ad.doubleclick.net Open in urlscan Pro
142.250.186.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;...
Submission: On September 11 via manual (September 11th 2022, 5:18:00 am UTC) from IN — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 142.250.186.102, located in United States and belongs to GOOGLE, US. The main domain is ad.doubleclick.net. The Cisco Umbrella rank of the primary domain is 214.

This is the only time ad.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 2	52.212.172.97 52.212.172.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:6c00:7:4bc6:d200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	63.34.52.197 63.34.52.197	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:7e00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:1ac... 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0	14618 (AMAZON-AES) (AMAZON-AES)
22	11

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.172.97 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-172-97.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6c00:7:4bc6:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)

track.activemetering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.52.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-52-197.eu-west-1.compute.amazonaws.com

secure-gg.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:7e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 174	77 KB
6	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1021 static.adsafeprotected.com — Cisco Umbrella Rank: 791 dt.adsafeprotected.com — Cisco Umbrella Rank: 735	93 KB
4	doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373	31 KB
1	imrworldwide.com secure-gg.imrworldwide.com — Cisco Umbrella Rank: 3632	525 B
1	activemetering.com track.activemetering.com — Cisco Umbrella Rank: 4183	310 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 234	44 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 350	112 KB
22	7

	Domain	Requested by
6	pagead2.googlesyndication.com	ad.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
3	googleads4.g.doubleclick.net	ad.doubleclick.net
2	dt.adsafeprotected.com	ad.doubleclick.net
2	static.adsafeprotected.com	ad.doubleclick.net
2	fw.adsafeprotected.com	1 redirects ad.doubleclick.net
1	secure-gg.imrworldwide.com	ad.doubleclick.net
1	track.activemetering.com	ad.doubleclick.net
1	www.googletagservices.com	ad.doubleclick.net
1	s0.2mdn.net	ad.doubleclick.net
1	ad.doubleclick.net
22	11

This site contains no links.

Subject Issuer	Validity	Valid
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
track.activemetering.com Amazon	`2021-12-05` - `2023-01-01`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Frame ID: E7AFB40F3128518A61EFE56E8B9E23A5
Requests: 17 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 55C6EFD72B5BA976017999F9DAF26E0E
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 63C1B17FD5E2ECB86AA40D5DA3DAA344
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js
Frame ID: B0984CBB1DCD6F8EB2FAE484D5151289
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advertisement

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

22
Requests

59 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

358 kB
Transfer

815 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://fw.adsafeprotected.com/rfw/st/1087738/65101187/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_g28dY-_ROcGN7_UP8vGbmAI&cbFunctionName=goog_wrapCb_g28dY-_ROcGN7_UP8vGbmAI&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN300005.3958515PMPRECISIONTHETRA%2FB28103820.344119899%3Bdc_ver%3D90.265%3Bsz%3D300x250%3Bu_sd%3D1.25%3Bgdpr_consent%3DCPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA%3Bgdpr%3D1%3Baddtl_consent%3D1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2F&adsafe_type=f&adsafe_jsinfo=,id:3a550bf9-9bed-5ec2-a206-eae76365a6a3,c:nSD16Y,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-585d8b8594-wxvvb,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.250,am:sp,cc:0.0.1600.250,piv:0,obst:0,th:0,reas:l.h,mu:10000,br:c,an:n,oam:0,mtim:8,mot:0,app:0,maw:0,fm:th6fDSt+1*.1087738-65101187%7C11,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:40,oid:180f5418-3191-11ed-9dd8-02ccd9bbe15d,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr... Show response
ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/ 69 KB
30 KB 85ms
58ms Document
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3

Protocol

HTTP/1.1

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

321332398b3bcfb5178259e6def50655013d5dbf35931746000db7ea00282e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Content-Encoding: gzip
Content-Length: 30606
Content-Type: text/html; charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 11 Sep 2022 05:17:55 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: cafe
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H/1.1 200
OK 3109322392608661746
s0.2mdn.net/simgad/ 111 KB
112 KB 100ms
57ms Image
image/jpeg 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://s0.2mdn.net/simgad/3109322392608661746

Requested by

Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82ed6503b643f3ba9f853642e5d5406c075ebf496b82f440d0fff821253a86d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 05:17:56 GMT
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 113564
X-XSS-Protection: 0
Last-Modified: Fri, 19 Aug 2022 18:20:49 GMT
Server: sffe
Report-To: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-doubleclick-media"
Expires: Mon, 11 Sep 2023 05:17:56 GMT

GET
H/1.1 200
OK sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/ 10 KB
5 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 05:17:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 9
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 4037
X-XSS-Protection: 0
Server: cafe
ETag: 4842123143989086801
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sun, 25 Sep 2022 05:17:47 GMT

GET
H/1.1 200
OK omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ 8 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Sun, 11 Sep 2022 02:48:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 8979
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 3181
X-XSS-Protection: 0
Server: cafe
ETag: 10699485926258732851
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sun, 25 Sep 2022 02:48:17 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1087738/65101187/ 235 KB
70 KB 184ms
34ms Script
application/javascript 52.212.172.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1087738/65101187/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.172.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-172-97.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 59c4498f0309b3285a3aafd70c4b4894267d775f1352aad1d8de5a4b0c3df78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 05:17:56 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 141 KB
44 KB 85ms
35ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44740
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1662550240112033"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 05:17:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
575 B 98ms
49ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5GkVLDx2fXcKoH3GFMZo_49KRThfqmwOcDDdsE99LexELj24bPEMbatZ1oHiQcSf6EUebmxm7WlxmHERKmx8U6MkDRvAP-NdBdT9MG74gIVDIZslxkPiY&sig=Cg0ArKJSzJBc7HQkMpiwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.70695&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 05:17:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
track.activemetering.com/pixel/v1/all/ 43 B
310 B 111ms
47ms Image
image/gif 2600:9000:21f3:6c00:7:4bc6:d200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.activemetering.com/pixel/v1/all/pixel.gif?cid=1ddbc85d-87a6-4a69-84a5-b536056ffae6&creativeId=176457355&placementId=344119899&siteId=7259761&campaignId=28103820&adId=535741532
Requested by: Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6c00:7:4bc6:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:17:56 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 43
x-amz-cf-id: -Uw245eVUAQuO3GeeQV4cJ1OHcWAgnXeUfawSOIX1NOwLHkqWvnzDQ==

GET
H2 200 m
secure-gg.imrworldwide.com/cgi-bin/ 0
525 B 153ms
31ms Image
text/plain 63.34.52.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn341016&cr=176457355&ce=N300005.3958515PMPRECISIONTHETRA&pc=344119899&ci=nlsnci3731&am=1&at=view&rt=banner&st=image&r=3156092756&C78=G1,DCM&uoo=0
Requested by: Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.52.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-52-197.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 05:17:56 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
16 KB 30ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 10:39:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 412723
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15207
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Vary: Accept-Encoding
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 06 Sep 2023 10:39:13 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 91ms
55ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69354c89d5cfb5399ecaaa9a19e9c1ca6b96181b80ce226214cefe666c2f2a36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 05:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5601
x-xss-protection: 0

GET
H/1.1 200
OK Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 55C6 22 KB
9 KB 14ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 412723
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Content-Length: 8395
Content-Type: text/html
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 06 Sep 2022 10:39:13 GMT
Expires: Wed, 06 Sep 2023 10:39:13 GMT
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server: sffe
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0

GET
H/1.1 200
OK dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js Show response
pagead2.googlesyndication.com/bg/ Frame 55C6 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/bg/dMUMwKlHRkKFxm324gu_shN2JBGfr2rZRInLP1vMiqM.js

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 04:37:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 434428
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15929
X-XSS-Protection: 0
Last-Modified: Mon, 29 Aug 2022 10:58:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Vary: Accept-Encoding
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Expires: Wed, 06 Sep 2023 04:37:28 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
63 B 50ms
50ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 05:17:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 55C6 0
459 B 50ms
50ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXaZ7g28dY-_ROcGN7_UP8vGbmAIAAAAAOAHgBAI&bg=!sLOls_fNAAZTikH4c4o7ACkAdvg8WtYRcP9PSZ-_1CZzEULK-YHKk961Io6vWBPW1RQVlgbOs4yC9AIAAABDUgAAAAFoAQeZAuLL21yonWq5lVnVZwmBsakK63KdBAsJfT-_NmjjMiY7bjOHyXwj6i5tgEhxkgCIuIl5xO8W1MRMTWvtIPonUlMexWGj2MPwOLKihwGKInZsUWx5z9keDnVF_bExTGTHNMjL-CkK6qVKnLTE6WFFdwyvlKQ2y57837ZXlnrAUnYfmKfbOprWCouf_fNY899RU3Pn03KYG6nTnVCACfjUPsySCgFDzVuZxUaAF6AbxZFqpVONCpDBKHL_pckkb2OfererqR6iOpnqlmPcr56XTuWL3Y3gOu3uEhIjK-kXEIel6w9xwJVJi72WMwBG452rAwbE1nNUb1paj2LRadTcLdt9iYvShdNYfjFM40aaZWcbVHCGCWrDh3GCGGC9ek1cLR-1WBRkiQ0dKpXVK9bLN1QSz_s8ay10r4-o9G-W8xaVxgwPgRzXdaUjFqkmUPvAP9tfFWWyrLC1lYY4ZZEgW88E_ZsieaeIyLrdnoe0oLaddmiOMSL03zDvIL9G7x-CZvyo3c-v1sIaFXXW0xmXFsbYAtDMh61-4vzdHPgoFYm-p3fBxNxs9QiaaVXMb6pYBVMjzgsev7u-F1x55MLLlVVUNxU84mhoruOWJsDUj-BIcPP7iRLcdaEKsFyxQEULzwpUMI2iu6Xp_5aEvIN-rWi6me1BDflLZQE0UV7TP6jZWnnd6-PQkghZMiGqBIK3nb8cekoUZUvpfk1QgXZkPRSIgDts8IqmMFYOX9IX3rTLCdw8scotp19DVj6NlsC51kNJIb-6iyAYX1YinooaWjfy7IVlzL1nZvTUmkDzv9SQcaKTN3Q07jWp716O_e8RitScytDk1Grk_u_63GbVPUn1Y6TZEYKlOPYbbVTSWT6lys_712hNsZCCZ4JyPz-M2kpJ9ZK8p_lCFVd6zIVVMHRz9kjzEJ9l0uaK5kBo37yRJRohg4-8T8Jit_N_PLg1FLBowsOHYA9eAhQsP7cwgboyTz8

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Sep 2022 05:17:56 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1087738/65101187/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_g28dY-_ROcGN7_...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

43ms
10ms

Script
application/javascript

2600:9000:21f3:7e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol: H2
Server: 2600:9000:21f3:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:07:50 GMT
content-encoding: gzip
age: 393007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 06 Sep 2022 16:07:47 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
x-amz-version-id: y278kCHjy4az.swXkOrW4jguar1P2G10
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: QQrZOeo1fOsFk-PqyfV1YHktBbMUlbagpnnWJPSiMQIIrxrbq_FFWA==

Redirect headers

pragma: no-cache
date: Sun, 11 Sep 2022 05:17:56 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 63C1 80 KB
21 KB 60ms
9ms Script
application/javascript 2600:9000:21f3:7e00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:54:48 GMT
content-encoding: gzip
age: 2827389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
content-type: application/javascript
x-amz-cf-id: _HWaYpYzwCLbpXvtQVH1FTtyZLeP-aRTWy-0g_1efrMfF_UGO5ma2A==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 381ms
105ms Image
image/gif 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1087738&asId=3a550bf9-9bed-5ec2-a206-eae76365a6a3&tv=%7Bc:nSD17s,pingTime:-2,time:69,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:419,beZ:422,mfA:427,cmA:431,inA:431,inZ:443,prA:443,prZ:450,si:459,poA:460,poZ:482,cmZ:482,mfZ:482,loA:486,loZ:487,ltA:487,ltZ:487%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.h,w:1600,h:250,t:39%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:39,wc:0.0.1600.1200,ac:0.0.1600.250,am:sp,cc:0.0.1600.250,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~1600.250%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:th6fDSt+1*.1087738-65101187%7C11,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,slid:%5BDfaVisibilityIdentifier_3156092756%5D,sinceFw:27,readyFired:true%7D&br=c
Requested by: Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.344119899;dc_ver=90.265;sz=300x250;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 05:17:56 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
63 B 52ms
52ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 11 Sep 2022 05:17:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 58ms
24ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 05:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Sep 2022 05:17:56 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 105ms
105ms Image
image/gif 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1087738&asId=3a550bf9-9bed-5ec2-a206-eae76365a6a3&tv=%7Bc:nSD1dT,pingTime:-10,time:468,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1662873476776%7C%7C3c133a2abd0b44972bf494bef6cd0b74%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7C2e0d41eb89e9b9e73927c9242e6f0b8d%7C%7Caf40298e97285429961ad82839c2d763%7C%7C352f6cd866e129468eeba37078c7730b%7C%7Cba529014dff34fcfbf8a57651e5cebf6%7C%7Ce456fdfedc19f97c2ee1fbd4fc1124b2%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:5958:8cf8:6c75:edf0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Sep 2022 05:17:56 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B098 36 KB
15 KB 15ms
14ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CgETvhyXIYksjpVuZOiCWYZFr3TNicAtz6hsjYVMHCQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Sat, 10 Sep 2022 20:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15836
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Sep 2023 20:15:44 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
secure-gg.imrworldwide.com
static.adsafeprotected.com
tpc.googlesyndication.com
track.activemetering.com
www.googletagservices.com
142.250.185.226
142.250.186.102
2600:1f18:1aca:4281:5958:8cf8:6c75:edf0
2600:9000:21f3:6c00:7:4bc6:d200:93a1
2600:9000:21f3:7e00:8:48e:53c0:93a1
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82f::2006
52.212.172.97
63.34.52.197
0a0113be1c9721892c8e956e64e882598645af74cd89c02dcfa86c8d854c1c24
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
321332398b3bcfb5178259e6def50655013d5dbf35931746000db7ea00282e61
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
59c4498f0309b3285a3aafd70c4b4894267d775f1352aad1d8de5a4b0c3df78c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69354c89d5cfb5399ecaaa9a19e9c1ca6b96181b80ce226214cefe666c2f2a36
74c50cc0a947464285c66df6e20bbfb2137624119faf6ad94489cb3f5bcc8aa3
82ed6503b643f3ba9f853642e5d5406c075ebf496b82f440d0fff821253a86d7
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ad.doubleclick.net Open in urlscan Pro 142.250.186.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

59 %HTTPS

64 %IPv6

7 Domains

11 Subdomains

11 IPs

3 Countries

358 kBTransfer

815 kBSize

0 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

ad.doubleclick.net Open in urlscan Pro
142.250.186.102 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

59 %
HTTPS

64 %
IPv6

7
Domains

11
Subdomains

11
IPs

3
Countries

358 kB
Transfer

815 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions