urlscan.io logo urlscan.io
SecurityTrails logo

xn--220b31d95hq8o.xn--3e0b707e Open in urlscan Pro Puny
내도메인.한국 IDN
139.99.90.56  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zz.am/
Effective URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Submission: On October 17 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 72 HTTP transactions. The main IP is 139.99.90.56, located in Singapore, Singapore and belongs to OVH, FR. The main domain is xn--220b31d95hq8o.xn--3e0b707e.
TLS certificate: Issued by R3 on August 13th 2021. Valid for: 3 months.
This is the only time xn--220b31d95hq8o.xn--3e0b707e was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 139.99.89.153 16276 (OVH)
5 139.99.90.56 16276 (OVH)
12 142.250.184.194 15169 (GOOGLE)
2 142.250.186.174 15169 (GOOGLE)
3 119.205.238.29 4766 (KIXS-AS-K...)
1 14.0.113.205 38107 (CDNETWORK...)
10 142.250.186.34 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
20 142.250.185.225 15169 (GOOGLE)
2 3 172.217.23.100 15169 (GOOGLE)
16 14.0.113.209 38107 (CDNETWORK...)
72 12
1    139.99.89.153 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 153.ip-139-99-89.net
zz.am
5    139.99.90.56 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: 56.ip-139-99-90.net
xn--220b31d95hq8o.xn--3e0b707e
12    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
2    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
3    119.205.238.29 (Korea, Republic Of)

ASN4766 (KIXS-AS-KR Korea Telecom, KR)
www.mediacategory.com
1    14.0.113.205 (Korea, Republic Of)

ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR)
cdn.megadata.co.kr
10    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.com
20    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
3    172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net
www.google.com
16    14.0.113.209 (Korea, Republic Of)

ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR)
img.mobon.net
Domain Requested by
20 tpc.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
16 img.mobon.net www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
img.mobon.net
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
xn--220b31d95hq8o.xn--3e0b707e
googleads.g.doubleclick.net
10 pagead2.googlesyndication.com xn--220b31d95hq8o.xn--3e0b707e
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
5 xn--220b31d95hq8o.xn--3e0b707e xn--220b31d95hq8o.xn--3e0b707e
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.mediacategory.com xn--220b31d95hq8o.xn--3e0b707e
cdn.megadata.co.kr
www.mediacategory.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 www.google-analytics.com xn--220b31d95hq8o.xn--3e0b707e
www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.megadata.co.kr xn--220b31d95hq8o.xn--3e0b707e
1 zz.am 1 redirects
72 13

This site contains links to these domains. Also see Links.

Domain
www.sslforfree.com
xn--c79as89aj0e29b77z.xn--3e0b707e
Subject Issuer Validity Valid
xn--220b31d95hq8o.xn--3e0b707e
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.mediacategory.com
Thawte RSA CA 2018		 2019-10-16 -
2021-12-14		 2 years crt.sh
cdn.megadata.co.kr
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-10-19 -
2021-11-19		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.mobon.net
Thawte RSA CA 2018		 2021-05-26 -
2022-06-09		 a year crt.sh

This page contains 15 frames:

Primary Page: https://xn--220b31d95hq8o.xn--3e0b707e/
Frame ID: 15C0FED47ED7B021459BCFE50FE8A00F
Requests: 18 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/iadbn?from=&s=132364&psb=99
Frame ID: DA3A5BE7D76AF16E156C83ABA0073A19
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 157A511F295A16687876A53A7342241A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Frame ID: E66D2AA5331EACE82602EF9A798FF4BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Frame ID: 20F56F8F7807D7F32F492D93C50324C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1634479375&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375370&bpp=2&bdt=718&idt=110&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
Frame ID: 5FB7B70EED4F25B9E156F6437F1140CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html
Frame ID: BB55B083C5337C901525788FCC30AFA6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CX3YBDy1sYYHPIZbogAeBrIWYCtaN38Vl45LRotkO2tkeEAEgzNS3JGDJBqABgaGLmwPIAQmoAwHIA0iqBOABT9AsHnbvnagIHbDCrslyAVyDwmveTSHaFNzUogX_3-nCuF6lSh6fhWvwdhujOlGuP_CKdjIhERM4pgrbi4MvBYzAwpAGg1Y8OUO21mVE-O0fOCoOyl4x0-XB34XgJ1cM78HZ61XKFKs8mqjbdQiB68qPhmDq-GNg3Co4lJdRgvvZ6oE2NTVCT-NO-_va14UH22QQBnyB2jGeBTmQ28BX8A3jFpNvfips2ZVtNeY39D_NEG33BRG3EU73Xnj0uV6aHK213Fl3-jM3UCMz3FHNxn8wtKIx09AzSNElNhsokjXABMuSpt3XA5IFBAgEGAGSBQQIBRgEoAYugAfn3vRkqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBC-tgjSCAcIgGEQARhfgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTY1ODYwMjE1Mzc2MzMxMjYYAA&sigh=Sa3TasximeE&template_id=419
Frame ID: 3DAEDCA78182E1B499EB38D1C8FB86F4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C5B524573778846D6931C189F1974E0D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html
Frame ID: 4D5CA938F8A63FD98B90CF67F7CF9693
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CLrKiDy1sYd-NIdrOtwfYtYSADtSMuMZl577p3sIO2tkeEAEgzNS3JGDJBqABgaGLmwPIAQmoAwHIA0iqBOMBT9BjyO0n1fUWP2Jj0wqAOw-cPt90MJFqC3pzaMHhMAM3X83DBcRBJxqr0_M-XoHDY4UZuQ8nuUXXQhR7RXR_1wwjXCuKf9U2-eNO8uVw7D39RDlzSjhBbY5OBTTZqHgYdh3n4QDK0Ky2pGOvl1PayjfTvB6Gbfnw5k8PGBgNJGN2clkhrqvvLEvMcFfaacdQnqTbJKB0UDMgAqGzS6t22U58zSmgJdQYHyepEmMrn733e8-e9OFfl3uSficF99wVNS5tvKLpAIdw5PrAldq3vSIqv2NNHDYKKT-m7E8Rs6boCJLABO2-ravVA5IFBAgEGAGSBQQIBRgEoAYugAfn3vRkqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCA5gjSCAcIgGEQARhfgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTY1ODYwMjE1Mzc2MzMxMjYYAA&sigh=_zm51lxNWiQ&template_id=419
Frame ID: D33B12CE13B0C576C42264F77903A227
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 07FE3E44C3D495F12646F3F803BD51C0
Requests: 2 HTTP requests in this frame

Frame: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Frame ID: 41A6756A3E7E1CDBB1C065F1BEEE865F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 66B0B808116DDCDD53A2AC9D40752CF6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A90793924E49E661C8A449F9FE24DBFA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

내도메인.한국 - 한글 무료 도메인 등록센터

Page URL History Show full URLs

  1. http://zz.am/ HTTP 302
    https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

1264 kB
Transfer

2208 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zz.am/ HTTP 302
    https://xn--220b31d95hq8o.xn--3e0b707e/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 39
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xn--220b31d95hq8o.xn--3e0b707e/
Redirect Chain
  • http://zz.am/
  • https://xn--220b31d95hq8o.xn--3e0b707e/
14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
797a1ac301fa13ba3f22eef3f1f53fd0555f8eb14cedd4a113df079db95716b2

Request headers

:method
GET
:authority
xn--220b31d95hq8o.xn--3e0b707e
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.16.1
date
Sun, 17 Oct 2021 14:02:54 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.4.16
set-cookie
PHPSESSID=0llo24eku69cnj9vr3ssg44cr7; path=/

Redirect headers

Server
nginx/1.16.1
Date
Sun, 17 Oct 2021 14:02:53 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Powered-By
PHP/5.4.16
Location
https://xn--220b31d95hq8o.xn--3e0b707e/
style.css
xn--220b31d95hq8o.xn--3e0b707e/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/style.css
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec

Request headers

:path
/style.css
pragma
no-cache
cookie
PHPSESSID=0llo24eku69cnj9vr3ssg44cr7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
xn--220b31d95hq8o.xn--3e0b707e
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:38:47 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335c7-507"
content-length
1287
content-type
text/css
jquery-1.7.2.min.js
xn--220b31d95hq8o.xn--3e0b707e/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/js/jquery-1.7.2.min.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

:path
/js/jquery-1.7.2.min.js
pragma
no-cache
cookie
PHPSESSID=0llo24eku69cnj9vr3ssg44cr7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
xn--220b31d95hq8o.xn--3e0b707e
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:39:30 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f2-17278"
content-length
94840
content-type
application/javascript
loading.gif
xn--220b31d95hq8o.xn--3e0b707e/image/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/loading.gif
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871

Request headers

:path
/image/loading.gif
pragma
no-cache
cookie
PHPSESSID=0llo24eku69cnj9vr3ssg44cr7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xn--220b31d95hq8o.xn--3e0b707e
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:54 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-38ee"
content-length
14574
content-type
image/gif
logo.png
xn--220b31d95hq8o.xn--3e0b707e/image/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xn--220b31d95hq8o.xn--3e0b707e/image/logo.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.90.56 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
56.ip-139-99-90.net
Software
nginx/1.16.1 /
Resource Hash
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a

Request headers

:path
/image/logo.png
pragma
no-cache
cookie
PHPSESSID=0llo24eku69cnj9vr3ssg44cr7
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
xn--220b31d95hq8o.xn--3e0b707e
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:55 GMT
last-modified
Sun, 01 Dec 2019 03:39:29 GMT
server
nginx/1.16.1
accept-ranges
bytes
etag
"5de335f1-2706"
content-length
9990
content-type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b4ed6d5e837a0bb24d1b1d16c6f9716ac7217a1cffff7f88b61684dd8422152d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51507
x-xss-protection
0
server
cafe
etag
1478938635461565206
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 14:02:55 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
109
date
Sun, 17 Oct 2021 14:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 17 Oct 2021 16:01:06 GMT
Cookie set iadbn
www.mediacategory.com/servlet/ Frame DA3A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/iadbn?from=&s=132364&psb=99
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
e62a23f55f2d22e7484c40dafe805c8489d4d5d799865ee2b07954cca631312b

Request headers

Host
www.mediacategory.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

Set-Cookie
Start_Time="2021101723"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ s_IP_info="216.131.114.211.3413"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ s_au_id="7c32188ae7545a713adbe74d17c8e8b60223ab"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ iDev="(1634479375963)IP_info^216.131.114.211.3413#"; Domain=.mediacategory.com; Max-Age=62208000; SameSite=None; Secure; Path=/
Pragma
no-cache
Cache-Control
no-cache
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
vary
accept-encoding
Content-Encoding
gzip
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Date
Sun, 17 Oct 2021 14:02:55 GMT
Keep-Alive
timeout=5
Connection
keep-alive
MBSHandler.js
cdn.megadata.co.kr/js/media/1.1/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.205 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:55 GMT
Via
1.1 PShgseSEL4tn171:0 (W), 1.1 PShgseSEL4uz147:2 (W)
Last-Modified
Thu, 02 May 2019 07:42:03 GMT
Server
PWS/8.3.1.0.8
Age
20584
ETag
"f06d72-25c6-587e2c5265889"
X-Ws-Request-Id
616c2d0f_PShgseSEL4tw135_2803-13169
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4uz147GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9670
collect
www.google-analytics.com/j/ 		2 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=775592676&t=pageview&_s=1&dl=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ul=en-us&de=UTF-8&dt=%EB%82%B4%EB%8F%84%EB%A9%94%EC%9D%B8.%ED%95%9C%EA%B5%AD%20-%20%ED%95%9C%EA%B8%80%20%EB%AC%B4%EB%A3%8C%20%EB%8F%84%EB%A9%94%EC%9D%B8%20%EB%93%B1%EB%A1%9D%EC%84%BC%ED%84%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1721153837&gjid=787714764&cid=42516202.1634479375&tid=UA-64072023-1&_gid=1591929339.1634479375&_r=1&_slc=1&z=811651385
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 14:02:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xn--220b31d95hq8o.xn--3e0b707e
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/ 		273 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3e237fa20995aa49649003d14614a21eeafce2f40b2991c75cdcc045fe01e55f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99865
x-xss-protection
0
server
cafe
etag
16450109830968115031
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 14:02:55 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 157A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211013/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 16 Oct 2021 21:22:20 GMT
expires
Sat, 30 Oct 2021 21:22:20 GMT
content-type
text/html; charset=UTF-8
etag
9069739545958607985
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4691
x-xss-protection
0
age
60035
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		220 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xn--220b31d95hq8o.xn--3e0b707e&callback=_gfp_s_&client=ca-pub-6586021537633126
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d20a8120f28bf1706e8708648a253785918382d2ff652a798ae807eb7b8c7525
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xn--220b31d95hq8o.xn--3e0b707e
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Oct 2021 14:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E66D 		120 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b5d42b8cc1904cab933c5dfcf1e92f60f4b1a73451b6a7f5f3a4aa534141846a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ_RyZTO0fMCFVrn7Qod2BoB4A&gqi=Dy1sYcjZIP_L1fAP_uSQyAY&layout=/sadbundle/%24csp%253Der3%24/5960526653118807895/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJ_RyZTO0fMCFVrn7Qod2BoB4A&gqi=Dy1sYcjZIP_L1fAP_uSQyAY&layout=/sadbundle/%24csp%253Der3%24/5960526653118807895/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 17 Oct 2021 14:02:56 GMT
server
cafe
content-length
38184
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 17-Oct-2021 14:17:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 17 Oct 2021 14:02:56 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 20F5 		120 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
256ccac77179355638779ff71721389b1287a830118413b7d0327c131c01720d
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGSypTO0fMCFRY04AodAVYBow&gqi=Dy1sYd7aIKbN1fAPu4a2mAg&layout=/sadbundle/%24csp%253Der3%24/17278275075902057743/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGSypTO0fMCFRY04AodAVYBow&gqi=Dy1sYd7aIKbN1fAPu4a2mAg&layout=/sadbundle/%24csp%253Der3%24/17278275075902057743/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 17 Oct 2021 14:02:56 GMT
server
cafe
content-length
38161
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 17-Oct-2021 14:17:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 17 Oct 2021 14:02:56 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 5FB7 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1634479375&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375370&bpp=2&bdt=718&idt=110&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-6586021537633126&output=html&adk=1812271804&adf=3025194257&lmt=1634479375&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375370&bpp=2&bdt=718&idt=110&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280%2C938x280&nras=1&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=115
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 14:02:55 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 17-Oct-2021 14:17:55 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 17 Oct 2021 14:02:55 GMT
cache-control
private
adBannerFloating
www.mediacategory.com/servlet/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBannerFloating?from=&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Requested by
Host: cdn.megadata.co.kr
URL: https://cdn.megadata.co.kr/js/media/1.1/MBSHandler.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
272cbf91e4e8131d5193f8d16beec202141a89c27bc09f50af3f7657e67fc66b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 17 Oct 2021 14:02:55 GMT
Content-Encoding
gzip
vary
accept-encoding
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript;charset=ISO-8859-1
Keep-Alive
timeout=5
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/ Frame BB55 		64 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
b74bdecedad944693adcf881e5e2df86513e8bbc745c5e6f89d941ba90e0ab96
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/17278275075902057743/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Tue, 12 Oct 2021 13:21:49 GMT
expires
Wed, 12 Oct 2022 13:21:49 GMT
last-modified
Fri, 10 Sep 2021 01:41:45 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
17664
age
434467
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 3DAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CX3YBDy1sYYHPIZbogAeBrIWYCtaN38Vl45LRotkO2tkeEAEgzNS3JGDJBqABgaGLmwPIAQmoAwHIA0iqBOABT9AsHnbvnagIHbDCrslyAVyDwmveTSHaFNzUogX_3-nCuF6lSh6fhWvwdhujOlGuP_CKdjIhERM4pgrbi4MvBYzAwpAGg1Y8OUO21mVE-O0fOCoOyl4x0-XB34XgJ1cM78HZ61XKFKs8mqjbdQiB68qPhmDq-GNg3Co4lJdRgvvZ6oE2NTVCT-NO-_va14UH22QQBnyB2jGeBTmQ28BX8A3jFpNvfips2ZVtNeY39D_NEG33BRG3EU73Xnj0uV6aHK213Fl3-jM3UCMz3FHNxn8wtKIx09AzSNElNhsokjXABMuSpt3XA5IFBAgEGAGSBQQIBRgEoAYugAfn3vRkqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBC-tgjSCAcIgGEQARhfgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTY1ODYwMjE1Mzc2MzMxMjYYAA&sigh=Sa3TasximeE&template_id=419
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Oct 2021 14:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 17 Oct 2021 14:02:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 3DAE 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 13:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Oct 2021 13:59:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3DAE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Oct 2021 14:02:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DAE 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Oct 2021 14:02:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 3DAE 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 13:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Oct 2021 13:56:49 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C5B5 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkSrbUxMnJ5WjRIneki2LtPuC5B3eWzWTkVLbpVIDwyd71K2T5JqDjlchv1C0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 17 Oct 2021 13:09:53 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3DAE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
913198ec7118e5b0632c7d7f4ec32f38daaa34d7c2045eee83c7484b72b146ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/ Frame 4D5C 		70 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
ca85fe4a58e269b8a0811c76fc20955e16ab54aa99ec15b205d190b084307cdb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/5960526653118807895/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin
*
date
Wed, 13 Oct 2021 14:41:30 GMT
expires
Thu, 13 Oct 2022 14:41:30 GMT
last-modified
Fri, 10 Sep 2021 01:48:07 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
19021
age
343286
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame D33B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CLrKiDy1sYd-NIdrOtwfYtYSADtSMuMZl577p3sIO2tkeEAEgzNS3JGDJBqABgaGLmwPIAQmoAwHIA0iqBOMBT9BjyO0n1fUWP2Jj0wqAOw-cPt90MJFqC3pzaMHhMAM3X83DBcRBJxqr0_M-XoHDY4UZuQ8nuUXXQhR7RXR_1wwjXCuKf9U2-eNO8uVw7D39RDlzSjhBbY5OBTTZqHgYdh3n4QDK0Ky2pGOvl1PayjfTvB6Gbfnw5k8PGBgNJGN2clkhrqvvLEvMcFfaacdQnqTbJKB0UDMgAqGzS6t22U58zSmgJdQYHyepEmMrn733e8-e9OFfl3uSficF99wVNS5tvKLpAIdw5PrAldq3vSIqv2NNHDYKKT-m7E8Rs6boCJLABO2-ravVA5IFBAgEGAGSBQQIBRgEoAYugAfn3vRkqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBCA5gjSCAcIgGEQARhfgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTY1ODYwMjE1Mzc2MzMxMjYYAA&sigh=_zm51lxNWiQ&template_id=419
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 17 Oct 2021 14:02:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame D33B 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 13:59:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Oct 2021 13:59:53 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D33B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 13:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Oct 2021 13:53:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D33B 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 17 Oct 2021 14:02:56 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D33B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:01:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 31 Oct 2021 14:01:48 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BB55 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 18:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Oct 2021 18:00:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BB55 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Oct 2021 13:46:49 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C5B5
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2708811289&adk=4089672045&adf=3235933448&pi=t.ma~as.2708811289&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375355&bpp=1&bdt=703&idt=118&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&prev_fmts=938x280&correlator=1831311617889&frm=20&pv=1&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=805&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=BiLWeOqOYT&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkSrbUxMnJ5WjRIneki2LtPuC5B3eWzWTkVLbpVIDwyd71K2T5JqDjlchv1C0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 14:02:56 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 17-Oct-2021 15:02:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 17 Oct 2021 14:02:56 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 14:02:56 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 07FE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkSrbUxMnJ5WjRIneki2LtPuC5B3eWzWTkVLbpVIDwyd71K2T5JqDjlchv1C0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 17 Oct 2021 13:09:53 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame D33B 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3baa5fb93cf3b24acdc604874f3b260648d22805cccc55e7af9d10581fcd6b41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
null
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/ Frame BB55 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/null
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:56 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 17 Oct 2021 14:02:56 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4D5C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 18:00:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 17 Oct 2021 18:00:57 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4D5C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 13:46:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 18 Oct 2021 13:46:49 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 07FE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6586021537633126&output=html&h=280&slotname=2841082347&adk=826057586&adf=4283947098&pi=t.ma~as.2841082347&w=938&fwrn=4&fwrnh=100&lmt=1634479375&rafmt=1&psa=0&format=938x280&url=https%3A%2F%2Fxn--220b31d95hq8o.xn--3e0b707e%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634479375350&bpp=5&bdt=699&idt=98&shv=r20211013&mjsv=m202110120101&ptt=9&saldr=aa&abxe=1&correlator=1831311617889&frm=20&pv=2&ga_vid=42516202.1634479375&ga_sid=1634479375&ga_hid=775592676&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=331&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062937%2C31063156%2C31062524%2C31062931&oid=2&pvsid=1752829138750024&pem=14&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=BA2ToLBqXQ&p=https%3A//xn--220b31d95hq8o.xn--3e0b707e&dtd=116
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUkSrbUxMnJ5WjRIneki2LtPuC5B3eWzWTkVLbpVIDwyd71K2T5JqDjlchv1C0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 14:02:56 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 17-Oct-2021 15:02:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 17 Oct 2021 14:02:56 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 17 Oct 2021 14:02:56 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
null
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/ Frame 4D5C 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/null
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:56 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 17 Oct 2021 14:02:56 GMT
jquery-1.6.2.min.js
img.mobon.net/js/ Frame DA3A 		89 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/jquery-1.6.2.min.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/iadbn?from=&s=132364&psb=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
80f4f0fef93d99ae6a0ef3f6a583f6eba8d73655ad5a7c2b9febe4aae1eeead6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:57 GMT
Via
1.1 PShgseSEL3fh100:2 (W), 1.1 PShgseSEL4qy133:8 (W)
Last-Modified
Thu, 05 May 2016 06:31:46 GMT
Server
PWS/8.3.1.0.8
Age
51276
ETag
"f021d0-165a4-532127f0e5880"
X-Ws-Request-Id
616c2d11_PShgseSEL4su143_18847-61889
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4qy133GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91556
jquery-1.9.1.min.js
img.mobon.net/newAd/js/ Frame DA3A 		109 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/js/jquery-1.9.1.min.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/iadbn?from=&s=132364&psb=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c9575134a9a9a47d67dd3f14687c8fddac00b1bc60738fa5b7210cad803f54a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:57 GMT
Via
1.1 PShgseSEL3fh100:10 (W), 1.1 PShgseSEL4vx139:3 (W)
Last-Modified
Tue, 14 Aug 2018 01:15:32 GMT
Server
PWS/8.3.1.0.8
Age
32860
ETag
"1001139-1b3c0-5735af24c9f29"
X-Ws-Request-Id
616c2d11_PShgseSEL4su143_18222-37628
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4vx139GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
111552
mobonStorage.js
img.mobon.net/js/ Frame DA3A 		510 B
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/mobonStorage.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/iadbn?from=&s=132364&psb=99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2d324c3aea5c17f7b31bd5ccbbef34b956f362faa686d238c40c78bcc6a00fdb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:57 GMT
Via
1.1 PShgseSEL4zt173:4 (W), 1.1 PShgseSEL4wl132:6 (W)
Last-Modified
Thu, 15 Apr 2021 11:10:33 GMT
Server
PWS/8.3.1.0.8
Age
71197
ETag
"f08574-1fe-5c000e97cf64a"
X-Ws-Request-Id
616c2d11_PShgseSEL4wb142_30057-41072
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4wl132GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
510
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 4D5C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 17:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
75642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 16 Oct 2022 17:02:14 GMT
BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/ Frame 4D5C 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/BG.jpg
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
77d12fdf7ad969dc063b7e81eedd5e2ad2265f897c45efad84e1005389eb2f26
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
601495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101217
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 01:48:07 GMT
server
sffe
date
Sun, 10 Oct 2021 14:58:01 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 10 Oct 2022 14:58:01 GMT
truncated
/ Frame 4D5C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
seemore-h.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/ Frame 4D5C 		1004 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/seemore-h.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
dd1d15147c400e50571d90c7daa4bccd862d60ec1dc1bb5a46c671fc0049c0bd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1004
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 01:48:07 GMT
server
sffe
date
Sun, 17 Oct 2021 14:02:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Oct 2022 14:02:56 GMT
wp_rcFloat.js
img.mobon.net/mediaCategory/newAd/ 		22 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/mediaCategory/newAd/wp_rcFloat.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:57 GMT
Via
1.1 PShgseSEL7jo101:8 (W), 1.1 PShgseSEL4vx139:9 (W)
Last-Modified
Thu, 22 Nov 2018 05:56:29 GMT
Server
PWS/8.3.1.0.8
Age
32577
ETag
"f22405-16-57b3a872f5459"
X-Ws-Request-Id
616c2d11_PShgseSEL4su143_16868-7866
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4vx139GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame BB55 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 17:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
75642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 16 Oct 2022 17:02:14 GMT
BG.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/ Frame BB55 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/BG.jpg
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
cca334dc9a73af3ee514d44720d77c8292a75f6a03ff9a78aafcf15f9aa61bc9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48865
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 01:41:45 GMT
server
sffe
date
Sun, 17 Oct 2021 14:02:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Oct 2022 14:02:56 GMT
truncated
/ Frame BB55 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
seemore-h.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/ Frame BB55 		922 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/seemore-h.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
484330641cece9095f3707196632874e81ef5f5af7f98755f1c2332f996917d5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
922
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 01:41:45 GMT
server
sffe
date
Sun, 17 Oct 2021 14:02:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 17 Oct 2022 14:02:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3DAE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWGYFyJ6DnyE4gl962Sb149pi70BQ2AhrSCHryYkWGnJCKDf-TaTSVKJdLHGDrgPLpyJ24uyA-7smfGLg6BifYBYu4ONn-yjKs9GU0rH0dXoYO_H0&sai=AMfl-YSUqKBC6im6FJHDWEQgQrFN1ENp0eDNp3tWzeqbDGNB8DIhRc2Wzs94sRH9U-AT4H3BbwJU6hi1D1Go&sig=Cg0ArKJSzHYvhmWuVJtBEAE&id=lidar2&mcvt=1001&p=0,0,242,938&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4089672045&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634479376136&rpt=137&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 14:02:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D33B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssU30XQ2EzQG703luA2ZbRzXXxtGel58hHa_Zrd4df1xyjqa685COhmSWhBTyElXCdjA7Avld2Fs5OHkNh01CB_SmGq4PBYGt7iaAr2DvdZvUz0IQc&sai=AMfl-YR75cFiM_57ig_APLTEtBoVJtYEFcF6rkEqwWKoKuo6fBPW2uyQbokxyeeUZkSuuSs9DJXq7ASt6OtF&sig=Cg0ArKJSzOC7jhEvAOYiEAE&id=lidar2&mcvt=1001&p=0,0,242,938&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=826057586&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634479376295&rpt=99&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 14:02:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set adBanner
www.mediacategory.com/servlet/ Frame 41A6 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBannerFloating?from=&s=132363&align=right&iwh=300_250&igb=74&types=video&fType=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
119.205.238.29 , Korea, Republic Of, ASN4766 (KIXS-AS-KR Korea Telecom, KR),
Reverse DNS
Software
/
Resource Hash
444d7d5f18a3e88afafc4b3dd27d162d683612da1d29d32c6e16beb093892656

Request headers

Host
www.mediacategory.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
Accept-Encoding
gzip, deflate, br
Cookie
Start_Time="2021101723"; s_IP_info="216.131.114.211.4243"; s_au_id="9bceae6b2db9341152b695e017c8e8ca48e-1cb5"; iDev="(1634479376162)IP_info^216.131.114.211.4243#"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

Pragma
no-cache
Cache-Control
no-cache
P3P
CP='CAO PSA CONi OTR OUR DEM ONL'
Set-Cookie
s_IP_info="216.131.114.211.4243"; Domain=.mediacategory.com; Max-Age=63072000; SameSite=None; Secure; Path=/ abTestType="(1634479377346)SG_BA^BA48#SG_AW^AW85#SG_AT^AT075#SG_AQ^AQ071#SG_AL^AL81#SG_AE^AE70#SG_AI^AI29#SG_AF^AF02#SG_AD^AD01#SG_AC^AC03#SG_AA^AA10#SG_Y^Y38#SG_R^R41#SG_P^P62#SG_N^N100#SG_K^K02#SG_H^H92#SG_D^D57#SG_C^C15#SG_B^B43#SG_A^A14#"; Domain=.mediacategory.com; Max-Age=5184000; SameSite=None; Secure; Path=/
vary
accept-encoding
Content-Encoding
gzip
Content-Type
text/html;charset=euc-kr
Transfer-Encoding
chunked
Date
Sun, 17 Oct 2021 14:02:57 GMT
Keep-Alive
timeout=5
Connection
keep-alive
close_video_bt.png
img.mobon.net/mediaCategory/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/mediaCategory/image/close_video_bt.png
Requested by
Host: xn--220b31d95hq8o.xn--3e0b707e
URL: https://xn--220b31d95hq8o.xn--3e0b707e/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:57 GMT
Via
1.1 PShgseSEL4tn171:2 (W), 1.1 PShgseSEL4qy133:14 (W)
Last-Modified
Thu, 22 Nov 2018 05:59:00 GMT
Server
PWS/8.3.1.0.8
Age
64943
ETag
"f0427d-bec-57b3a902d2dc9"
X-Ws-Request-Id
616c2d11_PShgseSEL4su143_16868-7879
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4qy133GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3052
mobon_reset.css
img.mobon.net/Frtb/common/css/ Frame 41A6 		9 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
7c8c025d7dd2c47c73ea422981c6d6cdc9388d6c445e9536e13856140426ce40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.0 PShgseSEL4tn171:8 (W), 1.1 PShgseSEL4wb142:9 (W)
Last-Modified
Tue, 16 Feb 2021 02:57:40 GMT
Server
PWS/8.3.1.0.8
Age
43096
ETag
"f0265d-2388-5bb6b43fd5a20"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_16868-7902
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4wb142GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9096
jquery.js
img.mobon.net/Frtb/common/script/ Frame 41A6 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/script/jquery.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL7jo101:9 (W), 1.1 PShgseSEL4qy133:0 (W)
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
PWS/8.3.1.0.8
Age
29065
ETag
"f0272e-16b3b-5935d7c543da4"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_18222-37651
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4qy133GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
92987
mobonStorage.js
img.mobon.net/js/ Frame 41A6 		510 B
984 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/mobonStorage.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
2d324c3aea5c17f7b31bd5ccbbef34b956f362faa686d238c40c78bcc6a00fdb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL4zt173:4 (W), 1.1 PShgseSEL4wl132:6 (W)
Last-Modified
Thu, 15 Apr 2021 11:10:33 GMT
Server
PWS/8.3.1.0.8
Age
71198
ETag
"f08574-1fe-5c000e97cf64a"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_18847-61914
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4wl132GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
510
webutil.js
img.mobon.net/newAd/common/ Frame 41A6 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/common/webutil.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL4im170:3 (W), 1.1 PShgseSEL4zm141:15 (W)
Last-Modified
Wed, 18 Apr 2018 04:47:59 GMT
Server
PWS/8.3.1.0.8
Age
29228
ETag
"f40c8c-dd0-56a1828c66b1a"
X-Ws-Request-Id
616c2d12_PShgseSEL4wb142_30057-41099
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4zm141GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3536
frame_default_script_S.js
img.mobon.net/Frtb/js/ Frame 41A6 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/js/frame_default_script_S.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0a380125b32697acc8f49b0eeb08fb70b4aee7123317fe9dee7beb06bfe6f043

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL4zd34:2 (W), 1.1 PShgseSEL4zt173:0 (W), 1.1 PShgseSEL4wb142:10 (W)
Last-Modified
Wed, 14 Jul 2021 09:06:17 GMT
Server
PWS/8.3.1.0.8
Age
16867
ETag
"f011c6-64a2-5c711aad42e6a"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_15497-16863
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4wb142GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25762
nr_type1.css
img.mobon.net/Frtb/common/css/ Frame 41A6 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/Frtb/common/css/nr_type1.css?124
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL4im170:3 (W), 1.1 PShgseSEL4vx139:5 (W)
Last-Modified
Wed, 25 Sep 2019 09:43:30 GMT
Server
PWS/8.3.1.0.8
Age
32898
ETag
"f0116e-436-5935d7c53fb3c"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_18847-61921
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4vx139GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1078
jquery.easing-1.3.js
img.mobon.net/newAd/js/ Frame 41A6 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/newAd/js/jquery.easing-1.3.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
874796472d4d858bdfabd97f64d19c8c049e72bb344d1e3a5b5a999209fd51dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL3fh100:6 (W), 1.1 PShgseSEL4vx139:15 (W)
Last-Modified
Thu, 05 May 2016 06:31:47 GMT
Server
PWS/8.3.1.0.8
Age
32875
ETag
"100113f-1fa1-532127f1d9ac0"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_16868-7925
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4vx139GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8097
bounceRate.js
img.mobon.net/js/ Frame 41A6 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.mobon.net/js/bounceRate.js
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL4ex172:0 (W), 1.1 PShgseSEL4vx139:0 (W)
Last-Modified
Thu, 04 Feb 2021 05:36:00 GMT
Server
PWS/8.3.1.0.8
Age
32904
ETag
"f07ff5-bf1-5ba7c14227b88"
X-Ws-Request-Id
616c2d12_PShgseSEL4wb142_30057-41112
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4vx139GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3057
mobonLogo02.png
img.mobon.net/newAd/img/logoImg/ Frame 41A6 		647 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/newAd/img/logoImg/mobonLogo02.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/mobon_reset.css?201706292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL7jo101:4 (W), 1.1 PShgseSEL4wl132:7 (W)
Last-Modified
Thu, 16 Aug 2018 00:58:34 GMT
Server
PWS/8.3.1.0.8
Age
15858
ETag
"10010c6-287-57382f14d9e5f"
X-Ws-Request-Id
616c2d12_PShgseSEL4wb142_30057-41126
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4wl132GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
647
ic_location.png
img.mobon.net/Frtb/images/ Frame 41A6 		264 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/Frtb/images/ic_location.png
Requested by
Host: img.mobon.net
URL: https://img.mobon.net/Frtb/common/css/nr_type1.css?124
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
eb40338042d0deac1119cd0e91aad83ecae0de04dc0c2895d1780959cfd7eb4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://img.mobon.net/Frtb/common/css/nr_type1.css?124
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL3ek160:8 (W), 1.1 PShgseSEL4zm141:12 (W)
Last-Modified
Tue, 26 Jun 2018 06:38:35 GMT
Server
PWS/8.3.1.0.8
Age
28039
ETag
"f01143-108-56f85bf584a76"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_16868-7944
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4zm141GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
264
0622123736-wzR4JtG17.png
img.mobon.net/ad/imgfile//2021/eWFqYXR2bWt0/ Frame 41A6 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobon.net/ad/imgfile//2021/eWFqYXR2bWt0/0622123736-wzR4JtG17.png
Requested by
Host: www.mediacategory.com
URL: https://www.mediacategory.com/servlet/adBanner?from=&s=132363&iwh=300_250&igb=74&types=video&align=right
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.0.113.209 , Korea, Republic Of, ASN38107 (CDNETWORKS-AS-KR CDNetworks, KR),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
8df5d27bb418014a90ed7f624577a20cd18cadf6f789540007a124c4082fe812

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.mediacategory.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 17 Oct 2021 14:02:58 GMT
Via
1.1 PShgseSEL4ex172:5 (W), 1.1 PShgseSEL4wl132:12 (W)
Last-Modified
Tue, 22 Jun 2021 03:46:29 GMT
Server
PWS/8.3.1.0.8
Age
13549
ETag
"11725cac-1e9c7-5c552a2a07422"
X-Ws-Request-Id
616c2d12_PShgseSEL4su143_18847-61927
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
X-Px
ht PShgseSEL4wl132GMP
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
125383
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a32fc72e77df4f05099e111d4ed78071f49fc1be014a9ba38b68b6641b49bdd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 17 Oct 2021 14:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8641
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110120101/show_ads_impl_fy2019.js?bust=31063156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:02:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 17 Oct 2021 14:02:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 66B0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 17 Oct 2021 13:57:21 GMT
expires
Mon, 17 Oct 2022 13:57:21 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
338
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A907 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
356d6a8e8495a24af5786a09818b4491fe7c54a2917e821daefaacf1907ae94f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UcAX+bnhnJYG/ljbjxVW4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://xn--220b31d95hq8o.xn--3e0b707e/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 17 Oct 2021 14:02:59 GMT
date
Sun, 17 Oct 2021 14:02:59 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-UcAX+bnhnJYG/ljbjxVW4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame A907 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=1752829138750024&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 66B0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 17:02:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
75645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 16 Oct 2022 17:02:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=1752829138750024&bg=!vb6lvvrNAAao6lBpqOo7ACkAdvg8WjNADe7ex91om682ki0pMk0TusOLa2pzQeLrhsHndqNyfF-MBAIAAACVUgAAABJoAQcKAAaYWbzcmw-ZAshI5tsp5VI5eiMeND1J4caNJXx8EbEWJa2C3txDpD7w-lhb8USSOdatNZKt-QMAlFuK-mN9D9Ss2UbYPx-8cefLSwvkPAMz5RA_dgmxZ8HDrjEmIg4ktVlD1CLO4LZQqTqZY9NuMqeE0cFkVHOYrUlhHLH0-lVhs0WJnBVSP24199h7wWifVOy1lgc0R-FDU_kHA4eTrE8u4yUYvx2Abyzmkpnp6dWfk2_WEslq-nHahdhQQdY_PsR2KCE_kIn9sAEB-ddbv9vFJq1Ugk31qseHH3IecdcBkkEk5mdJNVTg7iSYU_q3TK4CAEsW_ZT28zdiWqRuI-JSqb_gwYDN-VP4FUeronxya8yyyyr8ViPonTGNVOZo-k2rwDcKhyoC0OLlR1MmLupEVVulqyejHGRiiV-zSyP-nNoypIgppwQAUh7aS71Yy5panCnd9LfXD2Uyb_SV9r4eXNbhctuRrub9WOCeFZSYLfZR1X10EIF_5z9dKu2hh-XzJkqUt6YZkRMpTKzUQj7dCEx4O0PtwVzxp3EzEPodo0_7GazQuxsNhW2HZHgFg1fE3ZL96lzUQ62-H4F94GONT3SdV_b4REUSVoYAwkxV6HzQsnXHpaH0fC8bKeQk41ZLga3i_1IU4_FJnZYKoAIaIP-BjuWpJ-_39H5i_NNmPcD9CyEZYjt4STwnhxU4ioHKT78n58vi9sh1N4AijsgS00p25i-bLLYneUKFkMMFB7bbMrSEcmrHMDTcT6bXBkW6w-GbIIuG1T0WQbHC7YNogdobb-IdhAxl3i935wJ2Kxcf4wvVMy2uRIlpNzNcw9BjcCXInqTBukPf4vxvl1NldYruEYtzKuCD9zRxwlj34B7FTcl4a47mRf_NOi6R1BnaxbxEv8ci4sJSaujRJyOgXPOiouCAQfI7nseNmzu6PpVTfPwZvOj6ZlFiWNp3ftJs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xn--220b31d95hq8o.xn--3e0b707e/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Oct 2021 14:02:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| Ajax function| captcha_get string| GoogleAnalyticsObject function| ga object| adsbygoogle object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| defaults object| options object| productTypeValues object| platformTypeValues function| enlipleMBSHandler object| googletag function| mf_close function| mobon_postMessage function| mobon_animate object| wp_util object| wp_Toast undefined| wp_adbn_object function| resize string| wp_rcFloat object| GoogleGcLKhOms

21 Cookies

Domain/Path Name / Value
xn--220b31d95hq8o.xn--3e0b707e/ Name: PHPSESSID
Value: 0llo24eku69cnj9vr3ssg44cr7
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _ga
Value: GA1.2.42516202.1634479375
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _gid
Value: GA1.2.1591929339.1634479375
.xn--220b31d95hq8o.xn--3e0b707e/ Name: _gat
Value: 1
.xn--220b31d95hq8o.xn--3e0b707e/ Name: __gads
Value: ID=4dc2527c10b90116-2265d47af7ca00e3:T=1634479375:RT=1634479375:S=ALNI_Mamtc2zA3ezZf_Po-gI5nZqY8ktBg
.doubleclick.net/ Name: IDE
Value: AHWqTUkSrbUxMnJ5WjRIneki2LtPuC5B3eWzWTkVLbpVIDwyd71K2T5JqDjlchv1C0s
.mediacategory.com/ Name: Start_Time
Value: "2021101723"
.doubleclick.net/ Name: DSID
Value: NO_DATA
.mediacategory.com/ Name: s_IP_info
Value: "216.131.114.211.4243"
.mediacategory.com/ Name: s_au_id
Value: "7c32188ae7545a713adbe74d17c8e8b60223ab"
.mediacategory.com/ Name: dsck
Value: "132364_c2022d129e39458f97996845d23735ae_AD_ico_1_96_____"
.mediacategory.com/ Name: site_code
Value: "132364_c2022d129e39458f97996845d23735ae_AD_ico_1_96_____"
.mediacategory.com/ Name: mob_ad_grp
Value: "132364_c2022d129e39458f97996845d23735ae_AD_ico_dumy_dumy_dumy_dumy_dumy_01"
.mediacategory.com/ Name: dsck_frame_matr
Value: "132364_c2022d129e39458f97996845d23735ae_AD_ico_dumy_dumy_dumy_dumy_dumy_N_dumy"
.mediacategory.com/ Name: ad_click_time
Value: "20211017230257"
.mediacategory.com/ Name: iCk
Value: "(1634479377592)132364^c2022d129e39458f97996845d23735ae^ico^AD^^20211017230257^1^96^^^^^^^^48^dumy_dumy_dumy_dumy_dumy_N_dumy#"
.mediacategory.com/ Name: iSendChk
Value: "(1634479377592)1(20211017230757)#"
.mediacategory.com/ Name: isCoverInflow
Value: "(1634479377592)Y#"
.mediacategory.com/ Name: reffer_domain
Value: "(1634479377592)mediacategory.com(20211017230257)|"
.mediacategory.com/ Name: abTestType
Value: "(1634479377592)SG_BA^BA59#SG_AW^AW56#SG_AT^AT052#SG_AQ^AQ055#SG_AL^AL55#SG_AE^AE57#SG_AI^AI30#SG_AF^AF02#SG_AD^AD01#SG_AC^AC01#SG_AA^AA09#SG_Y^Y59#SG_R^R61#SG_P^P32#SG_N^N75#SG_K^K98#SG_H^H77#SG_D^D51#SG_C^C10#SG_B^B27#SG_A^A15#"
.mediacategory.com/ Name: iDev
Value: "(1634479377592)IP_info^216.131.114.211.3413#"

2 Console Messages

Source Level URL
Text
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5960526653118807895/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17278275075902057743/null
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cdn.megadata.co.kr
googleads.g.doubleclick.net
img.mobon.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.mediacategory.com
xn--220b31d95hq8o.xn--3e0b707e
zz.am
119.205.238.29
139.99.89.153
139.99.90.56
14.0.113.205
14.0.113.209
142.250.184.194
142.250.185.225
142.250.185.66
142.250.186.130
142.250.186.174
142.250.186.34
172.217.23.100
0900bfb5209cd9fa513292ca9582403a066876cfd6a2287be24100cf5956a8ca
0a380125b32697acc8f49b0eeb08fb70b4aee7123317fe9dee7beb06bfe6f043
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0dc5006fdd80088be2fac4891162221d4ff989724f2297683fa6dbdc3856fea2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
256ccac77179355638779ff71721389b1287a830118413b7d0327c131c01720d
272cbf91e4e8131d5193f8d16beec202141a89c27bc09f50af3f7657e67fc66b
2d324c3aea5c17f7b31bd5ccbbef34b956f362faa686d238c40c78bcc6a00fdb
3131fd3e0a57b2fa779fe4c2f0b4b3c84a7b71c87036556590103cec14c04dec
356d6a8e8495a24af5786a09818b4491fe7c54a2917e821daefaacf1907ae94f
3a10264b625e2af4fe4c61261615351e3d42fce2f856a1488e5d9d8a798e30e1
3baa5fb93cf3b24acdc604874f3b260648d22805cccc55e7af9d10581fcd6b41
3d7909e35e10e81a3084b93b863074f8251812adac03dc74c0d1afc6b68a748a
3e237fa20995aa49649003d14614a21eeafce2f40b2991c75cdcc045fe01e55f
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
444d7d5f18a3e88afafc4b3dd27d162d683612da1d29d32c6e16beb093892656
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
484330641cece9095f3707196632874e81ef5f5af7f98755f1c2332f996917d5
4d44a67191aa91af866bfde406d0be59f800e574711fe73a7292c097165a0e06
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52159b44f75bd1115368c3259895d07487c1c4e22bf7bb67736358da18739e55
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
6932ecfb20270ea73feb87a8c6f57e64b2f68cbee0d310b9ce2e65c2d112fef4
77d12fdf7ad969dc063b7e81eedd5e2ad2265f897c45efad84e1005389eb2f26
797a1ac301fa13ba3f22eef3f1f53fd0555f8eb14cedd4a113df079db95716b2
7c7cd7a7155d3d38bb49fc82c83aa14ed24d56f6886623299b13b6a81486a871
7c8c025d7dd2c47c73ea422981c6d6cdc9388d6c445e9536e13856140426ce40
80f4f0fef93d99ae6a0ef3f6a583f6eba8d73655ad5a7c2b9febe4aae1eeead6
874796472d4d858bdfabd97f64d19c8c049e72bb344d1e3a5b5a999209fd51dc
8df5d27bb418014a90ed7f624577a20cd18cadf6f789540007a124c4082fe812
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
913198ec7118e5b0632c7d7f4ec32f38daaa34d7c2045eee83c7484b72b146ff
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a32fc72e77df4f05099e111d4ed78071f49fc1be014a9ba38b68b6641b49bdd6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b4ed6d5e837a0bb24d1b1d16c6f9716ac7217a1cffff7f88b61684dd8422152d
b5d42b8cc1904cab933c5dfcf1e92f60f4b1a73451b6a7f5f3a4aa534141846a
b74bdecedad944693adcf881e5e2df86513e8bbc745c5e6f89d941ba90e0ab96
b7fcc8be822be670bfb14616acd1537e00f3cad117935c778092e14127b674f5
c217942c4bfaa09541a5b564109300d9d6535ff317832f5c5d42686f161e547c
c9575134a9a9a47d67dd3f14687c8fddac00b1bc60738fa5b7210cad803f54a6
ca85fe4a58e269b8a0811c76fc20955e16ab54aa99ec15b205d190b084307cdb
cca334dc9a73af3ee514d44720d77c8292a75f6a03ff9a78aafcf15f9aa61bc9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20a8120f28bf1706e8708648a253785918382d2ff652a798ae807eb7b8c7525
dd1d15147c400e50571d90c7daa4bccd862d60ec1dc1bb5a46c671fc0049c0bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a23f55f2d22e7484c40dafe805c8489d4d5d799865ee2b07954cca631312b
eb40338042d0deac1119cd0e91aad83ecae0de04dc0c2895d1780959cfd7eb4c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62