tistar.e13.dancis.info Open in urlscan Pro
5.252.164.94 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tistar.e13.dancis.info/
Submission Tags: fd s2 d7 fd40065 few_content Search All
Submission: On February 08 via api (February 8th 2022, 11:12:16 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 24 HTTP transactions. The main IP is 5.252.164.94, located in Los Angeles, United States and belongs to CNSERVERS, US. The main domain is tistar.e13.dancis.info.
TLS certificate: Issued by R3 on February 8th 2022. Valid for: 3 months.

This is the only time tistar.e13.dancis.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	5.252.164.94 5.252.164.94	40065 (CNSERVERS) (CNSERVERS)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.129.84 104.18.129.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:1b9::3114	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2603:400a:fff... 2603:400a:ffff:804:801e:34:0:15	3 (MIT-GATEWAYS) (MIT-GATEWAYS)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
24	11

3 5.252.164.94 (Los Angeles, United States)

ASN40065 (CNSERVERS, US)

tistar.e13.dancis.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.129.84 (None, )

ASN13335 (CLOUDFLARENET, US)

store-jp.nintendo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:1b9::3114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

store-images.s-microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2603:400a:ffff:804:801e:34:0:15 (Cambridge, United States)

ASN3 (MIT-GATEWAYS, US)

jigsaw.w3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	190 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46	5 KB
3	dancis.info tistar.e13.dancis.info	4 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8028	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	644 B
1	w3.org jigsaw.w3.org — Cisco Umbrella Rank: 93131	2 KB
1	s-microsoft.com store-images.s-microsoft.com — Cisco Umbrella Rank: 5912	1 KB
1	nintendo.com store-jp.nintendo.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	31 KB
24	10

	Domain	Requested by
6	pagead2.googlesyndication.com	tistar.e13.dancis.info pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	tistar.e13.dancis.info	tistar.e13.dancis.info
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	jigsaw.w3.org	tistar.e13.dancis.info
1	store-images.s-microsoft.com	tistar.e13.dancis.info
1	store-jp.nintendo.com	tistar.e13.dancis.info
1	cdnjs.cloudflare.com	tistar.e13.dancis.info
24	12

This site contains links to these domains. Also see Links.

Domain
jigsaw.w3.org

Subject Issuer	Validity	Valid
tistar.e13.cc R3	`2022-02-08` - `2022-05-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
store-jp.nintendo.com DigiCert SHA2 High Assurance Server CA	`2020-08-21` - `2022-08-26`	2 years	crt.sh
store-images.microsoft.com Microsoft RSA TLS CA 02	`2021-12-10` - `2022-12-10`	a year	crt.sh
*.w3.org Gandi Standard SSL CA 2	`2021-06-02` - `2022-07-03`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://tistar.e13.dancis.info/
Frame ID: 56CA0CDB1F2843B3F326D4BED888803A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/zrt_lookup.html
Frame ID: D405EBF19F0C800067AF01FC6B3D3783
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&adk=1812271804&adf=3025194257&lmt=1630292285&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931615&bpp=2&bdt=229&idt=199&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8257899221821&frm=20&pv=2&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211
Frame ID: DDB5DC0B3AAE54D44C7C0C98713ECE44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&h=90&slotname=4745483900&adk=875969356&adf=3502096283&pi=t.ma~as.4745483900&w=728&lmt=1630292285&psa=0&format=728x90&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931617&bpp=1&bdt=232&idt=213&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8257899221821&frm=20&pv=1&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8M1WpKGUXL&p=https%3A//tistar.e13.dancis.info&dtd=216
Frame ID: 49D81188AD9A2E858597D4DB8A0B11D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&h=90&slotname=4745483900&adk=875969356&adf=3819359948&pi=t.ma~as.4745483900&w=728&lmt=1630292285&psa=0&format=728x90&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931618&bpp=1&bdt=232&idt=217&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8257899221821&frm=20&pv=1&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rN5x0h9ZIg&p=https%3A//tistar.e13.dancis.info&dtd=219
Frame ID: B2739DE05FB9CFB7F1DE877167011730
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 017C5536212FE45AE5CB9C4C180DAEE2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F5775551F38A3D58B9A05FBC18BB83A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Web Portal

Detected technologies

Salesforce Commerce Cloud (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/demandware\.static/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

24
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

238 kB
Transfer

630 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://jigsaw.w3.org/css-validator/check/referer

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
tistar.e13.dancis.info/ 3 KB
2 KB 496ms
157ms Document
text/html 5.252.164.94
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://tistar.e13.dancis.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.252.164.94 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: fee31e392679559c4fdac43c000f11c16dda61040b7246c6e81032eb64c55d72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 08 Feb 2022 23:12:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Mon, 30 Aug 2021 02:58:05 GMT
ETag: W/"bfa-5cabe008aef32"
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
tistar.e13.dancis.info/asserts/ 609 B
656 B 156ms
156ms Stylesheet
text/css 5.252.164.94
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://tistar.e13.dancis.info/asserts/main.css
Requested by: Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.252.164.94 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e905ecdf175713e0bb2ef3f3541fc5b4d0e8ecd88cbfd870af3dc7860e284a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 23:12:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Aug 2021 10:23:15 GMT
Server: nginx
ETag: W/"6118eb13-261"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 138ms
53ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2277931214379968

Requested by

Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c7f671461fd05abe0907e94cb6b0af0adc43998660271437457fee7534631a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tistar.e13.dancis.info/
Origin: https://tistar.e13.dancis.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52787
x-xss-protection: 0
server: cafe
etag: 1352437292030319434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 23:12:11 GMT

GET
H2 200 vue.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/ 92 KB
31 KB 33ms
16ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/vue.min.js

Requested by

Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://tistar.e13.dancis.info
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1258195
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30949
timing-allow-origin: *
last-modified: Tue, 08 Jun 2021 12:01:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60bf5c26-78e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKDPKPMXSry8UVqJMgw2iE5oEAvaYlzySEbJxLL6ArE6MX5O3HXgcJic0%2FwZqCps3sXpqPLUuarldNPXrwXETJ4KM31W0HEjz33bMYqcNk%2BmF%2F3KEFPu%2F9mbvzk0qvyADW9%2Fx6V0KIOsw1lpbjvsC7eo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6da88a976a0991de-FRA
expires: Sun, 29 Jan 2023 23:12:11 GMT

GET
H2 200 1.svg
store-jp.nintendo.com/on/demandware.static/-/Sites-all-master-catalog/ja_JP/dw7a69fc1b/ratings/IARC_GENERIC/rating/ 3 KB
2 KB 1085ms
1042ms Image
image/svg+xml 104.18.129.84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store-jp.nintendo.com/on/demandware.static/-/Sites-all-master-catalog/ja_JP/dw7a69fc1b/ratings/IARC_GENERIC/rating/1.svg
Requested by: Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.129.84 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddafe17eaa538926be1d620ed17a5c2e5afc42acc4da3322ac080e3db2d896f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:12 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 22 Jul 2020 11:15:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2590389
cross-origin-resource-policy: cross-origin
cf-ray: 6da88a9898215c62-FRA
x-dw-request-base-id: 3JgjMIHyAmIBAAB_
expires: Thu, 10 Mar 2022 22:45:21 GMT

GET
H/1.1 200
OK global.9404.image.ddda1b2c-d334-444b-b055-e23fec6772d7.13e2dfc1-450e-4973-bcbb-f35d2cc4f4ed
store-images.s-microsoft.com/image/ 877 B
1 KB 49ms
7ms Image
image/png 2a02:26f0:1700:1b9::3114
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store-images.s-microsoft.com/image/global.9404.image.ddda1b2c-d334-444b-b055-e23fec6772d7.13e2dfc1-450e-4973-bcbb-f35d2cc4f4ed
Requested by: Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:1700:1b9::3114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bc2495fb44774efc4cb7595b5daf4685b0bffd2b2cacabef1b806385b6754abf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 23:12:11 GMT
Last-Modified: Mon, 05 Dec 2016 23:48:53 GMT
ETag: W/"gEDUIDB4OEQ0MUQ2OTQ0RkIyMDI1"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: MS-CV
Cache-Control: public, max-age=7776000, s-maxage=7776000
MS-CV: NbA17awam0Gi5eD1.0
Connection: keep-alive
Accept-Ranges: none
Content-Length: 877

GET
H2 200 vcss-blue
jigsaw.w3.org/css-validator/images/ 2 KB
2 KB 302ms
97ms Image
image/gif 2603:400a:ffff:804:801e:34:0:15
MIT-GATEWAYS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jigsaw.w3.org/css-validator/images/vcss-blue

Requested by

Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:400a:ffff:804:801e:34:0:15 Cambridge, United States, ASN3 (MIT-GATEWAYS, US),

Reverse DNS

Software

Jigsaw/2.3.0-beta2 /

Resource Hash

052a153ac653cee8e2b7015d982d42a8524f43ede8a2c7d8335d085ce73879f6

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
Strict-Transport-Security	max-age=15552015; includeSubDomains; preload
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 18:00:46 GMT
server: Jigsaw/2.3.0-beta2
strict-transport-security: max-age=15552015; includeSubDomains; preload
content-length: 1759
x-xss-protection: 1; mode=block
public-key-pins: pin-sha256="cN0QSpPIkuwpT6iP2YjEo1bEwGpH/yiUn6yhdy+HNto="; pin-sha256="WGJkyYjx1QMdMe0UqlyOKXtydPDVrk7sl2fV+nNm1r4="; pin-sha256="LrKdTxZLRTvyHM4/atX2nquX9BeHRZMCxg3cf4rhc2I="; max-age=864000
last-modified: Tue, 27 Oct 2015 06:55:45 GMT
x-request-id: 6202f8cbb5b4494f
x-frame-options: deny
etag: "1clnvmt:1a2k0qrk0"
vary: Accept
content-type: image/gif
cache-control: max-age=518400
accept-ranges: bytes
content-location: https://jigsaw.w3.org/css-validator/images/vcss-blue.gif
expires: Fri, 11 Feb 2022 18:00:46 GMT

GET
H/1.1 200
OK main.js Show response
tistar.e13.dancis.info/asserts/ 1 KB
1 KB 156ms
156ms Script
application/javascript 5.252.164.94
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://tistar.e13.dancis.info/asserts/main.js
Requested by: Host: tistar.e13.dancis.info
URL: https://tistar.e13.dancis.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.252.164.94 Los Angeles, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 43140b89338820a1c33ae4f59ec8fef62cab5dc867c71cf23e1c5457860ce6bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 08 Feb 2022 23:12:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 15 Aug 2021 10:23:15 GMT
Server: nginx
ETag: W/"6118eb13-562"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202040101/ 287 KB
103 KB 109ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2277931214379968&plah=tistar.e13.dancis.info&bust=31064728

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2277931214379968

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c60f5facacd2efbd83da64cf7248c18365e8ca9df869f7e0437b9697d2fb736f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105859
x-xss-protection: 0
server: cafe
etag: 16801061360899150090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Feb 2022 23:12:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/ Frame D405 10 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2277931214379968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Tue, 08 Feb 2022 19:01:40 GMT
expires: Tue, 22 Feb 2022 19:01:40 GMT
cache-control: public, max-age=1209600
age: 15031
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 132ms
46ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tistar.e13.dancis.info&callback=_gfp_s_&client=ca-pub-2277931214379968

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2277931214379968&plah=tistar.e13.dancis.info&bust=31064728

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e504c4f7dba1e102ef5be2fe24850e5a937dc607a1506a1adcdea1a60c92238d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 129ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=tistar.e13.dancis.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tistar.e13.dancis.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 23:12:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDB5 603 B
67 B 108ms
61ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&adk=1812271804&adf=3025194257&lmt=1630292285&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931615&bpp=2&bdt=229&idt=199&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8257899221821&frm=20&pv=2&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 23:12:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49D8 603 B
67 B 98ms
57ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&h=90&slotname=4745483900&adk=875969356&adf=3502096283&pi=t.ma~as.4745483900&w=728&lmt=1630292285&psa=0&format=728x90&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931617&bpp=1&bdt=232&idt=213&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8257899221821&frm=20&pv=1&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8M1WpKGUXL&p=https%3A//tistar.e13.dancis.info&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 23:12:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B273 603 B
67 B 96ms
58ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&h=90&slotname=4745483900&adk=875969356&adf=3819359948&pi=t.ma~as.4745483900&w=728&lmt=1630292285&psa=0&format=728x90&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931618&bpp=1&bdt=232&idt=217&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8257899221821&frm=20&pv=1&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rN5x0h9ZIg&p=https%3A//tistar.e13.dancis.info&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 08 Feb 2022 23:12:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 99ms
52ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b545ccdbbcc51f75e30998b561d9724e4c0cdc178c1762e6c58cff4a4f3a7a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Feb 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9886
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 164ms
76ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 23:12:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 017C 13 KB
5 KB 83ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Feb 2022 21:30:47 GMT
expires: Wed, 08 Feb 2023 21:30:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 6085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F57 783 B
1 KB 133ms
46ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b19511ac48cfecb7a50ba74ae40100a33f876f98268b6f0ff36928285d35a932

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0/Jdgbv9JP4LLW+TUBvTew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Feb 2022 23:12:13 GMT
date: Tue, 08 Feb 2022 23:12:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-0/Jdgbv9JP4LLW+TUBvTew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 OJsPeSlINeJyzOQXpTvtD9cMgHq4K4YXI50fjA0xvQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 017C 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OJsPeSlINeJyzOQXpTvtD9cMgHq4K4YXI50fjA0xvQc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

389b0f79294835e272cce417a53bed0fd70c807ab82b8617239d1f8c0d31bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 08:33:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13596
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Feb 2023 08:33:23 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F57 0
0 72ms
72ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220207&jk=4238855836760381&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 017C 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?D3Rhdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 23:12:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220207&jk=4238855836760381&bg=!Tk2lTQnNAAa4sGsQuLA7ACkAdvg8WnaotT6-esOUx_GKVZQIQcPnKtgMxRiIt_-_-LNg2gQd3meD4AIAAABMUgAAAANoAQcKAAQRlbS6mQLJio2T2SL-tjMDGTXRfTzrcS9MkOERhca2q_cwuBzrgirKlkAYFy_53cHhSwPqSFLkuq3z4cQjQIDEvMmjDMLPHpPY9K4p0036iFQa8-f7OhW7XxE0VbcHZQbOyPJgq6JAWyGbawiKfbfnvFWg_oRQ9QlScAp2HGTd32Jl5yOo_R_rwZpaRViXWKI3tn25nTDAl6enuo5grBz5HokCOWEesBS8fzsJ-jvJlqhNmaVcRW4y7VJdyr2SUQVyTBsx-ttvkjlPs2l5h2Q06PN7gcjMb8tRhSXg4N76hfHyTZ2PvWW7PebWIfGQSOtj2eqCFFi6qawQvZLr6phXDyzm6WKQeen_Vuys4KvoLe7IMYsWWS6mSvQuOPJ-Bb0Vlzu2zUxHlldtRnzZOwN_gnAmhbkHlOPAjCieekEHn03OPjbIqXguBWe4wDFKssimI_K7m_uf6jq9yd8btLHNuN5REkfWmfoE19xY0aCnQ2Lt5KY_bAbF9a6295YN2fv4m9kmYzh4bki_78JaTPaJldMnWPx-M2t0IHaIU6dfiX2zHQObxhAH4-3hKimwaBalqKTMOlnB_hf4XQIfUCGdvb14k7HGx8tAxvi38kRFdTF4fWSvi1b4Gr26s-L1PFIu61xInLFhixaPSHEjHrXJ8gocoPvy4duTsPFTfLSsLaz2DAG0PAq7ExhYl0yMHc0R59UJjQlptnyJjchi6UW0rPytnjmpMpzujjbHSvwcJSCkCTg-R1sxGm-KTX-9EUKhVKm1S-hhGVll6IyS5tmybrsNYQZpVknpfgONKKWG8TLHTycAf-VtjLgcRXsTxVTJEe46yFjm5bdDJHangvgUQsIUcdmUnQV8bvD0xquMBnIk6atfuH1V5wybVNoVl0ThKINRXPStbXSMA9K91Uzdyl9ss-7knT5EPiUesSBAqu536sCeV7bOBU7k74ZGZVk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tistar.e13.dancis.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Feb 2022 23:12:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 00:46:02	Name: test_cookie Value: CheckForPermission
			.dancis.info/	1970-01-20 10:07:37	Name: __gads Value: ID=016a4c4d6dbb3bea-2282abdd37cd00e7:T=1644361931:RT=1644361931:S=ALNI_MY-Rlu7rWWcE3h_GM_2aQjlvpaczw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&h=90&slotname=4745483900&adk=875969356&adf=3502096283&pi=t.ma~as.4745483900&w=728&lmt=1630292285&psa=0&format=728x90&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931617&bpp=1&bdt=232&idt=213&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8257899221821&frm=20&pv=1&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=8M1WpKGUXL&p=https%3A//tistar.e13.dancis.info&dtd=216 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&h=90&slotname=4745483900&adk=875969356&adf=3819359948&pi=t.ma~as.4745483900&w=728&lmt=1630292285&psa=0&format=728x90&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931618&bpp=1&bdt=232&idt=217&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8257899221821&frm=20&pv=1&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rN5x0h9ZIg&p=https%3A//tistar.e13.dancis.info&dtd=219 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2277931214379968&output=html&adk=1812271804&adf=3025194257&lmt=1630292285&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftistar.e13.dancis.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1644361931615&bpp=2&bdt=229&idt=199&shv=r20220207&mjsv=m202202040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8257899221821&frm=20&pv=2&ga_vid=1269700620.1644361932&ga_sid=1644361932&ga_hid=439098691&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31062423%2C31064728&oid=2&pvsid=4238855836760381&pem=504&tmod=230259054&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=211 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
googleads.g.doubleclick.net
jigsaw.w3.org
pagead2.googlesyndication.com
partner.googleadservices.com
store-images.s-microsoft.com
store-jp.nintendo.com
tistar.e13.dancis.info
tpc.googlesyndication.com
www.google.com
104.18.129.84
142.250.181.226
2603:400a:ffff:804:801e:34:0:15
2606:4700::6810:125e
2a00:1450:4001:80e::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a02:26f0:1700:1b9::3114
5.252.164.94
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
052a153ac653cee8e2b7015d982d42a8524f43ede8a2c7d8335d085ce73879f6
2c7f671461fd05abe0907e94cb6b0af0adc43998660271437457fee7534631a7
389b0f79294835e272cce417a53bed0fd70c807ab82b8617239d1f8c0d31bd07
43140b89338820a1c33ae4f59ec8fef62cab5dc867c71cf23e1c5457860ce6bd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e905ecdf175713e0bb2ef3f3541fc5b4d0e8ecd88cbfd870af3dc7860e284a1
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
b19511ac48cfecb7a50ba74ae40100a33f876f98268b6f0ff36928285d35a932
b545ccdbbcc51f75e30998b561d9724e4c0cdc178c1762e6c58cff4a4f3a7a87
bc2495fb44774efc4cb7595b5daf4685b0bffd2b2cacabef1b806385b6754abf
c60f5facacd2efbd83da64cf7248c18365e8ca9df869f7e0437b9697d2fb736f
ddafe17eaa538926be1d620ed17a5c2e5afc42acc4da3322ac080e3db2d896f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e504c4f7dba1e102ef5be2fe24850e5a937dc607a1506a1adcdea1a60c92238d
fee31e392679559c4fdac43c000f11c16dda61040b7246c6e81032eb64c55d72

tistar.e13.dancis.info Open in urlscan Pro 5.252.164.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

73 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

238 kBTransfer

630 kBSize

2 Cookies

1 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

tistar.e13.dancis.info Open in urlscan Pro
5.252.164.94 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

73 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

238 kB
Transfer

630 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions