urlscan.io logo urlscan.io
SecurityTrails logo

ad.doubleclick.net Open in urlscan Pro
172.217.16.134  Public Scan

Go To Rescan Add Verdict Report
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;...
Submission: On September 11 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 22 HTTP transactions. The main IP is 172.217.16.134, located in United States and belongs to GOOGLE, US. The main domain is ad.doubleclick.net. The Cisco Umbrella rank of the primary domain is 214.
This is the only time ad.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    18.202.123.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-123-230.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
3    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2600:9000:21f3:ae00:7:4bc6:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
track.activemetering.com
1    54.194.246.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-246-2.eu-west-1.compute.amazonaws.com
secure-gg.imrworldwide.com
3    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2600:9000:223f:1c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2600:1f18:1aca:4280:6798:a3e9:c75a:87c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
78 KB
6 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1021
static.adsafeprotected.com — Cisco Umbrella Rank: 791
dt.adsafeprotected.com — Cisco Umbrella Rank: 735
93 KB
4 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 373
31 KB
1 imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 3632
525 B
1 activemetering.com
track.activemetering.com — Cisco Umbrella Rank: 4183
311 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 234
44 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 350
133 KB
22 7
Domain Requested by
6 pagead2.googlesyndication.com ad.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
3 googleads4.g.doubleclick.net ad.doubleclick.net
2 dt.adsafeprotected.com ad.doubleclick.net
2 static.adsafeprotected.com ad.doubleclick.net
2 fw.adsafeprotected.com 1 redirects ad.doubleclick.net
1 secure-gg.imrworldwide.com ad.doubleclick.net
1 track.activemetering.com ad.doubleclick.net
1 www.googletagservices.com ad.doubleclick.net
1 s0.2mdn.net ad.doubleclick.net
1 ad.doubleclick.net
22 11

This site contains no links.

Subject Issuer Validity Valid
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh
track.activemetering.com
Amazon		 2021-12-05 -
2023-01-01		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-22 -
2022-11-14		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Frame ID: EE06476B0C8727F607D61E550E680CB4
Requests: 17 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6693DFB994D3A2FCAC086A0C9240B2B4
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 3AAB9ACDA180E9DA3644FB5AE2E71DA0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: 88F2F3B86C364433AEEC7E34E50F4C74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Advertisement

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

22
Requests

59 %
HTTPS

60 %
IPv6

7
Domains

11
Subdomains

10
IPs

3
Countries

380 kB
Transfer

837 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://fw.adsafeprotected.com/rfw/st/1087738/65101172/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_gzsdY7LnOaWk3gPV-o3ABw&cbFunctionName=goog_wrapCb_gzsdY7LnOaWk3gPV-o3ABw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2Fddm%2Fadi%2FN300005.3958515PMPRECISIONTHETRA%2FB28103820.343912637%3Bdc_ver%3D90.265%3Bsz%3D160x600%3Bu_sd%3D1.25%3Bgdpr_consent%3DCPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA%3Bgdpr%3D1%3Baddtl_consent%3D1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3&adsafe_type=abdq&adsafe_url=http%3A%2F%2Fad.doubleclick.net%2F&adsafe_type=f&adsafe_jsinfo=,id:b6e34dee-8685-df53-aef3-2ebde1c8653e,c:nRJa39,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-585d8b8594-g2w2p,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.600,am:sp,cc:0.0.1600.600,piv:0,obst:0,th:0,reas:l.h,mu:10000,br:c,an:n,oam:0,mtim:8,mot:0,app:0,maw:0,fm:th5lMOE+1*.1087738-65101172%7C11,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:40,oid:197c1c27-3172-11ed-9719-9edaa853a603,v:19.8.347,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr...
ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/ 		69 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
HTTP/1.1
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
f7dd97a12df6e5df111fcf8c99e1dbaa23e109ee74dca695d86a9cb46f43f1e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
30648
Content-Type
text/html; charset=UTF-8
Cross-Origin-Resource-Policy
cross-origin
Date
Sun, 11 Sep 2022 01:36:03 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma
no-cache
Server
cafe
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
0
11010415874136596615
s0.2mdn.net/simgad/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://s0.2mdn.net/simgad/11010415874136596615
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
594f7ef0bb3d0b386b0c610304c17ef9ccef818daf728435acf601c0ca4f990c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 01:36:04 GMT
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
off
Cross-Origin-Resource-Policy
cross-origin
Content-Length
135161
X-XSS-Protection
0
Last-Modified
Fri, 19 Aug 2022 18:20:34 GMT
Server
sffe
Report-To
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-doubleclick-media"
Expires
Mon, 11 Sep 2023 01:36:04 GMT
sodar_loader.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 11 Sep 2022 01:36:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
4842123143989086801
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=1209600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
4037
X-XSS-Protection
0
Expires
Sun, 25 Sep 2022 01:36:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Sun, 11 Sep 2022 01:36:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
3181
X-XSS-Protection
0
Server
cafe
ETag
10699485926258732851
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=1209600
Timing-Allow-Origin
*
Expires
Sun, 25 Sep 2022 01:36:04 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1087738/65101172/ 		235 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1087738/65101172/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.123.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-123-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
87372808eafdeedfbdec10ed3aefa5700ba0bf1b448cc4c40793c297b32742b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 01:36:04 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 01:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44740
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1662550240112033"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:36:04 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8Vlb3U-znDL8n1JMVOCKk64-81KmVi3ZSe7dxN7k1k7mstoQdD_UTwdUAaOipSYfdxgGplFdNOIvjo7LMxiR1hN0CuYqli1dYMJH7R4v5QgwPl_dF6Wq6&sig=Cg0ArKJSzGcqBsEdIuZaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220907.86245&adurl=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 01:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
track.activemetering.com/pixel/v1/all/ 		43 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.activemetering.com/pixel/v1/all/pixel.gif?cid=1ddbc85d-87a6-4a69-84a5-b536056ffae6&creativeId=176457352&placementId=343912637&siteId=7259761&campaignId=28103820&adId=535857699
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ae00:7:4bc6:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 01:36:04 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
cache-control
no-store
content-length
43
x-amz-cf-id
DVVLZN8h3PHV0GHfiJuY8necfdlwBiGwQuLFNlpmZGOElqJ-EbAMDA==
m
secure-gg.imrworldwide.com/cgi-bin/ 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn341016&cr=176457352&ce=N300005.3958515PMPRECISIONTHETRA&pc=343912637&ci=nlsnci3731&am=1&at=view&rt=banner&st=image&r=1196662415&C78=G1,DCM&uoo=0
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.246.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-246-2.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 01:36:04 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
expires
Thu, 01 Dec 1994 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 10:39:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
399411
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15207
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 06 Sep 2023 10:39:13 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca16ad6d798e6943c160d8f443860a9fa532cacb38467f7e252082e32af41055
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 01:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5635
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6693 		22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ad.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
399411
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
8395
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Tue, 06 Sep 2022 10:39:13 GMT
Expires
Wed, 06 Sep 2023 10:39:13 GMT
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 6693 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date
Wed, 07 Sep 2022 05:59:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
329796
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15957
X-XSS-Protection
0
Last-Modified
Mon, 29 Aug 2022 10:58:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Thu, 07 Sep 2023 05:59:28 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8Vlb3U-znDL8n1JMVOCKk64-81KmVi3ZSe7dxN7k1k7mstoQdD_UTwdUAaOipSYfdxgGplFdNOIvjo7LMxiR1hN0CuYqli1dYMJH7R4v5QgwPl_dF6Wq6&sig=Cg0ArKJSzGcqBsEdIuZaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&vt=11&dtpt=97&dett=2&cstd=0&cisv=r20220907.86245&adurl=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 01:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6693 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BiHLXgzsdY7LnOaWk3gPV-o3ABwAAAAA4AeAEAg&bg=!Z2SlZCDNAAZTikH4c4o7ACkAdvg8WjOSNCK_8Zzb6IfeSw5VUrVQj3FWBMMx38-4dgpIPq1MLMOoRgIAAABLUgAAAAJoAQeZAthKr2XhZjgZgkpBkZ3xNLwGg55xL7mRiO3nVZTOTGWTA4UrPjtDsu8J6oDuYuHsIanV_4BDNweaymNcbWuC1ErqcrZQmlFfYncgor9qTdSCoRmNewdw-tyFoG-7BH7JrJRumENmqta_qG4iLUCsRU_aBuQn08eBf5rA66YSZaIYlltEaNRsh_77cA0NpRQMyfkkGFK4olfw5syFpmvWQ6QrlaZsGixEpX4zmFSd5IIy7O3KTrpljrS3dX9BNus3UKKjsGIjqffpIv3juMZeWltWZz00mKh7iMU8II449sJbv85U5aZapq_sOmfcmWvZHlYmKjT0nrNdtntYu9TynR1uSr7Jd_vKSt88M0wsK_nPfTCBc5qCunFpxDxlXZ3dozOTQR0S2aSlOnt43y3rjJodhU-Gr1xKPF2p6t0TQ819on4oHRhtt2864uqzVCse9YWoksGvXkNqXg70Iu_IXK_kptWRIR5SWm7bUl6GG7QORBEmu_5MW9Ym-Ujh5WaXDSofihXq9kfJN8z8enh-uc6Ya_hO-0IfzqkIiCd8IJRL85IMa5WYmw_1rCfChFj4xPjeNgTr7epoPRYsuhHRe8BigohxotzPJDmhKwEWbXOn8kqGJI9kemcardiQ4MXbg3GzpWWzY04qkfqyceqFAnhoa6F6u4XXuVkj0XPruB-vCKYumFVzUeL9u8QKmySJ3XR2z94-ZJh6ANaHB_Z4OP0M7Jnsgot-spQeipaVM1jAI_FVZ7eN4b5wb4lEU5Agf-k1CXoHzxroVnZZ92JjYKcarsUcJk7XwLVRPv4OGvJ-rlqe_HVx6Qn1UJLFZdrJpn7Y4_JwCtvWUiQsVEBAzEFg28iEaDoAExaQUHrrxlw-8yb_mT-OsjMbKbHZ77If4K6WifEsF46kjKXum0xqUKnZ_MxvamglL9TP_jBKaIUUFtbN0wVKMPfXCBTCy2zPRTZuZTDRNwTjzA
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 11 Sep 2022 01:36:04 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Content-Type
image/gif
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
4a.js
static.adsafeprotected.com/
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1087738/65101172/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=gcc_gzsdY7LnOaWk3g...
  • https://static.adsafeprotected.com/4a.js
2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Server
2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 16:07:50 GMT
content-encoding
gzip
age
379695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 06 Sep 2022 16:07:47 GMT
server
AmazonS3
etag
W/"589d8955c4906ab1b8e63a2f92d932d3"
vary
Accept-Encoding
x-amz-version-id
y278kCHjy4az.swXkOrW4jguar1P2G10
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
iv3kQnSC30fP-GEPK8M_NPzy-XG9QJtdkI5qQHZ8E0uypqzcrR9Ixw==

Redirect headers

pragma
no-cache
date
Sun, 11 Sep 2022 01:36:04 GMT
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 3AAB 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:1c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
10170091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
content-type
application/javascript
x-amz-cf-id
H2nhb1M80HzfVaAeirVUUaTnB3Pp5PJwfi-uBwPsbFPeLi87XYbrbg==
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1087738&asId=b6e34dee-8685-df53-aef3-2ebde1c8653e&tv=%7Bc:nRJa3D,pingTime:-2,time:69,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:393,beZ:396,mfA:400,cmA:404,inA:405,inZ:416,prA:417,prZ:424,si:433,poA:434,poZ:455,cmZ:455,mfZ:455,loA:460,loZ:461,ltA:461,ltZ:461%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.h,w:1600,h:600,t:39%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:39,wc:0.0.1600.1200,ac:0.0.1600.600,am:sp,cc:0.0.1600.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~1600.600%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:th5lMOE+1*.1087738-65101172%7C11,idMap:1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,slid:%5BDfaVisibilityIdentifier_1196662415%5D,sinceFw:27,readyFired:true%7D&br=c
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6798:a3e9:c75a:87c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 01:36:04 GMT
x-server-name
dt09.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
view
googleads4.g.doubleclick.net/pcs/ 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8Vlb3U-znDL8n1JMVOCKk64-81KmVi3ZSe7dxN7k1k7mstoQdD_UTwdUAaOipSYfdxgGplFdNOIvjo7LMxiR1hN0CuYqli1dYMJH7R4v5QgwPl_dF6Wq6&sig=Cg0ArKJSzGcqBsEdIuZaEAE&uach_m=[UACH]&urlfix=1&vt=13&adurl=
Requested by
Host: ad.doubleclick.net
URL: http://ad.doubleclick.net/ddm/adi/N300005.3958515PMPRECISIONTHETRA/B28103820.343912637;dc_ver=90.265;sz=160x600;u_sd=1.25;gdpr_consent=CPekm0APekm0AAHABBENCeCsAP_AAH_AAAAAI9tf_X__b2_j-_5_f_t0eY1P9_7__-0zjhfdl-8N3f_X_L8X52M7vF36pq4KuR4Eu3LBIQdlHOHcTUmw6okVrzPsbk2cr7NKJ7PEmnMbOydYGH9_n1_z-ZKY7_____7z_v-v___3____7-3f3__p_3_-__e_V_99zfn9_____9vP___9v-_9__________3_74I9gEmGrcQBdiWOBNtGEUCIEYVhIdQKACigGFogMIHVwU7K4CfWELABAKAIwIgQ4gowYBAAIBAEhEQEgR4IBEARAIAAQAKgEIACNgEFABYGAQACgGhYoxQBCBIQZEBEUpgQESJBQT2VCCUHehphCHWWAFBo_4qEBEoAQrAyEhYOQ4IkBLxZIFmKN8gBGCFAKJUIAAAA.f_gAD_gAAAAA;gdpr=1;addtl_consent=1~3182.1558.70.2677.571.1712.1031.272.453.494.1053.491.787.143.486.149.385.550.43.55.266.495.196.322.394.482.211.108.981.1092.1097.1127.1107.2316.1832.1143.1301.2222.2366.2572.1201.1204.1205.2225.2510.2542.1186.2403.1364.2052.2768.1455.1564.1579.1638.1682.1786.1810.2535.2605.2657.2068.2577.2642.2821.2517.2767.2839.2886.2887.2891.2889.2898.3016.3111.2964.2923.2927.2949.2970.3050.2973.3017.2985.3045.3190.3180.3128.3186.3194.2822.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Sep 2022 01:36:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20220907/r20110914/xfa/sodar_loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Sun, 11 Sep 2022 01:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:36:04 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1087738&asId=b6e34dee-8685-df53-aef3-2ebde1c8653e&tv=%7Bc:nRJaap,pingTime:-10,time:489,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuMTAyIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000002002220000022220200000222200022020002022022022222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022202220020222202000220000222202222202222000002002002222222202220022202200022002220202202,asp:1662860164789%7C%7Ccf73120ef0c081de2cf002c8caf0fd72%7C%7C56c24cb524127a0f41136c1e5c39617f%7C%7C6000453233d384bf34f373463a012922%7C%7C26ca7f092eba89f5466151418b397b65%7C%7C4272704d6aece7b00121dfd7c3d70c81%7C%7Cd1c6983710950af5455af0190d12b78d%7C%7C6e76a9adf4adacbf8e39af59cd3d482b%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:6798:a3e9:c75a:87c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Sep 2022 01:36:04 GMT
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
pagead2.googlesyndication.com/bg/ Frame 88F2 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 19:48:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15957
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Sep 2023 19:48:04 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| clsn function| goog_wrapCb_gzsdY7LnOaWk3gPV-o3ABw function| bllsngzsdY7LnOaWk3gPV-o3ABw object| dicnf object| google_js_reporting_queue number| google_srt function| btrp function| pdib3 function| vv function| sasrc function| stcc function| ait function| ast object| google_image_requests object| GoogleTyFxhY function| omrhp object| GoogleGcLKhOms number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ function| __IntegralASDiagnosticCall object| __IntegralASConfig object| __IASScope boolean| isDomless object| __IASOmidVerificationClient function| __IntegralASAdPush function| __IntegralASEventLoadHandler_b6e34dee8685df53aef32ebde1c8653e object| GoogleA13IjpGc

0 Cookies

1 Console Messages

Source Level URL
Text
other error URL: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
s0.2mdn.net
secure-gg.imrworldwide.com
static.adsafeprotected.com
tpc.googlesyndication.com
track.activemetering.com
www.googletagservices.com
142.250.185.130
172.217.16.134
18.202.123.230
2600:1f18:1aca:4280:6798:a3e9:c75a:87c
2600:9000:21f3:ae00:7:4bc6:d200:93a1
2600:9000:223f:1c00:8:48e:53c0:93a1
2a00:1450:4001:806::2006
2a00:1450:4001:813::2001
2a00:1450:4001:831::2002
54.194.246.2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f77fa9d32c1323f7e50da8d807f556cdddaea2161de6cf84a0c8b4c1dd6f79
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
594f7ef0bb3d0b386b0c610304c17ef9ccef818daf728435acf601c0ca4f990c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
87372808eafdeedfbdec10ed3aefa5700ba0bf1b448cc4c40793c297b32742b5
874e545a5055f7c8602c30ffd711768e8105bb75c87045a794f934d9cffa30c6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
ca16ad6d798e6943c160d8f443860a9fa532cacb38467f7e252082e32af41055
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7dd97a12df6e5df111fcf8c99e1dbaa23e109ee74dca695d86a9cb46f43f1e8