu, 06 Aug 2020 09:42:01 GMT
server: AmazonS3
etag: "0fd4d18dce13a4fcbcd62652c04e9a7d"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 9jHlJasfdkPqUI14lxPc9ZQm_jfNVPX-vqK_Revs7fFO_mnKUDCFgQ==

GET
H3 200 bridge3.482.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 846B 576 KB
189 KB 22ms
8ms Document
text/html 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

sffe /

Resource Hash

3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.482.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adshort.live/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 193423
date: Tue, 28 Sep 2021 07:35:12 GMT
expires: Wed, 28 Sep 2022 07:35:12 GMT
last-modified: Thu, 23 Sep 2021 13:33:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 28ms
14ms Script
text/javascript 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Oct 2021 16:09:15 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adshort.live

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Oct 2021 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 270p_000.ts Show response
acdn.flickstree.com/V3Xnghz8-Owdi-oONd-fOUW-CtAd392IY1iy/ 142 KB
143 KB 13ms
13ms XHR
application/octet-stream 13.224.193.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/V3Xnghz8-Owdi-oONd-fOUW-CtAd392IY1iy/270p_000.ts
Requested by: Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-92.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ac0280ba52f741e6765cff2745cdc20851301e9556d21b53109f7303d1357f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:15 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
vary: Origin
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 145888
last-modified: Thu, 06 Aug 2020 09:42:02 GMT
server: AmazonS3
etag: "403d8de6cacf7fccffe21883b5e2bd9d"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: rvlxujo0IR3mYOF0QOUhBGipgmAH2vHjmJwSDqZPJr_flZvfTvBo0g==

GET
BLOB 200
OK df7f1ace-d069-44c1-90d8-0b054f4d341b
https://adshort.live/ 61 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://adshort.live/df7f1ace-d069-44c1-90d8-0b054f4d341b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98397cb87b3c3358a579b4e61db88aa8817e44d7de204f3e8708d4040295a6ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 62383
Content-Type: text/javascript

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
48ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=3317493134243206&bg=!R0SlRADNAAZE-GIIRPg7ACkAdvg8Wok9Gu3C-tTvHP0qwZvyulfGbKPqdhV1ufVo5jwGLmW38sEcMAIAAACQUgAAABFoAQcKAIJ5k4relF5liu5fDxcn7lsd59OCYFJ9n1rg2XqkLaDtttLgCGmgpi8b0g7aRwrV6pZD-AmQXkWHQ-WNocx3SljfWwV4hUeW9_v5rMfMdoF-ZYkBXACCfI6z0KxNzRn09J4PiVB1fTf7xExreNapa9s5J3mRGCSR20Hefj16Zvx-cU9QmQKdl2DbBuMaVpfLQvTSQov4TjxFZaphsBvwh5mxUuk9UMDpHeHME-JCZRAeQCXRVPdTtzGc9sciO3l5BLSHt1G1FEs67C4Okzy_tc6YhN_R6YGfLIuK3TcO1DOx4nikkzirA1vUJE0LwTLqX82neZCXp8Kjvd9lQ-Z-hBxgYVyTYZzfCcsqDiP5CuZCClC1mxK_kEQ2EZW-2aVU6P7A3qAeJn4qv7Yb5PfG96RlHFtWIDLxGDuNECoMy1mDXyPsPPbXvrlJq9koV8ZTBIUO7Ym7oQTxiE4R41l14ZyGMD5PQaKpBtxHmZaSeb1bYhstxY9ArPSxsqREcE_a0-VYb3OU5uE9yrdBHNEmpyZceKj1if37b5JMlJ1Gahr5s1noTHeamNj5ywxviYJOD586YbPNLLvpkpLUwzUqxmCC1NCwOPrNca17JeIva6pQtW0F3oO7wCdj5I6XB4qDwqIFkswRYcg4H_yDRrKQXBJE5ERZqPVHk2sqNvHKfNb0Fxqms8EKL7HgocBKhSuVffn4B-OyMX87YOzmDNzq8LXiDhBl0uJ885sWvTg_xwq3gz7CzIuQffWfLQsCz-WhscqoiRM2qlrv4XVSFr4DIJ-ys_FdQcRaTHrJoklX5nNwibh_LVP9fQGzgcd1RH4ovi3NERa2zXPRNg3nMs6NpqBoOHMUNPyM5R_uoTwtvWdrwJPTiawtIFEBXzIBF2DIm31qiXg7rt7NxXdI6r75jgetJew6LtOovH1l6Pe9-gvnqkZN255Njh_OGYBeDeLcBuNMd_uxU3jPyFvhSlOYfo6ZR9oRxRJk91ITJzDnIumPLWEGO9fse-5zA0nFq6_ZctOattiHKZAgUyhYaZtZLc7mrjfegQfKebNXn4S9qa8UZpHm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 850e8d48-f3df-42d3-951d-201cbc68c416 Show response
app.playstream.media/api/vmap/ Frame 846B 1 KB
1 KB 71ms
48ms XHR
text/xml 176.9.121.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playstream.media/api/vmap/850e8d48-f3df-42d3-951d-201cbc68c416?height=256&width=455&url=https%3A%2F%2Fadshort.live%2FRuaY
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.121.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.121.9.176.clients.your-server.de
Software: nginx/1.17.10 / PHP/7.4.22
Resource Hash: d273cffef3df03c555220e81810a3cb2b7933adbcce14c747deb401b5152ad4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Sat, 02 Oct 2021 16:09:15 GMT
cache-control: no-cache, private
access-control-allow-credentials: true
server: nginx/1.17.10
x-powered-by: PHP/7.4.22
content-type: text/xml; charset=UTF-8

GET
H2 200 270p_001.ts Show response
acdn.flickstree.com/V3Xnghz8-Owdi-oONd-fOUW-CtAd392IY1iy/ 240 KB
241 KB 9ms
9ms XHR
application/octet-stream 13.224.193.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.flickstree.com/V3Xnghz8-Owdi-oONd-fOUW-CtAd392IY1iy/270p_001.ts
Requested by: Host: ads.adshort.media
URL: https://ads.adshort.media/video/floatern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-92.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ec7b83b604dc18920b6905de072ee4b99c21cb1930b7f8a706d08d5923adde0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://adshort.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 10:25:51 GMT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
vary: Origin
age: 20605
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 245904
last-modified: Thu, 06 Aug 2020 09:42:02 GMT
server: AmazonS3
etag: "3cb2fe08bdf1919a7bced93edc816d97"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: _9mzvUX6rWuTv0UKgCwj6kaVt8D4TlFs4KXdEn60-dUooIIZ-PQSvw==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 846B 156 B
769 B 311ms
289ms XHR
text/xml 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2FSPM_Adsolut_Techgeek%2FSPM_Adsolut_Techgeek_Floater_PreRoll&description_url=http%3A%2F%2Ftechgeek.digital%2F&tfcd=0&npa=0&sz=400x300%7C640x360%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3511471484348559&sdkv=h.3.482.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=2600177414&sdk_apis=2%2C8&media_url=blob%3Ahttps%253a%2F%2Fadshort.live%2F9fcd1271-bcac-4102-b313-0359514f3933&sid=1E1EB423-DBCE-4ACE-B9EB-4E31F539E8AF&eid=44712633%2C44746832%2C44750030&url=https%3A%2F%2Fadshort.live%2FRuaY&dt=1633190955737&cookie=ID%3D18b89da9025a53e0-2294751de3ca00bf%3AT%3D1633190954%3ART%3D1633190954%3AS%3DALNI_MZ7BX7tagHDkCCMEyMIHt-CQD18AA&scor=2250536137479410&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 16:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 75ms
31ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://adshort.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 02 Oct 2021 16:09:15 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://adshort.live

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
399 B 54ms
28ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://adshort.live/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/json

Response headers

Date: Sat, 02 Oct 2021 16:09:15 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: https://adshort.live
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8514 42 B
64 B 18ms
17ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYVAJCjrS6_zvsgQAnFI9Vp2OJgb3dR9pMp47BI9Bgpm3sB9EmJ8ZlEzJhDPu28EnOdpsyCfwZDfa1ONvYIl_3XdkZ-Cxs05fT0E6xhEWpZNV5XD4&sai=AMfl-YRaA5BwAe2II1tlImbwZMy2uGLiv86yyJCKLQq5Esfejdbb0K5OLpKdnLF6TDW8W98c-yF5Bd52zoAb&sig=Cg0ArKJSzLPA22feJinAEAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=455789945&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633190954414&rpt=538

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F3E6 42 B
64 B 17ms
16ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCWa_QbtqAlUNbZT1gDGGVVrITEwTWVSbLjjFaNHyKnN19e1dnd6BfmiO3eTTK2ScPfghemmfKUgOiY2pLQDWSXhhAIeNA-3yBVnGTrV_QEfekl_M&sai=AMfl-YTeWyg2HwocDEJn3Pr5S8DjlIGQ7P8xs4Subm57omXU5X5Saq1g5rt7rmW8DrGJT3AVN51HImjfO5IM&sig=Cg0ArKJSzP-1PxCoxTtIEAE&id=lidar2&mcvt=1001&p=0,0,50,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=455789945&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633190954504&rpt=515

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FC9 42 B
64 B 20ms
19ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv434l_ilHoOb96LiMKzq3WB_5zCddJFLOJo3N0XtX8tpiFfcGd6BvaDmkzLrFUi8NQ_7g5EaO8_7CT5EVvaFuS7gLbEgQS1fxe2mExKR8FORqabQ8&sai=AMfl-YQWTBTNM3dDuPSgqbbe8jL7HW0O7apIreZdi8UDgLjJc5V842NlewEbX2hpecEG1v94xB9KJYal6t0v&sig=Cg0ArKJSzLAtbpwBgklpEAE&cid=CAASBORooFg&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1589949922&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633190954406&rpt=670

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD85 42 B
64 B 18ms
18ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoqA1oflP62whsBZMwPutqNyGDlPCnqQPUPk78McYb9EgaPd6-GEe5R12j9a3PpAw6-MUSzbWiNm71_lS98-9Rf7CqELjh-je6jOgpZW4jUAokN4c&sai=AMfl-YRwGObVtFaU2VwFV6dwCUeF5NYC26f3SulJuNRTQTz1mWcPFEIFg0J4lUjRcSy_2Dk-3DJilhoDEb-C&sig=Cg0ArKJSzMAlj56Pun6hEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=455789945&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633190954485&rpt=754

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Oct 2021 16:09:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

259 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
toglooman.com/42	1970-01-20 06:25:26	Name: OAID Value: 79613501d86f480f9f2c4d2e7ae7fcbc
toglooman.com/42	1970-01-20 06:25:26	Name: oaidts Value: 1633190954
adshort.co/	1969-12-31 23:59:59	Name: AppSession Value: e91a536e11cd89edfbd93eb2b0bbd61d
adshort.co/	1969-12-31 23:59:59	Name: csrfToken Value: 6e7addfde84d6b9ea376b7621eecdfd280c1589c1764794219ec6dccbdd2fb72ebe85f570fc95d5df89e52b31bfec48dcc1630bf77f25cdbc0dd2c7281ef2f9e
adshort.live/	1969-12-31 23:59:59	Name: AppSession Value: 0a986f426added815edf89e7e7ed42c3
adshort.live/	1969-12-31 23:59:59	Name: csrfToken Value: ee2e79e40cc42a9775eca44074dc02827e3e5ec678f1b824b8eb4e2a8c721b16a6558213681b01419e2f425b9c9c436f62eff2f747c48fce264f8979b6c4c4d4
zunsoach.com/	1970-01-20 06:25:26	Name: OAID Value: 7b2f07dcfe76463d8a349f0dba752a8d
zunsoach.com/	1970-01-20 06:25:26	Name: oaidts Value: 1633190954
toglooman.com/	1970-01-20 06:25:26	Name: scm Value: 1
toglooman.com/	1970-01-20 06:25:26	Name: OAID Value: 79613501d86f480f9f2c4d2e7ae7fcbc
toglooman.com/	1970-01-20 06:25:26	Name: oaidts Value: 1633190954
onmarshtompor.com/	1970-01-20 06:25:26	Name: OAID Value: 7b2f07dcfe76463d8a349f0dba752a8d
onmarshtompor.com/	1970-01-20 06:25:26	Name: oaidts Value: 1633190954
adshort.live/	1969-12-31 23:59:59	Name: ab Value: 2
my.rtmark.net/	1970-01-20 06:25:26	Name: ID Value: 7b2f07dcfe76463d8a349f0dba752a8d
.adshort.live/	1970-01-20 15:11:02	Name: _ga Value: GA1.2.1746049382.1633190954
.adshort.live/	1970-01-19 21:41:17	Name: _gid Value: GA1.2.1489493993.1633190954
.adshort.live/	1970-01-19 21:39:51	Name: _gat_gtag_UA_40605702_4 Value: 1
.adshort.live/	1970-01-20 07:01:26	Name: __gads Value: ID=18b89da9025a53e0-2294751de3ca00bf:T=1633190954:RT=1633190954:S=ALNI_MZ7BX7tagHDkCCMEyMIHt-CQD18AA
dozubatan.com/	1970-01-20 06:25:26	Name: OAID Value: 7b2f07dcfe76463d8a349f0dba752a8d
.doubleclick.net/	1970-01-20 15:11:02	Name: IDE Value: AHWqTUlNg4KUeCldeZIg3xxxEHG598T5DzhwgsjqchPWiiXU3IIlR7NvdgbqZzj544Y
.casalemedia.com/	1970-01-20 06:25:26	Name: CMID Value: YViEKh6F0c.7h5nmhcg8ogAA
.casalemedia.com/	1970-01-19 23:49:26	Name: CMPS Value: 3192
.casalemedia.com/	1970-01-19 23:49:26	Name: CMPRO Value: 1204
.casalemedia.com/	1970-01-19 21:41:17	Name: CMST Value: YViEKmFYhCoA
.adnxs.com/	1970-01-19 23:49:26	Name: uuid2 Value: 5026372182145364077
.casalemedia.com/	1970-01-20 06:25:26	Name: CMRUM3 Value: 2d6158842a2760CAESENtFh7oWxLbxGiwNnoPiZEk
.adnxs.com/	1970-01-19 23:49:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>>dRGk`!]tbPl1M>e)ZlrFUfJ+tGXxp:GMv)hHr5kJLCxf(=#)QnDFp-GQ<<H>:uXuH%nugO%v4VB%nm`2)x'F<
.doubleclick.net/	1970-01-19 21:39:54	Name: DSID Value: NO_DATA

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.orquideassp.com/tag/7583 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7583 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7582 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7582 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7582 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7582 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7582 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/7582 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
deprecation	warning	URL: https://static.lalaping.com/online.js?ver=2.0.0 Message: RTP data channels are no longer supported. The "RtpDataChannels" constraint is currently ignored, and may cause an error at a later date.
deprecation	warning	URL: https://static.lalaping.com/online.js?ver=2.0.0 Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.flickstree.com
ads.adshort.media
adservice.google.com
adshort.co
adshort.live
app.playstream.media
cm.g.doubleclick.net
dozubatan.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
my.rtmark.net
o.wowreality.info
onmarshtompor.com
pagead2.googlesyndication.com
partner.googleadservices.com
pubads.g.doubleclick.net
s0.2mdn.net
static.adshort.co
static.lalaping.com
stats.g.doubleclick.net
tags.orquideassp.com
toglooman.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.recaptcha.net
zunsoach.com
104.21.46.40
104.26.8.123
13.224.193.92
13.225.87.12
139.45.195.254
139.45.195.8
139.45.197.237
139.45.197.239
139.45.197.243
139.45.197.248
142.250.184.226
142.250.185.102
142.250.185.138
142.250.185.194
142.250.185.228
142.250.185.67
142.250.186.130
142.250.186.163
142.250.186.40
142.250.186.66
142.250.186.67
142.250.186.74
142.250.186.78
142.250.74.193
172.67.151.51
172.67.179.25
172.67.223.144
173.194.76.157
176.9.121.243
185.33.221.90
2.18.234.21
216.58.212.130
02527ae379ddcc3151dfdc7967b127675308ce92f5e1242db4d8bfaf8ec93297
0491492f45a37ae8dd753622b824da1849ced9dd28f2043557c8d6dc84ff689e
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
07af63aa581f9bb86b354f6bdcf06555f4af630d0d1816cd1391b604a8dd3f75
08d97689169a2348acdc2de920bbaf8a8cba8ccdab8d965b80169d81e5a6cdb8
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09bc7e9cd667d4f4e1abad830f7c0f64a06bf8fea9babbaac2f5c3eea50ad6f5
0a926ca8dad38f118dd9a48888cf9d86bdeca576f3b106bc67650adb68fef68c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfa9b1629f8060bbddfae32fbd6dfd8b9b18c0d39ef5041b4ea12469712fff8
107479a9d8b2424bbb66627b9ea3dc50ad9703563474cb23dc21a04a68959918
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16531e6baac0c4cccbf1c1fb4438526bcb69ece6c6d40d35d321c65ab817c22e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1db3f07e68acf7af3d77f524418fc27631f604f3d64db6d8e43cca81666883f9
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
28cef70df91237002571f751148d45bb126a81b241be56d9f304f7d8706be505
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2cf8df575eefa92f9e167ced7f0827e40c1f794ff24b797c66f11a3099006a7a
306a4bfd44a3d49f7bf124992a7fbcd053fe1670a812306c1812608f73c855b0
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca
3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092
3a63695777c76d381099607ec61ed4864d54d933e46544ea9d6811689592b76f
3a641f236a23c5a62a5bfe6a7dc8c739753e908df1e46349a826808466f68afb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c389210ba707c8d4d5289ad6cf1792031f6e984739e96ab87a03fbd5e2c4a37
4d044221b8b51e3b5a3d9f271009088047a4d2ae210863b54536b1992f269ad0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edeb7cd021290261f7f7dc72cd26cd53ece78918bd11a23b4af3484f3a6abfa
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52ecfd8b202a7fac4992df9c9d536849d591b2148185b0757656861fa3c0d1db
54b830d5f49da73ef8c34100fa8c66d12f5470b7e30680ffbf90039d40b5d8cc
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
62a17bc7232cf7af5c41ff98ec5a59d300d586773b5850e460aea5387f60c8b2
6a17e12d3482fc928606ee5ebd33ffa0b8f452bce2cda5f32593374ca3f6d02f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
6ec7b83b604dc18920b6905de072ee4b99c21cb1930b7f8a706d08d5923adde0
6fc17625384e809c0779b2805fc2937ac53b2ddabf27b2db0ab5c980bb27227b
7ac0280ba52f741e6765cff2745cdc20851301e9556d21b53109f7303d1357f8
7af9cf2ae6c35abc3ff236e8013570de63759fad2037bda34078bc89587b7620
7cc64ec2f55ae9d24be2ca2bd4f933dcf99c9be0ae35871489cf235d5cee6af0
7ffacbf94722b4089663cab096b066074a696645a1af00256585b1ee596ce72c
83340c88140898fb866005da0aaa1f62ab396caddd3e299098a62fcbddcb8352
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
8c96949afbdf9cfc05685df82a5c6f729cd884de54cfe55f10e1d1b761cbafc0
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
92bee51ee5dbafaff82c524f7629314d069107bc30913a93b181e4c631a58a0f
94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
98397cb87b3c3358a579b4e61db88aa8817e44d7de204f3e8708d4040295a6ac
98d04826882d2d356a17f903105ae579a03eca1d749f9a741c5b29b0e344bb17
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9ef2e6b76c28447ceba52be082a4e1bebe5e6866d91c8b6fd74fa2ad4b932d6f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a1a50a351f2cf696c2836dd41cc9e05279255fbf05be0527be85ffddf97b5322
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
a966b18ec6e3b2e6676df4cd8e274cfba051df4bc26ae0d783a978f5533d2bb4
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
aa38ff0849c214cc33ad1ed8c5c61a9900290fdc9984e732966d07e4117c724e
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c20449a1d19acdcb8110afe4c5f3b01068366dc57687d7af0fac2c939b95e68c
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c92ad61040b993485415670a60833337e9014503a1392bf13964b24e3b94fe13
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d273cffef3df03c555220e81810a3cb2b7933adbcce14c747deb401b5152ad4d
d308fb931a42c9f8f56e1bbb404c6dcd4b7a137aac13aa691303fa21d4f5318d
d375b958c605f2c7d6fdc81e3be171709da862eedcd0bb078336446a411e7a48
d54345195357890c0cd7b934f18bd6912855348e142720014140d5e4c9c27439
d9accab68397ef9f88fe4f4dcffd4958ca64fcf8040593c18224bbdd500f66ea
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e088b875661fa75a31c1fcc1b4b372dc0b2fdd5f52eac348f480c594074b6b18
e2d81bdbe9506200ecbbd46fc4609263f09d5bd50523173ee56134e9b3e4d1fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca08d77465d160d969bb691107a209e65aa7d8ec1132244668a75cd4cbd319
ea5278fc87200a0aa1ba27d9cfbeed6d2cab98f0d774690e73a1d469c562d9fb
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f469927eca6346eff4143e3602d22d0fc890a0f7df41dcf6a30fbf1266a539a7
f560daca1101514999b3b7fd3c5f87507e52d301abd49925f0208e21a2e43964
f8f7883a3de9397521d2e218ee6ceb6b48ab58a17bb90f10171c75d5e92b5b78
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46

adshort.live Open in urlscan Pro 172.67.151.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

99 %HTTPS

0 %IPv6

26 Domains

35 Subdomains

33 IPs

5 Countries

2577 kBTransfer

6091 kBSize

29 Cookies

5 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

adshort.live Open in urlscan Pro
172.67.151.51 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

99 %
HTTPS

0 %
IPv6

26
Domains

35
Subdomains

33
IPs

5
Countries

2577 kB
Transfer

6091 kB
Size

29
Cookies

145 HTTP transactions
7 data transactions