cs16.info Open in urlscan Pro
2606:4700:3037::ac43:d835 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cs16.info/
Effective URL:
https://cs16.info/
Submission: On October 17 via api (October 17th 2023, 1:52:34 pm UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 8 countries across 27 domains to perform 138 HTTP transactions. The main IP is 2606:4700:3037::ac43:d835, located in United States and belongs to CLOUDFLARENET, US. The main domain is cs16.info.
TLS certificate: Issued by GTS CA 1P5 on September 3rd 2023. Valid for: 3 months.

This is the only time cs16.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:303... 2606:4700:3037::ac43:d835	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
5 16	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 30	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4 4	52.57.206.211 52.57.206.211	16509 (AMAZON-02) (AMAZON-02)
1 2	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.127.91.113 3.127.91.113	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
2 2	104.75.88.210 104.75.88.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:d9e9:4576:4b39:3a88	16509 (AMAZON-02) (AMAZON-02)
2 4	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:c184:4582:9358:8e30	16509 (AMAZON-02) (AMAZON-02)
138	25

15 2606:4700:3037::ac43:d835 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cs16.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.206.211 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-206-211.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.105.8 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.91.113 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-91-113.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.229 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-210.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:d9e9:4576:4b39:3a88 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.32.185.35 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.74.118 (Groningen, Netherlands) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:c184:4582:9358:8e30 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	537 KB
36	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	214 KB
15	cs16.info 1 redirects cs16.info	266 KB
11	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	601 B
10	gstatic.com www.gstatic.com fonts.gstatic.com	183 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	294 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	5 KB
4	teads.tv 2 redirects sync.teads.tv — Cisco Umbrella Rank: 1584	948 B
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 643	3 KB
4	w55c.net 4 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	3 KB
2	simpli.fi 2 redirects um.simpli.fi — Cisco Umbrella Rank: 952	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	207 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2090	1 KB
2	ctnsnet.com 2 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8315	1 KB
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 648	725 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	291 B
2	blismedia.com 1 redirects tr.blismedia.com — Cisco Umbrella Rank: 2268	574 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024 r.turn.com — Cisco Umbrella Rank: 4738	869 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	712 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	149 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2075	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1386	213 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 847	187 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2250	249 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	83 KB
138	27

	Domain	Requested by
28	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
20	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
16	pagead2.googlesyndication.com	cs16.info pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	cs16.info	1 redirects cs16.info
10	www.googleadservices.com	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	cs16.info googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	sync.teads.tv	2 redirects googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	pm.w55c.net	4 redirects
2	um.simpli.fi	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	ius.ctnsnet.com	2 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	x.bidswitch.net	googleads.g.doubleclick.net
2	tr.blismedia.com	1 redirects googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	cs16.info
138	33

This site contains links to these domains. Also see Links.

Domain
counter-strike-download.net
store.steampowered.com
www.valvesoftware.com

Subject Issuer	Validity	Valid
cs16.info GTS CA 1P5	`2023-09-03` - `2023-12-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://cs16.info/
Frame ID: 3C55D08C99F0F4390ABAE2C585845863
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: FE24285650318BAF6F90F982CE165FA2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&adk=1812271804&adf=3025194257&lmt=1690160519&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l&format=0x0&url=https%3A%2F%2Fcs16.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750028&bpp=3&bdt=191&idt=248&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7904705436484&frm=20&pv=2&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Frame ID: BB76F1394ED8459C4EC5922B444A2F54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&slotname=6738540145&adk=941977971&adf=854766408&pi=t.ma~as.6738540145&w=940&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&format=940x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750031&bpp=1&bdt=194&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6sjRlFgKYH&p=https%3A//cs16.info&dtd=276
Frame ID: 64DCF60A0947E773DD8921DA20978D4E
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 425A9D76985752897DEE531DE9E9EB72
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 537B6B20B620FBC687F17F2EF7FCB397
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4
Frame ID: B68FF3194EC5AA640BE649FBAD966564
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8
Frame ID: E40D94DFEF983893192F0EAA99210506
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11
Frame ID: 38A07847B06DB8CAEF1EB2CCD0B03AAF
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5
Frame ID: 3C76106DEDC43063D79103C7CB84830B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F75D5B132FB270545FE09EEB1C96F3E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 11FC5915879D866DE33C52FDB9A923F4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99C3B64BEA519DD00954D38286372F3B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28C615799B5261A99C08AC4D61E671EC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2FE58EADA5AF8BCFCFBD1B14432885AE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 512D6DC2CEF878FC382D7645FA469BCB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 9306EA94D6C335646A5D34F227A1D509
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 9FB6801E3ECB5D78A8C1B96321033845
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: F11BA1F1D17AA82804BE274040782E5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 16929E0F3B4533623432D74C6F377B2E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: 769A661170D88643630115101ACAE6CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CS 1.6 - Counter-Strike 1.6 Download Free Game (2023)

Page URL History Show full URLs

http://cs16.info/ HTTP 301
https://cs16.info/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

138
Requests

84 %
HTTPS

53 %
IPv6

27
Domains

33
Subdomains

25
IPs

8
Countries

1586 kB
Transfer

3656 kB
Size

30
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://counter-strike-download.net/
Title: CS 1.6

Search URL Search Domain Scan URL

URL: https://store.steampowered.com/
Title: STEAM

Search URL Search Domain Scan URL

URL: https://www.valvesoftware.com/en/
Title: Valve

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cs16.info/ HTTP 301
https://cs16.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENCN32JZpO7nsPiDyoQfJK4&google_cver=1&google_push=AXcoOmSIZRh8zFthrhT2JFrhV4ttMmb4TNEZCIVKSVKzkcoDgIDpNKDEv8UhaO8fyr7L5bKofeR1f3lxKH6v6uPVn2uErVsvWQUg-w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA0OTIwMTAxNzY1NzE1MjkxMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGYeC5N74klPpr86RvBKDwo&google_cver=1

Request Chain 45

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cver=1&google_push=AXcoOmTaN8KNrmsMAOj4sXyHCqxp8_7PC389f06AqPqJX1VmwacGDq91-wKWAwEOMIRdt-I6py5tlvEUtkwOXIcVInMogrU4FPPj HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cver=1&google_push=AXcoOmTaN8KNrmsMAOj4sXyHCqxp8_7PC389f06AqPqJX1VmwacGDq91-wKWAwEOMIRdt-I6py5tlvEUtkwOXIcVInMogrU4FPPj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cver=1&google_push=AXcoOmTaN8KNrmsMAOj4sXyHCqxp8_7PC389f06AqPqJX1VmwacGDq91-wKWAwEOMIRdt-I6py5tlvEUtkwOXIcVInMogrU4FPPj

Request Chain 48

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEf9j_uiRzWwxlklTB5PTys&google_cver=1&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7viIIN9tdSmZkhI1N8h9ZCOI8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEf9j_uiRzWwxlklTB5PTys&google_cver=1&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7viIIN9tdSmZkhI1N8h9ZCOI8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7viIIN9tdSmZkhI1N8h9ZCOI8

Request Chain 50

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJhiTeeDTt_7teDHA_f6W3A&google_cver=1&google_push=AXcoOmT0mnBug4mIDuXZi0YBk_5U_qzKTx5qwNmDQ87hBD0mNxrKLQLpWUPK3HHiYd7Ms0ey7qDUyh65g3RpBijIcItWtnpdbyJKOmE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT0mnBug4mIDuXZi0YBk_5U_qzKTx5qwNmDQ87hBD0mNxrKLQLpWUPK3HHiYd7Ms0ey7qDUyh65g3RpBijIcItWtnpdbyJKOmE&google_hm=hgGvrMA0QiquqlMYERzxoSM

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 53

https://googleads.g.doubleclick.net/pagead/adview?ai=CbfVFnpEuZcetJ8TExtYPxZSWsAGFpffPc63m7Kr0Ee2O_MIDEAEgtou7JWCV4pGCoAegAZjU5rsoyAECqQKjyqkjEa2xPqgDAcgDyQSqBO4BT9Cz4H4NjcfCQOvQgv2bRABz5YWx9YC4lgFHUFnKCOXkZOVGQlqRTPspcKq6XKr4k51_f-B268ci3i4Gt0dNz_HyAr1ashf7UHZZdIiFwrvLyxXwkxEyHCCpqpDUQMLD_rWjdxUhYgJ3cSe7V2UWcCvP9yp3hE-swDU2eh1K0KW1J8iruza3mnZT1FXRuXysz9HiX4yR53M68yhFcAsUxTV6CDVNMU2cpTtvR-I2PZo_de3twhNLcKD1TytSOJXfHuh0UVGvNk2DVequeqMcRBvQuTryJYdRWK0fdODQFxvBkHMSeSzJ-_9pJUVQdcAEq_XwhMYEiAXFv-G9TJIFBAgEGAGSBQQIBRgEoAYCgAeYjLebA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP30DNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCShodHRwczovL2tlYnJhZ2Fpby5uZXQvZ3JhbmQtdGhlZnQtYXV0by12gAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTgyNDg1Mjg0MTQ2NzMxNDUYAA&sigh=56gM40Ml8ho&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNgkRmnXkcSQHI7bVEutz_qUI9vXLPvSSit5BeC1Aiv1Zb0guSHI-CdPCb83PPgSheCG72LRFsVRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222106365002611360276%22,%22debug_reporting%22:true,%22destination%22:%22https://kebragaio.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210862832152%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212631584416297083281%22}&andc=true

Request Chain 93

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSM7zxHNGzfilW4vvTmi1_MFg4bNPgFf6Qz3XKSlGgDOQCu62JODc3i4W-fXraDw2H3ly090VaD6oNrMAXnVmXBQGoSX-4_lZHgCfvOJzgiNNcvaU-R1pQa6HsHT_8VHn0A1RBYNtotjmMYz_O_ycpStg&google_gid=CAESEKKEq967yXGoF9MgSRDpgZ8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSM7zxHNGzfilW4vvTmi1_MFg4bNPgFf6Qz3XKSlGgDOQCu62JODc3i4W-fXraDw2H3ly090VaD6oNrMAXnVmXBQGoSX-4_lZHgCfvOJzgiNNcvaU-R1pQa6HsHT_8VHn0A1RBYNtotjmMYz_O_ycpStg&google_gid=CAESEKKEq967yXGoF9MgSRDpgZ8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzUyMzEwMDAzNTU3MDMwMTQ1NA%3D%3D&google_push=AXcoOmSM7zxHNGzfilW4vvTmi1_MFg4bNPgFf6Qz3XKSlGgDOQCu62JODc3i4W-fXraDw2H3ly090VaD6oNrMAXnVmXBQGoSX-4_lZHgCfvOJzgiNNcvaU-R1pQa6HsHT_8VHn0A1RBYNtotjmMYz_O_ycpStg

Request Chain 95

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC2VClBintCWzjlZ4px78mo&google_cver=1&google_push=AXcoOmSAcORmUYPev2l4whAx1TiQQF2XmNybtVYUK9_VmajgzQhXrguJCRfpX2_u_mX_Sf0NI4kzoe2HcjkfrEp_scNZMKOrgMkkRaHq2mc_VG4o2dvObVusz2F9Nm5euaF8kC5TWcogJB8gGCPncVcxT2Yasg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmSAcORmUYPev2l4whAx1TiQQF2XmNybtVYUK9_VmajgzQhXrguJCRfpX2_u_mX_Sf0NI4kzoe2HcjkfrEp_scNZMKOrgMkkRaHq2mc_VG4o2dvObVusz2F9Nm5euaF8kC5TWcogJB8gGCPncVcxT2Yasg

Request Chain 97

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGtxtWgkDuvUA2EGf4IG57I&google_cver=1&google_push=AXcoOmQXDpaMCx1bbmjxP3M21YKyPQJRsJ85JgijbLLVSC39uXx3TMyEU0ouUegUV8CbPl7zKrXpQQChLbbRG2RY5zw9EM2c4Ah2PBLVaIyweSQ8OYlBkr_Mbg92SyBJXsT7Ywb_dLJahuRPov6XStJXwR4DxJVP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQXDpaMCx1bbmjxP3M21YKyPQJRsJ85JgijbLLVSC39uXx3TMyEU0ouUegUV8CbPl7zKrXpQQChLbbRG2RY5zw9EM2c4Ah2PBLVaIyweSQ8OYlBkr_Mbg92SyBJXsT7Ywb_dLJahuRPov6XStJXwR4DxJVP HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 102

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO0N-186Bp3bCTyRiQZdAUI&google_cver=1&google_push=AXcoOmTbDV6RZR_rVD3Cy3kVKT3l9hJ-JSvNP6uAqXmF2lG0H8HSvxofLT6BGZsmyJPEf12_Hti1Lp2ssk6TRGuqDm9IcvKOFZqTnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEO0N-186Bp3bCTyRiQZdAUI&google_cver=1&google_push=AXcoOmTbDV6RZR_rVD3Cy3kVKT3l9hJ-JSvNP6uAqXmF2lG0H8HSvxofLT6BGZsmyJPEf12_Hti1Lp2ssk6TRGuqDm9IcvKOFZqTnQ

Request Chain 103

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF7AjiArIO2UoTzuUUhMuMI&google_cver=1&google_push=AXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7AjiArIO2UoTzuUUhMuMI&google_cver=1&google_push=AXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 104

https://um.simpli.fi/gp_match?google_gid=CAESEKvdsSJixkp_Bz-a0-36djg&google_cver=1&google_push=AXcoOmSHaeVilKOj6tBbsSQLFibaubF46SRnGxqpO9JqGiqb4SNpPZb5oWLQu9kY3XgkA040QcowXHY91QaAh6AJ3an0Rl9fRjFywg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24840517F49A44BA92B0A3C1C502B16D&google_push=AXcoOmSHaeVilKOj6tBbsSQLFibaubF46SRnGxqpO9JqGiqb4SNpPZb5oWLQu9kY3XgkA040QcowXHY91QaAh6AJ3an0Rl9fRjFywg

Request Chain 107

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPAKP6u-R7UKklFWqj7dEBI&google_cver=1&google_push=AXcoOmT2crfaW3ek3tB6dLWLLhqteyfqBAnTI3LGVAXZ3PW8_S1JW6OF44wB-QoQ7Jh-XUH6i8Wc1YhIYVYYno3IPHO64AMhOLAb-Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT2crfaW3ek3tB6dLWLLhqteyfqBAnTI3LGVAXZ3PW8_S1JW6OF44wB-QoQ7Jh-XUH6i8Wc1YhIYVYYno3IPHO64AMhOLAb-Q HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 110

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMXrWSxckuiuQOqal7Poofo&google_cver=1&google_push=AXcoOmSjV2pD3H_lcYzyVl5MXrgrr9w7z2tMtxp8IWTTPqltviwTZd7n0a2IHJVhu6l6siBBV6VRPPrOaWZ3tYl_6mfdQr45brF2heI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEMXrWSxckuiuQOqal7Poofo&google_cver=1&google_push=AXcoOmSjV2pD3H_lcYzyVl5MXrgrr9w7z2tMtxp8IWTTPqltviwTZd7n0a2IHJVhu6l6siBBV6VRPPrOaWZ3tYl_6mfdQr45brF2heI

Request Chain 111

https://um.simpli.fi/gp_match?google_gid=CAESELsVKRvR-gpcqLmLqrb-tNw&google_cver=1&google_push=AXcoOmTgsN0KY9VMRNOMhakiNpnhc1gip_pJ5oiB3eBo6W2kM9_hAYOUwjJO9JcgbF-i2t5mMFyClLFb9j3o0hZO7d_rMjdzCcaRdw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AD8A1368CCF4F1F87F3404F6AC9385B&google_push=AXcoOmTgsN0KY9VMRNOMhakiNpnhc1gip_pJ5oiB3eBo6W2kM9_hAYOUwjJO9JcgbF-i2t5mMFyClLFb9j3o0hZO7d_rMjdzCcaRdw

Request Chain 112

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGE4rpP6QAeTjxvLm_AJE7A&google_cver=1&google_push=AXcoOmTRxy6t845V_nfggGYrCq3SAktNmWaPZ4WwfZWUX5gLQujqWM8tLe1UcZYN_z04AFqyxW3k8BJPqqHVRhVsmXAW1lqKfpZ-3Tk HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTRxy6t845V_nfggGYrCq3SAktNmWaPZ4WwfZWUX5gLQujqWM8tLe1UcZYN_z04AFqyxW3k8BJPqqHVRhVsmXAW1lqKfpZ-3Tk&google_hm=hmUukZ-qO9eCJZj0ig&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D652E919FAA3BD7822598F48ABLIS

Request Chain 113

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIhns2SYzDJt_e4mpvB0kTw&google_cver=1&google_push=AXcoOmQlJHbi55397nWJZ0iXWZTxIqeH09sStpoa2l8Wegm4OFMUebID7XJJZWzmbsIQRrI4QEouNBJf6EMz3ImwP1TIsF2cygceDw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQlJHbi55397nWJZ0iXWZTxIqeH09sStpoa2l8Wegm4OFMUebID7XJJZWzmbsIQRrI4QEouNBJf6EMz3ImwP1TIsF2cygceDw&google_hm=eS13X2t1TUp0RTJwRXNubUhmQ2N1MlRaS2lGdTROUlhFeH5B

Request Chain 114

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDL6FVHkYQbVNUXTXHXJb18&google_cver=1&google_push=AXcoOmR40J91-7S19eTCoqbb58eP6qEt0QJ8YqOwBDHE2C5NFp8gSDohHaPrzYR82BHMEHlUKInePivN1ivLWquznd2Ls6vusOHmmss HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmR40J91-7S19eTCoqbb58eP6qEt0QJ8YqOwBDHE2C5NFp8gSDohHaPrzYR82BHMEHlUKInePivN1ivLWquznd2Ls6vusOHmmss

Request Chain 115

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEHSpF7NEKEZQeHGxmMNGCrE&google_cver=1&google_push=AXcoOmQ8yJjqNbiAyLmJutDmXAlHjNjFltEJK5BArN3boatIoyUq2wCG949ZpUxPEhVcy_UYzbqxwUuE_9wIeEG4wCzSFUOHkIamN6Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ8yJjqNbiAyLmJutDmXAlHjNjFltEJK5BArN3boatIoyUq2wCG949ZpUxPEhVcy_UYzbqxwUuE_9wIeEG4wCzSFUOHkIamN6Y&google_hm=hgGvrMA0QiquqlMYERzxoSM

Request Chain 117

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl9VTnpEuZf_WJoPq1QGrsamACYWl989zrcfvk-QR7Y78wgMQASC2i7slYJXikYKgB6ABmNTmuyjIAQmpAsP8KzlRsrE-qAMByAPLBKoE9AFP0Ih4eDevSoxeQ4XrNTO0ZNQKrJ9c5BUP2J7NqMybsZOnaGBMrCt-jR-BgnBamF3IU5qNr2bg7sonrZpxnxcIt5R4UeP6c5CrvlbcpjnN-nCItMq0R5HUpECc8bt3lQrDTku5siqbf_qR-qu2QX4uvTImpSjJJmtShv7EVxiZ4elA7O1pa_YO4tlJvOcpHdNY64B4HenlDQfvT4w52ZX6In_N09gWFvgoMW9sHzn-ZSlwSLS2AkcyEvR_gyRtraXR4YcYnqazUMU3AwjYtWNhr3Emhk9oAnKdfDl34OfXiNMqYsVvzELhne0E0_g-4Pb4oV-MwASr9fCExgSIBcW_4b1MkgUECAQYAZIFBAgFGASgBi6AB5iMt5sDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8s4D0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJKGh0dHBzOi8va2VicmFnYWlvLm5ldC9ncmFuZC10aGVmdC1hdXRvLXaACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODI0ODUyODQxNDY3MzE0NRgA&sigh=dcMBOs2-mbI&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNniAJZIdncwEythk0HQXe-ZX3YCm4TGbR5rgoUl2Vsbs9pHsd0fkmmwF4X2UEbDpFoiG0mNajSxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22405147509673145146%22,%22debug_reporting%22:true,%22destination%22:%22https://kebragaio.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210862832152%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218135060231479686017%22}&andc=true

Request Chain 124

https://googleads.g.doubleclick.net/pagead/adview?ai=CWTJ6npEuZe2fJufRxtYP78GmiAu44_jFc9_Pw_O_Eu2O_MIDEAEgtou7JWCV-vCBjAegAbbYn5wByAEJqQLD_Cs5UbKxPqgDAcgDy4SAgASqBO4BT9DkBChCNzLxXd0vgLdGpbXyG4eVRfvXi7BRwqukFnxagjHplJQv0UcRf3IOLK9X7euQukB6u-MdQffX_1P9wLxI-mUEiZvx98DeLVybIR24wmXCAX-X5PE8lPA49ZsoqVhYvQbmQrU57KYOvU2n2XiDVBUh5hojbQ62aKx9wUyNNrwddk_35Dph-fLmkICkhbWRW9ikkhdL5pnZEpJng-IzhZQJzqUtQCx5KT0_TDK25z_SoBcp77_SSpTWOUSn4NGkVDSZ2OoB0lJbVHscqqirDiviiq8qrC_UdW-qlca93hu9gIkl6_0N646AY8AE2cD1mcMEiAXanPzcTJIFBAgEGAGSBQQIBRgEoAYugAeyp-DjAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELWTCNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCStodHRwczovL3JlZ2FsYnVzd2F5cy5jb20vZ3JhbmQtdGhlZnQtYXV0by12gAoByAsBuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04MjQ4NTI4NDE0NjczMTQ1GAA&sigh=VXbVD_8NYC0&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaN9l9Wha3tgkkAaEdMBXoN3H2tupLo4WffQ1zbE2AS8UKgCZdzzluVZ1EcgSQKglqjg4lDU6mIzxgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217360425187991087715%22,%22debug_reporting%22:true,%22destination%22:%22https://regalbusways.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22327674934%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227377048186030044577%22}&andc=true

Request Chain 125

https://googleads.g.doubleclick.net/pagead/adview?ai=CIwCSnpEuZdS0JsTlvPIP9_-k4AS44_jFc5_Sw_O_Eu2O_MIDEAEgtou7JWCV4pGCoAegAbbYn5wByAEJqQKjyqkjEa2xPqgDAcgDywSqBO4BT9DpBpfHye188cY_1O19KUT2zHFh2hM0rHW2hi1wDSpHrugHdWZN7Yz622M9xvPpKSF2mTAZIyrZtqe5QBhntH8Q_Z9YiaOGyFyCUNAGbxwmOs0Bzxwywg5kI9gykqSZni_oY8le70GXwOoiocWNsg3xXoHBBaJPteTEdZ2yjJwTCbyzb_gWaVaxg1bR_Hm5bEGJ3o6iibZD_ryLFgzYWxyhTBcHL_mDbunguBXoXNjhq7mSIZZfmofOuuilDCsLnURLIdIAWlJaU5Vc76jrjMftKmA2Mpm3I0M7KIC6yFBs6S8Ss7-H_HreXimFdMAE2cD1mcMEiAXanPzcTJIFBAgEGAGSBQQIBRgEoAYugAeyp-DjAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMqqA9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCStodHRwczovL3JlZ2FsYnVzd2F5cy5jb20vZ3JhbmQtdGhlZnQtYXV0by12gAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTgyNDg1Mjg0MTQ2NzMxNDUYAA&sigh=dlKxjkSIyEo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaNiHEdC3VLr6V8wRvU8-4ulApZB8pbV_o87VQC41GugvAMf9etJ_qWvaEyxmgsC8ysIUrIr7kDWhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214739942302517827953%22,%22debug_reporting%22:true,%22destination%22:%22https://regalbusways.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22327674934%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214097834800319911713%22}&andc=true

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 143

https://googleads.g.doubleclick.net/pagead/adview?ai=CvsgvnpEuZb7JF4zLxtYP-KuziA72i4PRc_SKl7KLEoTZuteGPxABILaLuyVglYKAgJQHoAHp_fXPA8gBAagDAcgDywSqBPEBT9CHT92P7QwyFBNU1WLa6AjKxhsackJm8d9lKUhXb5nYA1AvOpDn-DLM-K4B9vhjZYiupy0NnbcDSvNLXhqm5kReMq4tSsAwzznRcAs1WLPMvesuxO0JVYjVCObLFbrBdAsXykEH47eJgOu_-lKpJWSjG0_M3JOChP0148yDUf2Ezmxix5mxnq5nnto8CesI0rXGG5l0aBUTHjERe5SgCobDHM1zuJuCZ1Q2P3lbJhoOA5d8eabMRTCq7TVKuG-ETE2cKregYQ1nxDFKQtxl2fpaICEwXqB1SmUwdnmMUC4JxZNrjRTePtxssfTEur9IX8AE3cvgp7MEiAWc9-j1S5IFBAgEGAGSBQQIBRgEgAe0xIq4BKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ__fdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCa8BaHR0cHM6Ly9zZWFyY2gudnlhZ2VyLmNvbS8_cmdpZD02ODA4MTQmc3ViPWdjbGlkJnF1ZXJ5PVVubGVhc2glMjBFZmZpY2llbmN5JTIwYW5kJTIwR3Jvd3RoJTNBJTIwRXhwZXJpZW5jZSUyMFNlYW1sZXNzJTIwSW50ZWdyYXRpb24lMjB3aXRoJTIwT3VyJTIwUG93ZXJmdWwlMjBFUlAlMjBTb2Z0d2FyZSUyMYAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04MjQ4NTI4NDE0NjczMTQ1GAA&sigh=BYuCpmVTCFc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNtnh4NXFLNVDCvdKyw62GVsS6yrHGkePSmSYDDHnaATCmoMkjr7LlJFvl6orDMK0hkIo7uJnVZsYxM3HOJgGoBbXz-WnzthMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217805056216386685325%22,%22debug_reporting%22:true,%22destination%22:%22https://vyager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215022430443128708209%22}&andc=true

138 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cs16.info/
Redirect Chain

http://cs16.info/
https://cs16.info/

75 KB
12 KB

73ms
51ms

Document
text/html

2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cs16.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5b86ff2fdcf1c0111746f6d59c920437e801f0ff04639ccd516d2aa7b75bb48

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 817905ba2da5bb41-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 13:52:29 GMT
last-modified: Mon, 24 Jul 2023 03:01:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdYVc3y1aHyw59O2xRta0RZEtP8LV4cnk3gZQfz%2FNw4n3jvYLc6cYOR9hM%2B1MzyIV9JXD3pZd74rB0cMv48Qdxxrrj3N%2F4D2CtqteF6hgFolRy07a2AlsA%2Bob6oNrnrP8xaBba4RG1o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 817905b9ea28bb4a-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 17 Oct 2023 13:52:29 GMT
Expires: Tue, 17 Oct 2023 14:52:29 GMT
Location: https://cs16.info/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Jp7b3%2F8eZOZ%2B2JUdCJ0XN8BOj0B4hSOGmBJPBrStu6mdTSVOnWzh29YSMeZvHt%2F62En8xe7AurQjAEX26lrYHuQX845r8SRJGZE0DD58MQsjkLznrX36aCc5eqW0Q0w%2BZbupnukXnE%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
970 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Play&display=swap

Requested by

Host: cs16.info
URL: https://cs16.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 13:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 13:52:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 13:52:29 GMT

GET
H2 200 bot1.png
cs16.info/img/ 994 B
1 KB 38ms
37ms Image
image/png 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/bot1.png
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc4c1f26164082a637690cf3d663a9ddc06d068e10397a74229d95ae8ee5c561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 05:50:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3e2-5d3a1945ef600"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Tfmccxd69fz9bElj5pU8YJqpcCHAe7OtunTDwsa6YjOQnZ2uH1W4pTkGRSBEUY0%2Fcygh%2F0lWiq7rlFog5yzEc3OZxmfL%2FJCIaXTM1r7UEf2ZFCLthEWYz%2BcLlZkFGIWmEizTRsKBK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905ba9e4cbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 994

GET
H2 200 rocket-loader.min.js Show response
cs16.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cs16.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: cs16.info
URL: https://cs16.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Oct 2023 07:45:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6523afb0-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUJ%2FQUMs2A6oNeH%2F4iCxepsqgwxegqKw%2BZbqkGdD8pg1cGah7jv4x%2B5thcLK%2F1flZSV2V1ZqrAfc5ifIBXuKHgfi8Hdl8ln3F4MulcO3jCsuco0AWxVk9pkn%2F%2BQWm9nSK0wzquQIFJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 817905babe6abb41-FRA
expires: Thu, 19 Oct 2023 13:52:29 GMT

GET
H2 200 cs-1-6-logo.jpg
cs16.info/images/ 34 KB
34 KB 18ms
18ms Image
image/jpeg 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/images/cs-1-6-logo.jpg
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3520cd5ba0b5c67729b090b3f69d4bd8d8a148b0838448979378d391af5b44b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Dec 2021 22:09:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3322
etag: "885f-5d4645080f500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnjQ9RjuOJs9OUr4g2oUhzyqRhd1Uv0ypdNKy71gcCqu2hRrbAI7%2FNypDv8FEI3kLFAkSGTa%2BjI3gH6wSsLMznMBZCHnmNJrWwxplG3O0CSt0oCvTvpzMHOs3b4ub%2BF23RKEdNmjVTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905babe6bbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34911

GET
H2 200 navbg.jpg
cs16.info/images/ 2 KB
2 KB 20ms
19ms Image
image/jpeg 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/images/navbg.jpg
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c79b3c05f7cc7375e4e659adaf5366f63eb62008e611f522f2c03a81f47741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 09:16:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3322
etag: "752-5cfdedc580a80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbJoRRViJMjaELrapzlGO%2FP%2BEzKz5Gr7SelEeD6iNbAyCSQ4bnKD%2BnRfdjxYGB9rmJ3yD20NoqVJRQLM92%2BoCANckQEtlh7fDW7kPWYidp54gtFrxUDeqTHZZGSUQnfyRI1cDlLabCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905babe6dbb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1874

GET
H2 200 star.png
cs16.info/images/ 822 B
1 KB 18ms
18ms Image
image/png 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/images/star.png
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af67c57370b67fbc011634f7e6ab61aa090123353507ff2da5f052ba6f85016a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 09:16:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3322
etag: "336-5cfdedcf0a100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZLGIvqB7kHMwVgPX7oZpGNe3yFz8dSD%2B0tBXwKakAWF4xq2JpP9UNSj0Bn%2FooU8845FFX2FFbOf3GqR4Glb1w%2F8kP8wvq%2FhxaZPPR%2FvzPKhQw55TXHa2QT%2BEhgIcRBwnJXFQtEE5UY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905babe6ebb41-FRA
alt-svc: h3=":443"; ma=86400
content-length: 822

GET
H3 200 cs16.webp
cs16.info/img/ 30 KB
30 KB 17ms
16ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/cs16.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 289c2a29737c0b088ddec9588ed0f1c23f519439c8c3f494ca2ac73acbc0ca23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 19:56:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4028
etag: "762c-5faa738cd14c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOaG%2FOC7MGbLMwMlX7OeqVxXIWODOprx6K4ptvmxRLYFo9o7Asl%2B2l72zEvr6lDaDd4NDO8laJ8AGHaZhuqbR3qFkE2B%2FtcFQ0GQkXvuS0spXQM1%2FdFGAXFUBvKbFgKpE4Gv72Gd4VU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad8279205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30252

GET
H3 200 cs-1.6-download.webp
cs16.info/images/ 34 KB
35 KB 44ms
43ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/images/cs-1.6-download.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ecc8cc87d5205343d2bf790c251f9938708bf73719c2e1e007359a1a5c91a29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Mon, 24 Jan 2022 11:54:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8964-5d652a174c500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgJAYh%2FtP2P7kLUqlcRvaQFqByEbKxQf4zmnmDAeIdG872wwU5jgh7CFObbYX%2F9sTVEgfqrelwVW7VXQBmekxtG0SAdWgcDZ8VvTUvW0zKHXrABH91zN5DMPFo1Cdq5iSjS63lsISIg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad8289205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35172

GET
H3 200 download-cs-1.6.webp
cs16.info/images/ 10 KB
11 KB 58ms
57ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/images/download-cs-1.6.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9fe1978274bcc096e4b83835f56b8b3f6d7cd1abd03ff79f214ecc0449062b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 24 Jan 2022 12:34:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2962-5d65330264f80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZBDB1zZHAsePwl4lNqLobjkumHG%2BTt9HA8owvqbQ0wt30BxatRRog27jGnpfHOF1vD6648sUXvmtZZbq3LrSDcYhn%2BZDoDxq%2BzkVRupa%2F74TIcogWRYeC1%2BA8K0jr%2FKI1KK%2BjFfvW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad82a9205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10594

GET
H3 200 counter-strike%201.6.webp
cs16.info/img/ 29 KB
29 KB 45ms
44ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/counter-strike%201.6.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f572854df70694ff2969e887daf3512a1966d0f567f9635b2a82328fe4d4661e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 07:09:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "73bc-5fab09dab7180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGkBO74Mcq44ZsFI0z6hEAEXG5KO5rhgtumojLvCZywO7fG8sJNfYayhGYedVW7PVqf1S2ylc6Js4qwnx7bgUth5GosOM5f2gPRfDupOiyh1aKJ81brGUnUndfWew5YQNeZpXqg%2BKWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad82c9205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29628

GET
H3 200 cs%201.6.webp
cs16.info/img/ 27 KB
28 KB 37ms
36ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/cs%201.6.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14b7a20750fecb477f4812cf40833e0af0b4a4b8eb8da766034764d5f86c6ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 07:10:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6cea-5fab0a0c4e680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1G7mHTEp2EwluP5wKUorqGoYoNxDk78ipMTthWPL8Lxr9ffeXtzSWLLbmZE9l3xabbblOMclIOnGsH642pEOfzdHNc7%2BedxgU83YWp1YWU0hbfwFkMOKA3slFHzf1r20p9hmRSWV9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad82d9205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27882

GET
H3 200 cs-1-6.webp
cs16.info/img/ 24 KB
24 KB 51ms
50ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/cs-1-6.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b423006dbebdeb34bdcd298c5e33dcc36cf31907a9d5d3deb209d128c1f24dac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 07:09:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5fb8-5fab09fc18040"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kB5YwRpGEoa4ml5nKipifRO5Xdh5WKhFi3xLmWSzsHW2899qMEfddVUimhCjQgNL0eWo7YDswUCTyr66Ssxk1%2FbCX4Yaep0bbUc7n4scBIscOIzVg0I8%2BstICdEv%2BYVxG5at6vJxhck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad82e9205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24504

GET
H3 200 cs16-dust2.webp
cs16.info/img/ 24 KB
24 KB 51ms
50ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/cs16-dust2.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64df4940263d8f8980e6db8d5aa0ed22be5e762f996901f75cb8c84e7e26cfc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 07:10:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "601c-5fab0a251a100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hk3iYi8wLWMQCOF2aQBX%2FVHTbnZBA5ZHK60ZunM9HxMHOLBn7EYQm0FV1I2ntUx9SuATl1xulvlkhf0YfVL5ZQ2pzLM7AFkoazgqYOu3tEoPUVuOy7JsOoLwjTm846PYnC5%2B6%2FaQS08%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad8319205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24604

GET
H3 200 cs16download.webp
cs16.info/img/ 28 KB
29 KB 52ms
51ms Image
image/webp 2606:4700:3037::ac43:d835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs16.info/img/cs16download.webp
Requested by: Host: cs16.info
URL: https://cs16.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:d835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90fa0ff381389f741b9a35ff8d8c183bd5d76e98f20ce7ff6e5a375a49d5cd4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
cf-cache-status: HIT
last-modified: Tue, 02 May 2023 07:10:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "71d8-5fab0a3738bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTAMYyueR4so3MTI5KgbAOyrGTEb4jOlHkpW7ZVX%2Fp%2FVYTV6g1YKer0y5PIN5%2FGKjRwKNfeS94h6L00mzarg4jmsmNUvaBj1RaiV5cTtYY0wKfdJc9grqj%2BNoA37GtnCgaM3yYZvZkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 817905bad8329205-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29144

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 82ms
56ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248528414673145

Requested by

Host: cs16.info
URL: https://cs16.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c5c12c53ede5c787d7545ae2ae615e5fe427d53f52d3bd51b478b7ab797d4ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Origin: https://cs16.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51515
x-xss-protection: 0
server: cafe
etag: 6762759621341059736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 53ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-44R45WTC16

Requested by

Host: cs16.info
URL: https://cs16.info/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2ea95c536cc533455935768af4fd52ee12bd47d3093b24a72e1f184a11ef119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 17 Oct 2023 13:52:29 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-44R45WTC16&gtm=45je3ab0&_p=158901120&cid=849676758.1697550750&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697550749&sct=1&seg=0&dl=https%3A%2F%2Fcs16.info%2F&dt=CS%201.6%20-%20Counter-Strike%201.6%20Download%20Free%20Game%20(2023)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-44R45WTC16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cs16.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
133 KB 90ms
75ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8248528414673145&plah=cs16.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248528414673145

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67a7beb016a52128b7aa21de928e8bae65c36a2f9fc9263c868973203ba33521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136616
x-xss-protection: 0
server: cafe
etag: 1224827113615149654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame FE24 10 KB
5 KB 31ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248528414673145

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3375
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Tue, 31 Oct 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 54ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cs16.info&callback=_gfp_s_&client=ca-pub-8248528414673145

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8248528414673145&plah=cs16.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba1d05c133d4ec903b04eec2c4c5fb7d8e50087ea1873837a29be049d8f44a8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB76 4 KB
964 B 212ms
211ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&adk=1812271804&adf=3025194257&lmt=1690160519&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l&format=0x0&url=https%3A%2F%2Fcs16.info%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750028&bpp=3&bdt=191&idt=248&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7904705436484&frm=20&pv=2&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80d97513e1a3203e75dc35fb68011f65eb9159b283bb5ec2ad1eb9590c01d245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 764
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:30 GMT
expires: Tue, 17 Oct 2023 13:52:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
66ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

308869b2ea18287aad10ac5845c55abdcbb4f72a215f3e7f53a8ea03e8cc3981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12221
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 64DC 123 KB
41 KB 1500ms
1500ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&slotname=6738540145&adk=941977971&adf=854766408&pi=t.ma~as.6738540145&w=940&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&format=940x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750031&bpp=1&bdt=194&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6sjRlFgKYH&p=https%3A//cs16.info&dtd=276

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a89ee80c78dd1910bf0c9155862246993870641cefed7c02c88f79bc2a9e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42110
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 13:52:30 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 425A 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 129726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 01:50:24 GMT
expires: Tue, 15 Oct 2024 01:50:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 537B 829 B
1 KB 57ms
28ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f15485bd91d0b5ed5f690e510a56fa1a45bc805ae3bcf56b7d316a4dbae35d10

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GkCPUJEnntyfHlqLgj9Abw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GkCPUJEnntyfHlqLgj9Abw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:30 GMT
expires: Tue, 17 Oct 2023 13:52:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 425A 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:55:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 11:55:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 537B 0
0 40ms
40ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=294780119050840&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 425A 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GHQAPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B68F 114 KB
40 KB 642ms
642ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f22b55e3ee3ab346d8880264096e38cfda96137386078a284da8b5476244a5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40651
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E40D 128 KB
42 KB 785ms
785ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b48dda2ea40e4ad7e2189cc7350cd6d95b9dffde5871222fd5c354432f07b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43466
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 38A0 128 KB
42 KB 613ms
613ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e02df24988fff15a76592f393a3c467e3a8d506cc855e82d77444c837bf9660b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43325
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3C76 102 KB
39 KB 525ms
525ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbef5767f6dda44a9b6fbdff1a0cb82c95353419f4229416d6e8133089214e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cs16.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39599
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7569195781889312544
tpc.googlesyndication.com/daca_images/simgad/ Frame 3C76 48 KB
48 KB 11ms
11ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7569195781889312544

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df907a93e32c85d38d79b67e3638d3e3fb756471964bb2e80a8ddce761f1240f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:00:40 GMT
x-content-type-options: nosniff
age: 6711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48994
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 08:31:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 12:00:40 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 3C76 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3C76 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3C76 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3C76 0
0 29ms
25ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1cMb2-Rg8aSpsC1E_TapvTE20vQ-NBG8IHUdM0LKxqd-PWJnAFk7SYjScFpxRr1tUYtcDP35V6UrO_BAwjMfBSuuwFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C76 187 KB
59 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3C76 36 KB
15 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 13:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 13:55:42 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F75D 143 B
166 B 10ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 11FC 1 KB
643 B 11ms
10ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Wed, 18 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
45ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=294780119050840&bg=!hYalhsnNAAbFpEfJ5aQ7ADQBe5WfOJTHCkYat6_PqIKx1eICCaV3WlKeHMbUqAIZyHgPwjZl76SGRm0XSIwxpXV4r_PpAgAAAIhSAAAACGgBBwoArbF-YpQLpnKx-yiWUbIF8MsSHSHjxPkjLDUKmXaZ78MPLWW6_odhMarB6HE785hwQ1HrFssLv1_roBjihQBLfRo59IfErsQ1D1d7m0Oftr1jEBLRBbK-et7B5CpCgw9dKxdmNlPE79diLMRXZ-ebUpBNJFH6KjcSTL08RV18ylHGmFZCkLPthkxqTA-KfhDI4gPkZiM87626iHb6U07FFc9DLARRB5BI5UKAiwgQmQLU2PqOrsvwiP8dgmm3IzXo5Je03jCYeZhj9IbAHPIEBJqnx3cGJFQhmPKP4p3nDDw6pDBgKCxD0-CU6CwLFFEEGQYVF8KDkfAHrGPf99fXU8HOo1tc0HLQLsy4kvP-MAEQ_mhpjs8EC6faGaoD-q9T8LjceCQz6Bf5rfB5-5UNUm4rrQyZFl6J2sl-tNeYwmrztfVT22JedXQYhtouE69flOSQZxg0wk4uren7zmLSnaM0VgB7Pa2xmmaVeZZP0u9ZCcGZdbIQywBYdL45QB2ERKa40T8_TXEf1BvTyaiiNoHz5ZgtsZ_AoJYsIgglLvYmJysjQ1O8wXwPwqpTWRM_AKtQ1G-TxlE0pCDY3KDx1jicLB9cJSRSUso-a_YOMdMtgYRlF33LrxRCZlBKdJXDEbMzR9wQpgSlgM_6SXGJq7wAkUE_nLQ52hQUS8gBY2jDvwoQd1el3oe8uh9js-PzJhrF8ypGifY9nM53qYs-vMyTmiKYf19b86Pvy3M68UaOkC1KtTqBd363TZqIBXIAoKiOvTYD0J2H3dKP0UgO3eLXlFR9R36ltH55jy797v3YE5pGJdyiRkaP-BbuXT_Y-OsOA1tEkJ_AMLmBlhSrzkb9QnCRInrjVheGWSMwzvTbrtJ3F0xx2j1cIzm84mglGks8FcOxLRHSKoK7DZn8HhP05vI9RaPpDMISUTaqntGTQA0cJ4Z0C45bD7JRcpEfwQx3FnQn3Nx8shxUYtX6BqUNGh-VSw0ALVf2X1792fPADE819wakgjYurscNaYrcNBOaXmQ3DO83apmDV1WKGd1k_eYvegQJHWRadfbgkoeiZag6fDgzKFZWd1iXXES9wo3rb2017QaWsDR1Cgs_GqYijRfJygdXwS3CWpL-yhQJIOpGgqUazYnwsDUQxMK2jNgeJzheubQ2badeC9Hy4iSZt9sfTpr8s23kAaN1uOQWIybpmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cs16.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 3C76 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d912c160b6e8e443b17c8b8696c04db42635ae18692ec1cf7268ffa877a9e0d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 11FC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENCN32JZpO7nsPiDyoQfJK4&google_cver=1&google_push=AXcoOmSIZRh8zFthrhT2JFrhV4ttMmb4TNEZCIVKSVKzkcoDgIDpNKDEv8UhaO8fyr7L5bKofeR1f3lxKH6v6uPVn2uErVsvWQUg-w
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA0OTIwMTAxNzY1NzE1MjkxMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGYeC5N74klPpr86RvBKDwo&google_cver=1

43 B
398 B

58ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGYeC5N74klPpr86RvBKDwo&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGYeC5N74klPpr86RvBKDwo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 11FC
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cver=1&google_push=AXcoOmTaN8KNrmsMAOj4sXyHCqxp8_7PC389f06AqPqJX1V...

170 B
232 B

29ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cver=1&google_push=AXcoOmTaN8KNrmsMAOj4sXyHCqxp8_7PC389f06AqPqJX1VmwacGDq91-wKWAwEOMIRdt-I6py5tlvEUtkwOXIcVInMogrU4FPPj

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Oct 2023 13:52:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEFK79VTiTv5qqzGgTuatHFo&google_cver=1&google_push=AXcoOmTaN8KNrmsMAOj4sXyHCqxp8_7PC389f06AqPqJX1VmwacGDq91-wKWAwEOMIRdt-I6py5tlvEUtkwOXIcVInMogrU4FPPj
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 11FC 0
173 B 151ms
15ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEICg6MiuG14w0tn3_KXqjFE&google_cver=1&google_push=AXcoOmSUEDUJC0KE-72W5jCoQkS5tvMCWEaz0JrFT_R4-RaYBgpHWGDx1PFQry2WZ7T3x3Hvj44pfnuHossA0sJYb3rQnE4iSgu1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 11FC 43 B
146 B 148ms
7ms Image
image/gif 3.127.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEA6aj-FMcD35hrLkEblvb34&google_cver=1&google_push=AXcoOmT3kC3gFPEffbvR1NyXg8MdVRWBqNpFUeJ-OtoosUUyFUPhfMAGlihLyzWcRbmxH79sXGacL--Vjk1j5cUgOtIQ7yW6-0-ANw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=250&adk=4045414350&adf=939347027&pi=t.aa~a.1428641456~rp.4&w=331&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&to=qs&pwprc=7496088899&format=331x250&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750562&bpp=1&bdt=724&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280%2C572x280&nras=5&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=936&ady=1604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=NBnXa6ZYJa&p=https%3A//cs16.info&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.91.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-91-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 11FC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEf9j_uiRzWwxlklTB5PTys&google_cver=1&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7viII...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEf9j_uiRzWwxlklTB5PTys&google_cver=1&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7vi...

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7viIIN9tdSmZkhI1N8h9ZCOI8

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmRhckuaDomI1ND3mFmfVVRKZn9d02OYe0v1o9o6TlDQ8ZeLbRovcKCJpsHmepQMg5kTsyM7viIIN9tdSmZkhI1N8h9ZCOI8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 11FC 43 B
363 B 153ms
12ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQivkbI9L-oouqGFWcuo8FWSPzxiburJxI1_SyxSlJ6Rl_tud_dbNc6156muc1w23eBJ-akplMnYGD00Bog_P_WCgF1cZS4FA&google_gid=CAESECq4hMSckJPVgAyf8W6_3Ko&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:30 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 181580
expires: Tue, 17 Oct 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 11FC
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJhiTeeDTt_7teDHA_f6W3A&google_cver=1&google_push=AXcoOmT0mnBug4mIDuXZi0YBk_5U_qzKTx5qwNmDQ87hBD0mNxrKLQLpWUPK3HHiYd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT0mnBug4mIDuXZi0YBk_5U_qzKTx5qwNmDQ87hBD0mNxrKLQLpWUPK3HHiYd7Ms0ey7qDUyh65g3RpBijIcItWtnpdbyJKOmE&google_hm=...

170 B
329 B

23ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT0mnBug4mIDuXZi0YBk_5U_qzKTx5qwNmDQ87hBD0mNxrKLQLpWUPK3HHiYd7Ms0ey7qDUyh65g3RpBijIcItWtnpdbyJKOmE&google_hm=hgGvrMA0QiquqlMYERzxoSM

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT0mnBug4mIDuXZi0YBk_5U_qzKTx5qwNmDQ87hBD0mNxrKLQLpWUPK3HHiYd7Ms0ey7qDUyh65g3RpBijIcItWtnpdbyJKOmE&google_hm=hgGvrMA0QiquqlMYERzxoSM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 11FC 0
130 B 156ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8_uFSESFdgzqqzRJcClb1PVPN2lOKNkrWbYPueif_hnGkjme4Oo_sx3bD3x7X1-88zQJdbw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F75D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

24ms
24ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3C76
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CbfVFnpEuZcetJ8TExtYPxZSWsAGFpffPc63m7Kr0Ee2O_MIDEAEgtou7JWCV4pGCoAegAZjU5rsoyAECqQKjyqkjEa2xPqgDAcgDyQSqBO4BT9Cz4H4NjcfCQOvQgv2bRABz5YWx9YC4lgF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222106365002611360276%22,%22debug_reporting%22:true,%22destination%22:%22https://kebragaio.net%22,%22event_report_window%22:...

0
0

41ms
40ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222106365002611360276%22,%22debug_reporting%22:true,%22destination%22:%22https://kebragaio.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210862832152%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212631584416297083281%22}&andc=true

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2106365002611360276","debug_reporting":true,"destination":"https://kebragaio.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10862832152"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"12631584416297083281"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 13:52:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2106365002611360276","debug_reporting":true,"destination":"https://kebragaio.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10862832152"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"12631584416297083281"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
42ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 13:52:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 38A0 14 KB
1 KB 24ms
22ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:08:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 38A0 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 38A0 23 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 38A0 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 38A0 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 38A0 0
0 17ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvpwh8nb7TEDC99TvEC5YzlF8PhnyjNlt4RSXgqgE2S7vRG_FvGCDzPFUsuc3rqfoEnl5QjeYHZNLP-I0fZV0Zlg0cuA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38A0 187 KB
59 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 38A0 35 KB
15 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B68F 4 KB
728 B 24ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 13:03:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B68F 2 KB
892 B 15ms
12ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B68F 23 KB
9 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B68F 3 KB
1 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B68F 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B68F 187 KB
59 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame B68F 35 KB
15 KB 26ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99C3 1 KB
643 B 8ms
8ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Wed, 18 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 28C6 1 KB
643 B 13ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Wed, 18 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12876198995013042290/ Frame B68F 17 KB
17 KB 13ms
9ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12876198995013042290/14763004658117789537?w=200&h=200&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a07d2550045193e19fbe64a5567f160bb71bb95266a731f3970a6103d6a53159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 20:05:29 GMT
x-content-type-options: nosniff
age: 64022
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17271
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 14:55:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Oct 2024 20:05:29 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8176886783514801775/ Frame B68F 24 KB
24 KB 17ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8176886783514801775/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf51cf28056584f9461668ffb165916771daf75b3e40e18d95d829b7b45a574e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:34:52 GMT
x-content-type-options: nosniff
age: 490659
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24661
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 14:55:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 21:34:52 GMT

GET
DATA 200
OK truncated
/ Frame B68F 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12234258758459007234/ Frame 38A0 23 KB
23 KB 15ms
11ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12234258758459007234/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24400dcc3c45c4cd4c35a82929fe2fee4257d794599e931fd910877f65ffc48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 16:25:49 GMT
x-content-type-options: nosniff
age: 509202
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23524
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 08:09:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 16:25:49 GMT

GET
DATA 200
OK truncated
/ Frame 38A0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 38A0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame E40D 14 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:58:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E40D 2 KB
892 B 9ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame E40D 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E40D 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame E40D 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E40D 0
0 18ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3ZmRMngw7WEmUEJ5iU9NPJZ7ymjwyx_PHIfwZXv-MqXa1wCy_MCA5_UlV9Pn0VTqo6xnGdbyTx0J35a1QaXyg8xg5Cg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E40D 187 KB
59 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame E40D 35 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2FE5 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15747
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 09:30:04 GMT
etag: 48472445140208031
expires: Wed, 18 Oct 2023 09:30:04 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13400818607251824903/ Frame E40D 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13400818607251824903/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f9abab0b403c92ab7593185cff79bc52278b9029a80b7351934b90709571d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 17:46:37 GMT
x-content-type-options: nosniff
age: 504354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18190
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 14:56:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 10 Oct 2024 17:46:37 GMT

GET
DATA 200
OK truncated
/ Frame E40D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E40D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 38A0 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c73ee18767a618a650b395ccd59627f8a708841915267776cd0dc9acc7b8c61e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 99C3 0
187 B 66ms
18ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP8G-WKU6MJREZRjNfX_M_E&google_cver=1&google_push=AXcoOmTtLBFCfEFkmbHVc7ZKZ3zD7SDnYPKBDFAmEnoD3Ha4aJStWvKiOgaJFMy8c-ruJAU6Ihe78XAmYBPPK_DDYqjjYvfUn1E5weNPIUX6m-67xnUPBAOCmPocmWpy0mZbzvxXGNs5lTERrveIdiNlsiBayQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Tue, 17 Oct 2023 13:52:30 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 99C3 43 B
145 B 9ms
7ms Image
image/gif 3.127.91.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEP_33C4nrpQMS5W-4bEi3BA&google_cver=1&google_push=AXcoOmSjSNocixKFSqLtz9cI86_ckf30ij1vAgmLalZ6Vk-8rlid-bJIu86dULx7C3QDr5-cDUDZMnL23CYfeTEigfLlpuoEsbkQ4_tQZOu6XES9BhZ46_4nxoNQmt28uR85PIFGSbU9Ad2UkjkB5kPeg6qGJw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.91.113 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-91-113.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C3
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSM7zxH...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSM7zxH...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzUyMzEwMDAzNTU3MDMwMTQ1NA%3D%3D&google_push=AXcoOmSM7zxHNGzfilW4vvTmi1_MFg4bNPgFf6Qz3XKSlGgDOQCu62JODc3i4W-fXraDw2...

170 B
188 B

22ms
22ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzUyMzEwMDAzNTU3MDMwMTQ1NA%3D%3D&google_push=AXcoOmSM7zxHNGzfilW4vvTmi1_MFg4bNPgFf6Qz3XKSlGgDOQCu62JODc3i4W-fXraDw2H3ly090VaD6oNrMAXnVmXBQGoSX-4_lZHgCfvOJzgiNNcvaU-R1pQa6HsHT_8VHn0A1RBYNtotjmMYz_O_ycpStg

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMTcxMzUyMzEwMDAzNTU3MDMwMTQ1NA%3D%3D&google_push=AXcoOmSM7zxHNGzfilW4vvTmi1_MFg4bNPgFf6Qz3XKSlGgDOQCu62JODc3i4W-fXraDw2H3ly090VaD6oNrMAXnVmXBQGoSX-4_lZHgCfvOJzgiNNcvaU-R1pQa6HsHT_8VHn0A1RBYNtotjmMYz_O_ycpStg
pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 99C3 42 B
213 B 44ms
18ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPstBk52EMwgMUfHIKy9-lw&google_push=AXcoOmTlOF1g7WwabTFZzRukgbwkRh9ygfr3Q9Q__7AJ4R9vML9FnPjye9RisfRxbwys6IAYVQCfVJwg9IsPYCfTAqtXngYszEwb_cYk1rGwZpFnGRjXu4W6gunbNtTWq1gsGHfbVmD5fybFNcpDQWFP8X_eqA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99C3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEC2VClBintCWzjlZ4px78mo&google_cver=1&google_push=AXcoOmSAcORmUYPev2l4whAx1TiQQF2XmNybtVYUK9_VmajgzQhXrguJCRfpX2_u_mX_Sf0NI4kzoe2H...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmSAcORmUYPev2l4whAx1TiQQF2XmNybtVYUK9_VmajgzQhXrguJCRfpX2_u_mX_Sf0NI4kzoe...

170 B
188 B

18ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmSAcORmUYPev2l4whAx1TiQQF2XmNybtVYUK9_VmajgzQhXrguJCRfpX2_u_mX_Sf0NI4kzoe2HcjkfrEp_scNZMKOrgMkkRaHq2mc_VG4o2dvObVusz2F9Nm5euaF8kC5TWcogJB8gGCPncVcxT2Yasg

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmSAcORmUYPev2l4whAx1TiQQF2XmNybtVYUK9_VmajgzQhXrguJCRfpX2_u_mX_Sf0NI4kzoe2HcjkfrEp_scNZMKOrgMkkRaHq2mc_VG4o2dvObVusz2F9Nm5euaF8kC5TWcogJB8gGCPncVcxT2Yasg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 99C3 43 B
297 B 226ms
22ms Image
image/gif 2a05:d01c:1d8:8102:d9e9:4576:4b39:3a88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEFehCskrzmKWF8PQurTa3x8&google_cver=1&google_push=AXcoOmQOI8AdDGDk92h7M3d0oipiPRKUrE2bB_g7e_DME2tdnghWIDfiX86r9II6G1OEdE-z1VI00FlaxwHrME77VECZPxdg9ikJCYB71Sig9sGJAgYMiV6i_HcqUPDqhJ-O2j4CaxVZEcZg5k-H5L6rJneGOmM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2082688565&pi=t.aa~a.3757298201~i.41~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=708&idt=1&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280%2C572x280&nras=4&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=4592&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=fIJ5NTV9IY&p=https%3A//cs16.info&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:d9e9:4576:4b39:3a88 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame 99C3
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGtxtWgkDuvU...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmQXDpaMCx1bbmjxP3M21YKyPQJRsJ85JgijbLLVSC39uXx3TMyEU0ouUegUV8CbPl7zKrXpQQChLbbRG2RY5zw9EM2c4Ah2PBLVaIyweSQ8OYlBk...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

31ms
31ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Tue, 17 Oct 2023 13:52:31 GMT
pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 99C3 0
12 B 17ms
16ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBnC8K91GH5zH4LAXX4iTJhOoU-NxH7B55wOqbciqLYO3fiHyNGHosCWruRlILiBY-13hYsg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 512D 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 38A0 33 KB
34 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 16993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:09:18 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 28C6 0
103 B 108ms
23ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEM1NeYZGORDF-EmpOCs7C-o&google_cver=1&google_push=AXcoOmS2p2IBkZCdB4rdd8DLiIDUZPbnRH9F9VaXkvBHwY1a5zzdCStqUynWCaq4Vj_qkCPJ3-2Ae-nT3hnV91AVTX5wD-PW4YTPCQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28C6
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEO0N-186Bp3bCTyRiQZdAUI&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEO0N-186Bp3bCTyRiQZdAUI&google_cver=1&google_push=AXcoOmTbDV6RZR_rVD3Cy3kVKT3l9hJ-JSvNP6uAqXmF2lG...

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEO0N-186Bp3bCTyRiQZdAUI&google_cver=1&google_push=AXcoOmTbDV6RZR_rVD3Cy3kVKT3l9hJ-JSvNP6uAqXmF2lG0H8HSvxofLT6BGZsmyJPEf12_Hti1Lp2ssk6TRGuqDm9IcvKOFZqTnQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Oct 2023 13:52:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEO0N-186Bp3bCTyRiQZdAUI&google_cver=1&google_push=AXcoOmTbDV6RZR_rVD3Cy3kVKT3l9hJ-JSvNP6uAqXmF2lG0H8HSvxofLT6BGZsmyJPEf12_Hti1Lp2ssk6TRGuqDm9IcvKOFZqTnQ
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 28C6
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEF7AjiArIO2UoTzuUUhMuMI&google_cver=1&google_push=AXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7AjiArIO2UoTzuUUhMuMI&google_cver=1&google_push=AXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3...

43 B
436 B

183ms
169ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7AjiArIO2UoTzuUUhMuMI&google_cver=1&google_push=AXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:32 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 817905c86f444d91-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:32 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 10
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEF7AjiArIO2UoTzuUUhMuMI&google_cver=1&google_push=AXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTt3d5wJPYpIKOAOiDiaEAPds2tvzsMealfvXyE4T92-HaVPsPEWkXyWO7jZZ6Dqayk7xjF6cWUesEvgKwiot7u25hpik3h8w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 817905c4fa4f4d91-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 28C6
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKvdsSJixkp_Bz-a0-36djg&google_cver=1&google_push=AXcoOmSHaeVilKOj6tBbsSQLFibaubF46SRnGxqpO9JqGiqb4SNpPZb5oWLQu9kY3XgkA040QcowXHY91QaAh6AJ3an0Rl9fRjFywg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24840517F49A44BA92B0A3C1C502B16D&google_push=AXcoOmSHaeVilKOj6tBbsSQLFibaubF46SRnGxqpO9JqGiqb4SNpPZb5oWLQu9kY3XgkA040QcowXHY91QaAh6A...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24840517F49A44BA92B0A3C1C502B16D&google_push=AXcoOmSHaeVilKOj6tBbsSQLFibaubF46SRnGxqpO9JqGiqb4SNpPZb5oWLQu9kY3XgkA040QcowXHY91QaAh6AJ3an0Rl9fRjFywg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 Oct 2023 13:52:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=24840517F49A44BA92B0A3C1C502B16D&google_push=AXcoOmSHaeVilKOj6tBbsSQLFibaubF46SRnGxqpO9JqGiqb4SNpPZb5oWLQu9kY3XgkA040QcowXHY91QaAh6AJ3an0Rl9fRjFywg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 16 Oct 2023 13:52:31 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 28C6 70 B
149 B 116ms
34ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOvkDVnGMSgBz9cIkjPEyqo&google_cver=1&google_push=AXcoOmTUGKu4rXZUoWt6BR_VrwI5JJPPekP91JHK2YI4mHVvvDie8UriI7s43j8IepbOUJe-HrsRv3pnPaOV1JFxXfVVa9yxQ6Wj4g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 28C6 43 B
362 B 14ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQi8YV1s-LZXHl4CFotmxGqlRntZJEHKm0fiVpA2WCfd4T8A3b1Q0gcIDCouph0eyyv2uU6TdnCiBJ-kXRr3Yng3QQobV9w4w&google_gid=CAESEOghj4v5_go9fVuz3CFHtIE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 147365
expires: Tue, 17 Oct 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 28C6
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPAKP6u-R7UK...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmT2crfaW3ek3tB6dLWLLhqteyfqBAnTI3LGVAXZ3PW8_S1JW6OF44wB-QoQ7Jh-XUH6i8Wc1YhIYVYYno3IPHO64AMhOLAb-Q
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

31ms
31ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

expires: Tue, 17 Oct 2023 13:52:31 GMT
pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 28C6 0
12 B 16ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNAdT1eu1XpzYXz5C-SlUFrqe9I4Itaj5LC6nBNd0StNl5KAV9KTZyshCeUnho5ASjH6ohRQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2FE5 0
104 B 73ms
22ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK_5-z2pl0R4q7nsGFA-6OM&google_cver=1&google_push=AXcoOmSle6h8b4WR8B_7f2IJ5XTgcV87rCX1JiJFCgeGfHAD64O69UtxJOquzHeCNE3jkaq-CrrsTnbl_2u687hyf-q18S988uvp8Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FE5
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMXrWSxckuiuQOqal7Poofo&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEMXrWSxckuiuQOqal7Poofo&google_cver=1&google_push=AXcoOmSjV2pD3H_lcYzyVl5MXrgrr9w7z2tMtxp8IWTTPql...

170 B
188 B

22ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEMXrWSxckuiuQOqal7Poofo&google_cver=1&google_push=AXcoOmSjV2pD3H_lcYzyVl5MXrgrr9w7z2tMtxp8IWTTPqltviwTZd7n0a2IHJVhu6l6siBBV6VRPPrOaWZ3tYl_6mfdQr45brF2heI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 17 Oct 2023 13:52:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Z1duRjVGdGExUVNLdVA1&google_gid=CAESEMXrWSxckuiuQOqal7Poofo&google_cver=1&google_push=AXcoOmSjV2pD3H_lcYzyVl5MXrgrr9w7z2tMtxp8IWTTPqltviwTZd7n0a2IHJVhu6l6siBBV6VRPPrOaWZ3tYl_6mfdQr45brF2heI
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FE5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELsVKRvR-gpcqLmLqrb-tNw&google_cver=1&google_push=AXcoOmTgsN0KY9VMRNOMhakiNpnhc1gip_pJ5oiB3eBo6W2kM9_hAYOUwjJO9JcgbF-i2t5mMFyClLFb9j3o0hZO7d_rMjdzCcaRdw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AD8A1368CCF4F1F87F3404F6AC9385B&google_push=AXcoOmTgsN0KY9VMRNOMhakiNpnhc1gip_pJ5oiB3eBo6W2kM9_hAYOUwjJO9JcgbF-i2t5mMFyClLFb9j3o0hZ...

170 B
188 B

20ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AD8A1368CCF4F1F87F3404F6AC9385B&google_push=AXcoOmTgsN0KY9VMRNOMhakiNpnhc1gip_pJ5oiB3eBo6W2kM9_hAYOUwjJO9JcgbF-i2t5mMFyClLFb9j3o0hZO7d_rMjdzCcaRdw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 Oct 2023 13:52:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4AD8A1368CCF4F1F87F3404F6AC9385B&google_push=AXcoOmTgsN0KY9VMRNOMhakiNpnhc1gip_pJ5oiB3eBo6W2kM9_hAYOUwjJO9JcgbF-i2t5mMFyClLFb9j3o0hZO7d_rMjdzCcaRdw
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 16 Oct 2023 13:52:31 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FE5
Redirect Chain

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEGE4rpP6QAeTjxvLm_AJE7A&google_cver=1&google_push=AXcoOmTRxy6t845V_nfggGYrCq3SAktNmWaPZ4WwfZWUX5gLQujqWM8tLe1UcZYN_z04AFqyxW3k8BJPqqHVRh...
https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTRxy6t845V_nfggGYrCq3SAktNmWaPZ4WwfZWUX5gLQujqWM8tLe1UcZYN_z04AFqyxW3k8BJPqqHVRhVsmXAW1lqKfpZ-3Tk&google_hm=hmUukZ-qO9eCJZ...

170 B
188 B

19ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTRxy6t845V_nfggGYrCq3SAktNmWaPZ4WwfZWUX5gLQujqWM8tLe1UcZYN_z04AFqyxW3k8BJPqqHVRhVsmXAW1lqKfpZ-3Tk&google_hm=hmUukZ-qO9eCJZj0ig&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D652E919FAA3BD7822598F48ABLIS

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=blismobile&google_push=AXcoOmTRxy6t845V_nfggGYrCq3SAktNmWaPZ4WwfZWUX5gLQujqWM8tLe1UcZYN_z04AFqyxW3k8BJPqqHVRhVsmXAW1lqKfpZ-3Tk&google_hm=hmUukZ-qO9eCJZj0ig&google_redir=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2FAdxPixel%3F%25%25GOOGLE_ERROR_PAIR%25%25%26partner_device_id%3D652E919FAA3BD7822598F48ABLIS
date: Tue, 17 Oct 2023 13:52:31 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FE5
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIhns2SYzDJt_e4mpvB0kTw&google_cver=1&google_push=AXcoOmQlJHbi55397nWJZ0iXWZTxIqeH09sStpoa2l8Wegm4OFMUebID7XJJZWzmbsIQRrI4QEouNBJf6EMz3ImwP1TIsF2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQlJHbi55397nWJZ0iXWZTxIqeH09sStpoa2l8Wegm4OFMUebID7XJJZWzmbsIQRrI4QEouNBJf6EMz3ImwP1TIsF2cygceDw&google_hm=eS13X2t1TUp0RTJwRXNu...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQlJHbi55397nWJZ0iXWZTxIqeH09sStpoa2l8Wegm4OFMUebID7XJJZWzmbsIQRrI4QEouNBJf6EMz3ImwP1TIsF2cygceDw&google_hm=eS13X2t1TUp0RTJwRXNubUhmQ2N1MlRaS2lGdTROUlhFeH5B

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 17 Oct 2023 13:52:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQlJHbi55397nWJZ0iXWZTxIqeH09sStpoa2l8Wegm4OFMUebID7XJJZWzmbsIQRrI4QEouNBJf6EMz3ImwP1TIsF2cygceDw&google_hm=eS13X2t1TUp0RTJwRXNubUhmQ2N1MlRaS2lGdTROUlhFeH5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FE5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDL6FVHkYQbVNUXTXHXJb18&google_cver=1&google_push=AXcoOmR40J91-7S19eTCoqbb58eP6qEt0QJ8YqOwBDHE2C5NFp8gSDohHaPrzYR82BHMEHlUKInePivN...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmR40J91-7S19eTCoqbb58eP6qEt0QJ8YqOwBDHE2C5NFp8gSDohHaPrzYR82BHMEHlUKInePi...

170 B
188 B

20ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmR40J91-7S19eTCoqbb58eP6qEt0QJ8YqOwBDHE2C5NFp8gSDohHaPrzYR82BHMEHlUKInePivN1ivLWquznd2Ls6vusOHmmss

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjA4NTIwNDI1NTg2Njk0NDQzNQ&google_push=AXcoOmR40J91-7S19eTCoqbb58eP6qEt0QJ8YqOwBDHE2C5NFp8gSDohHaPrzYR82BHMEHlUKInePivN1ivLWquznd2Ls6vusOHmmss
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2FE5
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEHSpF7NEKEZQeHGxmMNGCrE&google_cver=1&google_push=AXcoOmQ8yJjqNbiAyLmJutDmXAlHjNjFltEJK5BArN3boatIoyUq2wCG949ZpUxPEh...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ8yJjqNbiAyLmJutDmXAlHjNjFltEJK5BArN3boatIoyUq2wCG949ZpUxPEhVcy_UYzbqxwUuE_9wIeEG4wCzSFUOHkIamN6Y&google_hm=...

170 B
188 B

21ms
21ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ8yJjqNbiAyLmJutDmXAlHjNjFltEJK5BArN3boatIoyUq2wCG949ZpUxPEhVcy_UYzbqxwUuE_9wIeEG4wCzSFUOHkIamN6Y&google_hm=hgGvrMA0QiquqlMYERzxoSM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQ8yJjqNbiAyLmJutDmXAlHjNjFltEJK5BArN3boatIoyUq2wCG949ZpUxPEhVcy_UYzbqxwUuE_9wIeEG4wCzSFUOHkIamN6Y&google_hm=hgGvrMA0QiquqlMYERzxoSM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2FE5 0
12 B 16ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IeplCozQthavtDNFEnNHjnOjPGRCc73odFWmobSVfiYl7k-4TcazDRfJkJhFeHCs_yPSrb2Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 38A0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl9VTnpEuZf_WJoPq1QGrsamACYWl989zrcfvk-QR7Y78wgMQASC2i7slYJXikYKgB6ABmNTmuyjIAQmpAsP8KzlRsrE-qAMByAPLBKoE9AFP0Ih4eDevSoxeQ4XrNTO0ZNQKrJ9c5BUP2J7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22405147509673145146%22,%22debug_reporting%22:true,%22destination%22:%22https://kebragaio.net%22,%22event_report_window%22:%...

0
0

42ms
41ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22405147509673145146%22,%22debug_reporting%22:true,%22destination%22:%22https://kebragaio.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210862832152%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218135060231479686017%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"405147509673145146","debug_reporting":true,"destination":"https://kebragaio.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10862832152"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"18135060231479686017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 13:52:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"405147509673145146","debug_reporting":true,"destination":"https://kebragaio.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10862832152"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"18135060231479686017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9306 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

GET
DATA 200
OK truncated
/ Frame B68F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecfdb45a3478897ba79828e0b69f9e384e50387de57694e9363e04f3edd1d4a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B68F 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:37:30 GMT
x-content-type-options: nosniff
age: 468901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 03:37:30 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 13:52:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E40D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fb6eb0090d85ab5ede4f208b7a15b9262181315ab89d8adfd0bd84fac7db4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame E40D 33 KB
33 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 16993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B68F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWTJ6npEuZe2fJufRxtYP78GmiAu44_jFc9_Pw_O_Eu2O_MIDEAEgtou7JWCV-vCBjAegAbbYn5wByAEJqQLD_Cs5UbKxPqgDAcgDy4SAgASqBO4BT9DkBChCNzLxXd0vgLdGpbXyG4eVRfv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217360425187991087715%22,%22debug_reporting%22:true,%22destination%22:%22https://regalbusways.com%22,%22event_report_window...

0
0

43ms
42ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217360425187991087715%22,%22debug_reporting%22:true,%22destination%22:%22https://regalbusways.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22327674934%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227377048186030044577%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17360425187991087715","debug_reporting":true,"destination":"https://regalbusways.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["327674934"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"7377048186030044577"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 13:52:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17360425187991087715","debug_reporting":true,"destination":"https://regalbusways.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["327674934"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"7377048186030044577"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E40D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CIwCSnpEuZdS0JsTlvPIP9_-k4AS44_jFc5_Sw_O_Eu2O_MIDEAEgtou7JWCV4pGCoAegAbbYn5wByAEJqQKjyqkjEa2xPqgDAcgDywSqBO4BT9DpBpfHye188cY_1O19KUT2zHFh2hM0rHW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214739942302517827953%22,%22debug_reporting%22:true,%22destination%22:%22https://regalbusways.com%22,%22event_report_window...

0
0

43ms
43ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214739942302517827953%22,%22debug_reporting%22:true,%22destination%22:%22https://regalbusways.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22327674934%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214097834800319911713%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14739942302517827953","debug_reporting":true,"destination":"https://regalbusways.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["327674934"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"14097834800319911713"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 13:52:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14739942302517827953","debug_reporting":true,"destination":"https://regalbusways.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["327674934"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"14097834800319911713"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9FB6 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=2419621769&pi=t.aa~a.3757298201~i.27~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280&nras=2&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=2751&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7u8IUk9eTi&p=https%3A//cs16.info&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame F11B 38 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&adk=1819373879&adf=942396637&pi=t.aa~a.3757298201~i.31~rp.4&w=572&fwrn=4&fwrnh=100&lmt=1690160519&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7496088899&ad_type=text_image&format=572x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&pra=3&rh=143&rw=572&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750545&bpp=1&bdt=707&idt=-M&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9a28f66e215a2539-223e3675efe200e2%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_MbW8XDHK9wRQFGNGpPnzMZmfb4jcw&gpic=UID%3D00000c9b6d180278%3AT%3D1697550750%3ART%3D1697550750%3AS%3DALNI_Ma4t4Nf00Mum8z_wokoRZxWH3p_mw&prev_fmts=0x0%2C940x280%2C572x280&nras=3&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=348&ady=3500&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=kPZcJYCI3E&p=https%3A//cs16.info&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
40ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 13:52:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 44ms
44ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 13:52:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame 64DC 9 KB
4 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&slotname=6738540145&adk=941977971&adf=854766408&pi=t.ma~as.6738540145&w=940&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&format=940x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750031&bpp=1&bdt=194&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6sjRlFgKYH&p=https%3A//cs16.info&dtd=276

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 08:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 451815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 01:21:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 08:22:16 GMT

GET
H3 200 f9452dcf4f221a00d49f3197c484e17d.js Show response
www.gstatic.com/mysidia/ Frame 64DC 11 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9452dcf4f221a00d49f3197c484e17d.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59752
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4599
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 64DC 14 KB
1 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 13:06:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 64DC 2 KB
892 B 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 64DC 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 64DC 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 19:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Oct 2023 19:59:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 64DC 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Oct 2023 13:36:09 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64DC 187 KB
59 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Oct 2023 13:52:31 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 64DC 35 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 09:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 09:30:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1692 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248528414673145&output=html&h=280&slotname=6738540145&adk=941977971&adf=854766408&pi=t.ma~as.6738540145&w=940&fwrn=4&fwrnh=100&lmt=1690160519&rafmt=1&format=940x280&url=https%3A%2F%2Fcs16.info%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697550750031&bpp=1&bdt=194&idt=269&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7904705436484&frm=20&pv=1&ga_vid=849676758.1697550750&ga_sid=1697550750&ga_hid=158901120&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=245&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077327%2C42531514%2C44805113%2C44805681%2C44805918&oid=2&pvsid=294780119050840&tmod=127654626&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=6sjRlFgKYH&p=https%3A//cs16.info&dtd=276
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1713
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 64DC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98c57d8cd2d6576e8f8bc5e9a5e5f521a6ed11c00680bdbfbdeef7ae83dd6edd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 64DC 33 KB
33 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 16993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:09:18 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1692
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

17ms
17ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
expires: Tue, 17 Oct 2023 13:52:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Oct 2023 13:52:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 64DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CvsgvnpEuZb7JF4zLxtYP-KuziA72i4PRc_SKl7KLEoTZuteGPxABILaLuyVglYKAgJQHoAHp_fXPA8gBAagDAcgDywSqBPEBT9CHT92P7QwyFBNU1WLa6AjKxhsackJm8d9lKUhXb5nYA1A...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217805056216386685325%22,%22debug_reporting%22:true,%22destination%22:%22https://vyager.com%22,%22event_report_window%22:%2...

0
0

42ms
41ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217805056216386685325%22,%22debug_reporting%22:true,%22destination%22:%22https://vyager.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%224%22:[%2210-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215022430443128708209%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 13:52:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17805056216386685325","debug_reporting":true,"destination":"https://vyager.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"15022430443128708209"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 17 Oct 2023 13:52:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 17 Oct 2023 13:52:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17805056216386685325","debug_reporting":true,"destination":"https://vyager.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"4":["10-17"],"6":["true"]},"priority":"500","source_event_id":"15022430443128708209"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame 769A 38 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 22:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 488536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 22:10:15 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
40ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 13:52:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 64DC 42 B
64 B 116ms
116ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstv4TGozzKSRTDCJ4WPy_mDSl5iZUPKmsstXXhKtXooG2XSTuGGDQPp0ryH8iMEeMzJJK_fyfYkex6ylO9IcX9sOSZaPukn50_I3RnygxELuI4oyHeZYUYT_RjXdQK8cQ5VDB5s_Ned8snW&sai=AMfl-YRPFe1gQywrAtz5uu4CIUvOHpsDRk4vIsZltnWMjbpqPQ1mVhbFL7a7wG_12VyjpHLnSCLA4LKQIerxqmkmmFHXJY-vCDzeMlaIeBiizxrrcObLZAyTbQ3KoKh5ZUl-rNRH9Yra483RveZ-EA&sig=Cg0ArKJSzJaJtG9pcXeIEAE&cid=CAQSTADICaaNtnh4NXFLNVDCvdKyw62GVsS6yrHGkePSmSYDDHnaATCmoMkjr7LlJFvl6orDMK0hkIo7uJnVZsYxM3HOJgGoBbXz-WnzthMYAQ&id=lidar2&mcvt=1000&p=0,0,280,940&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=941977971&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697550750308&rpt=1640&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 17 Oct 2023 13:52:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cs16.info/	1970-01-21 01:08:30	Name: _ga_44R45WTC16 Value: GS1.1.1697550749.1.0.1697550749.0.0.0
.cs16.info/	1970-01-21 01:08:30	Name: _ga Value: GA1.1.849676758.1697550750
.blismedia.com/	1970-01-21 00:18:10	Name: b Value: 652E919FAA3BD7822598F48ABLIS
.w55c.net/	1970-01-21 01:04:11	Name: wfivefivec Value: gWnF5Fta1QSKuP5
.ctnsnet.com/	1970-01-21 00:18:06	Name: gid_CAESEJhiTeeDTt_7teDHA_f6W3A Value: 1
.adform.net/	1970-01-20 16:17:09	Name: C Value: 1
.w55c.net/	1970-01-20 16:15:42	Name: matchgoogle Value: 5
.doubleclick.net/	1970-01-21 00:54:06	Name: IDE Value: AHWqTUkjsR144rn3vqL3HdnaIjFjlriNwGzPn-Kzwvi1PLRxwb2j3pP9WwUi1I0Q-BE
.doubleclick.net/	1970-01-20 15:32:34	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 16:58:54	Name: uid Value: 6085204255866944435
.googleadservices.com/	1970-01-20 17:42:06	Name: ar_debug Value: 1
.ctnsnet.com/	1970-01-21 00:18:06	Name: gid_CAESEHSpF7NEKEZQeHGxmMNGCrE Value: 1
.ctnsnet.com/	1970-01-21 00:18:06	Name: cid Value: 8601afacc034422aaeaa5318111cf1a1
.simpli.fi/	1970-01-21 00:19:33	Name: suid Value: 4AD8A1368CCF4F1F87F3404F6AC9385B
.turn.com/	1970-01-20 19:51:42	Name: uid Value: 3049201017657152913
.e.dlx.addthis.com/	1970-01-21 01:02:45	Name: na_tc Value: Y
.innovid.com/	1970-01-20 17:42:06	Name: uuid Value: 80df4d2e-b8d0-4e47-84da-c70970234e41-20231017 09:52:31
.yahoo.com/	1970-01-21 00:18:28	Name: A3 Value: d=AQABBJ-RLmUCEKOIiaXzTCm0NXFdbJeECjEFEgEBAQHjL2U4ZQAAAAAA_eMAAA&S=AQAAAsWfcJe5iBMF4cGeac-tLnA
.doubleclick.net/	1970-01-20 15:32:31	Name: test_cookie Value: CheckForPermission
.cs16.info/	1970-01-21 00:54:06	Name: __gads Value: ID=ffc11ec2e3016621:T=1697550750:RT=1697550750:S=ALNI_MbJKXDhI6Q6cTV7As4amSuEGOHR1A
.cs16.info/	1970-01-21 00:54:06	Name: __gpi Value: UID=00000cbb1ef383a7:T=1697550750:RT=1697550750:S=ALNI_MZLCltT4gyYZwUKahn0Sow8Y-vDlw
.addthis.com/	1970-01-21 01:02:45	Name: na_id Value: 2023101713523100035570301454
.addthis.com/	1970-01-21 01:02:45	Name: na_tc Value: Y
.addthis.com/	1970-01-21 01:02:45	Name: uid Value: 652e919f116e5773
.addthis.com/	1970-01-21 01:02:45	Name: ouid Value: 652e919f000110647a41bb4fd2a66aca99e069767cbbcc60388a
.dlx.addthis.com/	1970-01-20 16:15:42	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 16:15:42	Name: na_sr Value: 20231017
.dlx.addthis.com/	1970-01-20 15:32:30	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 16:15:42	Name: na_sc_e Value: 0
.tribalfusion.com/	1970-01-20 17:42:06	Name: ANON_ID Value: aknt6Zatlix98qyTAZaRq6hj0C3XGHZbVXUIEZdgpv4GJWKqQlOqKZcxT2BpqdnpsPt6pM3elIYZaPaVsxi7UU1UAUpAPZbauMZd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ag.innovid.com
c1.adform.net
cm.g.doubleclick.net
cs16.info
dclk-match.dotomi.com
dis.criteo.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ius.ctnsnet.com
match.adsrvr.org
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
s.tribalfusion.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.75.88.210
142.250.185.130
178.250.1.9
2001:4860:4802:32::36
23.32.185.35
2606:4700:3037::ac43:d835
2606:4700::6812:18ad
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
2a02:fa8:8806:20::2040
2a05:d018:d29:3601:c184:4582:9358:8e30
2a05:d01c:1d8:8102:d9e9:4576:4b39:3a88
3.127.91.113
34.160.236.64
34.96.105.8
35.186.193.173
35.204.74.118
35.71.131.137
37.157.2.229
46.228.164.11
52.57.206.211
98.98.134.242
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04686cedfaef19409f3141494b5f955e3c6627a91c46a5daade4e4803823be7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14b7a20750fecb477f4812cf40833e0af0b4a4b8eb8da766034764d5f86c6ea7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
24400dcc3c45c4cd4c35a82929fe2fee4257d794599e931fd910877f65ffc48a
289c2a29737c0b088ddec9588ed0f1c23f519439c8c3f494ca2ac73acbc0ca23
308869b2ea18287aad10ac5845c55abdcbb4f72a215f3e7f53a8ea03e8cc3981
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3520cd5ba0b5c67729b090b3f69d4bd8d8a148b0838448979378d391af5b44b4
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3ecc8cc87d5205343d2bf790c251f9938708bf73719c2e1e007359a1a5c91a29
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9abab0b403c92ab7593185cff79bc52278b9029a80b7351934b90709571d7e
4fb6eb0090d85ab5ede4f208b7a15b9262181315ab89d8adfd0bd84fac7db4cd
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bc0a235ae3bc715be74579c571b77611d6a9edf14e51103d130a5c9ddaa6ee3
5c5c12c53ede5c787d7545ae2ae615e5fe427d53f52d3bd51b478b7ab797d4ca
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64df4940263d8f8980e6db8d5aa0ed22be5e762f996901f75cb8c84e7e26cfc6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67a7beb016a52128b7aa21de928e8bae65c36a2f9fc9263c868973203ba33521
6d912c160b6e8e443b17c8b8696c04db42635ae18692ec1cf7268ffa877a9e0d
7b9fe1978274bcc096e4b83835f56b8b3f6d7cd1abd03ff79f214ecc0449062b
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
80d97513e1a3203e75dc35fb68011f65eb9159b283bb5ec2ad1eb9590c01d245
86a89ee80c78dd1910bf0c9155862246993870641cefed7c02c88f79bc2a9e0d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90fa0ff381389f741b9a35ff8d8c183bd5d76e98f20ce7ff6e5a375a49d5cd4a
93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c
98c57d8cd2d6576e8f8bc5e9a5e5f521a6ed11c00680bdbfbdeef7ae83dd6edd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a07d2550045193e19fbe64a5567f160bb71bb95266a731f3970a6103d6a53159
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
af67c57370b67fbc011634f7e6ab61aa090123353507ff2da5f052ba6f85016a
b423006dbebdeb34bdcd298c5e33dcc36cf31907a9d5d3deb209d128c1f24dac
ba1d05c133d4ec903b04eec2c4c5fb7d8e50087ea1873837a29be049d8f44a8a
c73ee18767a618a650b395ccd59627f8a708841915267776cd0dc9acc7b8c61e
cbef5767f6dda44a9b6fbdff1a0cb82c95353419f4229416d6e8133089214e17
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
cf51cf28056584f9461668ffb165916771daf75b3e40e18d95d829b7b45a574e
d2ea95c536cc533455935768af4fd52ee12bd47d3093b24a72e1f184a11ef119
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
df907a93e32c85d38d79b67e3638d3e3fb756471964bb2e80a8ddce761f1240f
e02df24988fff15a76592f393a3c467e3a8d506cc855e82d77444c837bf9660b
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e2c79b3c05f7cc7375e4e659adaf5366f63eb62008e611f522f2c03a81f47741
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecfdb45a3478897ba79828e0b69f9e384e50387de57694e9363e04f3edd1d4a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15485bd91d0b5ed5f690e510a56fa1a45bc805ae3bcf56b7d316a4dbae35d10
f22b55e3ee3ab346d8880264096e38cfda96137386078a284da8b5476244a5f7
f572854df70694ff2969e887daf3512a1966d0f567f9635b2a82328fe4d4661e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5b86ff2fdcf1c0111746f6d59c920437e801f0ff04639ccd516d2aa7b75bb48
f9b48dda2ea40e4ad7e2189cc7350cd6d95b9dffde5871222fd5c354432f07b1
fc4c1f26164082a637690cf3d663a9ddc06d068e10397a74229d95ae8ee5c561

cs16.info Open in urlscan Pro 2606:4700:3037::ac43:d835 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

84 %HTTPS

53 %IPv6

27 Domains

33 Subdomains

25 IPs

8 Countries

1586 kBTransfer

3656 kBSize

30 Cookies

3 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cs16.info Open in urlscan Pro
2606:4700:3037::ac43:d835 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

84 %
HTTPS

53 %
IPv6

27
Domains

33
Subdomains

25
IPs

8
Countries

1586 kB
Transfer

3656 kB
Size

30
Cookies

138 HTTP transactions
10 data transactions