www.hogwartsishere.com Open in urlscan Pro
2600:3c03:1::68ed:94d1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hogwartsishere.com/
Effective URL:
https://www.hogwartsishere.com/courses/by-level/
Submission: On December 09 via api (December 9th 2023, 5:05:51 am UTC) from US — Scanned from DE

Summary HTTP 138 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 20 domains to perform 138 HTTP transactions. The main IP is 2600:3c03:1::68ed:94d1, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.hogwartsishere.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 1st 2023. Valid for: a year.

This is the only time www.hogwartsishere.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	2600:3c03:1::... 2600:3c03:1::68ed:94d1	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
29	45.79.154.113 45.79.154.113	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:15ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	34.160.152.31 34.160.152.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:1901:0:7... 2600:1901:0:7416::1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:223... 2600:9000:223f:4c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:6200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
3 4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2404:6800:400... 2404:6800:4002:81e::2003	15169 (GOOGLE) (GOOGLE)
1	74.125.71.154 74.125.71.154	15169 (GOOGLE) (GOOGLE)
1	104.18.36.54 104.18.36.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.211.95.38 52.211.95.38	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:67::7	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:1ac... 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c	14618 (AMAZON-AES) (AMAZON-AES)
138	33

4 2600:3c03:1::68ed:94d1 (Cedar Knolls, United States) 3 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

www.hogwartsishere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 45.79.154.113 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1253-113.members.linode.com

burrow.hogwartsishere.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:15ce (United States)

ASN13335 (CLOUDFLARENET, US)

a.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com

d.pub.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7416::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

functionalfeather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223f:4c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:6200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.101 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4002:81e::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.54 (None, )

ASN13335 (CLOUDFLARENET, US)

vast.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.95.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-95-38.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:67::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednly.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	508 KB
33	hogwartsishere.com 3 redirects www.hogwartsishere.com burrow.hogwartsishere.com	4 MB
17	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r2---sn-4g5ednly.c.2mdn.net — Cisco Umbrella Rank: 422343	2 MB
15	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	131 KB
10	adsafeprotected.com 1 redirects static.adsafeprotected.com — Cisco Umbrella Rank: 602 fw.adsafeprotected.com — Cisco Umbrella Rank: 900 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	103 KB
8	gstatic.com fonts.gstatic.com csi.gstatic.com	48 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	138 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	functionalfeather.com functionalfeather.com — Cisco Umbrella Rank: 37692	25 KB
3	pub.network a.pub.network — Cisco Umbrella Rank: 4449 d.pub.network — Cisco Umbrella Rank: 4680	54 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	29 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1276 pixel.quantserve.com — Cisco Umbrella Rank: 1011	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	89 KB
1	doubleverify.com vast.doubleverify.com — Cisco Umbrella Rank: 1706	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1296	641 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	259 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	80 KB
138	20

	Domain	Requested by
29	burrow.hogwartsishere.com	www.hogwartsishere.com burrow.hogwartsishere.com
21	pagead2.googlesyndication.com	www.hogwartsishere.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	s0.2mdn.net	www.hogwartsishere.com s0.2mdn.net
13	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net www.hogwartsishere.com tpc.googlesyndication.com imasdk.googleapis.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.hogwartsishere.com
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.googleapis.com	www.hogwartsishere.com burrow.hogwartsishere.com googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	functionalfeather.com	a.pub.network functionalfeather.com
4	www.hogwartsishere.com	3 redirects
3	googleads4.g.doubleclick.net	www.hogwartsishere.com
3	static.adsafeprotected.com	www.hogwartsishere.com googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	r2---sn-4g5ednly.c.2mdn.net
2	cdnjs.cloudflare.com	s0.2mdn.net
2	fw.adsafeprotected.com	1 redirects www.hogwartsishere.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	connect.facebook.net	www.hogwartsishere.com connect.facebook.net
2	a.pub.network	www.hogwartsishere.com
1	gcdn.2mdn.net	1 redirects
1	ad.doubleclick.net	imasdk.googleapis.com
1	vast.doubleverify.com	imasdk.googleapis.com
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	pixel.quantserve.com	www.hogwartsishere.com
1	rules.quantcount.com	secure.quantserve.com
1	www.facebook.com	www.hogwartsishere.com
1	secure.quantserve.com	www.hogwartsishere.com
1	region1.google-analytics.com	www.googletagmanager.com
1	d.pub.network	www.hogwartsishere.com
1	www.googletagmanager.com	www.hogwartsishere.com
138	34

This site contains links to these domains. Also see Links.

Domain
www.fb.com
www.twitter.com

Subject Issuer	Validity	Valid
hogwartsishere.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-01` - `2024-10-20`	a year	crt.sh
burrow.hogwartsishere.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-26` - `2024-02-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
d.pub.network GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
functionalfeather.com R3	`2023-10-14` - `2024-01-12`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
vast.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-06-11` - `2024-07-12`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.hogwartsishere.com/courses/by-level/
Frame ID: C9AF9DE9FB0CE66AEE288C3C7FC3F3E6
Requests: 58 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 62E41001370FA1B8FD9217B17BF85310
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2131671202406978&output=html&adk=1812271804&adf=3025194257&lmt=1702098346&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.hogwartsishere.com%2Fcourses%2Fby-level%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702098346328&bpp=3&bdt=1280&idt=274&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2504060600202&frm=20&pv=2&ga_vid=550084752.1702098346&ga_sid=1702098347&ga_hid=278357185&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079864%2C31079865%2C31079920%2C95320884&oid=2&pvsid=1329038092762411&tmod=1829133352&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302
Frame ID: 07E5FB2F1A36C1337E4B30F3C1125216
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: A41228904F158527250F2AE0F75E117E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 4409B719C661D2FF1AA5CDBD912E0926
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNUanI2j4rbDF1VOOrWmEnw6apVxvM213c3byV8-h9usZBsRNrkTO4HIpRutdek3NYp2WcP6kbbQ4kv3XS6HqAkRs8JnP-bj36zEMeZvo0m37ffYyCan4qrCZ0cxXV8CHGIZNDVSsVypbj-In180l7wTtJLuR_vcYkRSEeR-FQkqHFg1G4E
Frame ID: 23EC8C25D7CC8484F201C461D1886EE8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EC2665D8D1E397136A481C43BE64971C
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D1FA1EBFBAEA62D1947AA576E00761B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50CDC6D36B27B3A91D73854DE61BBD24
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Frame ID: 830BBC76BC3C96F789349D64BA9F9976
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8349E0A757B05673CA88F8BDF0C6C137
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
Frame ID: F4650A26BFF1529A1BDDC2A0287E0860
Requests: 15 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: E32A9843383F01BAAE919E3FA98A7B88
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 9BC4B48C81EF823AB0627B1A763A9FFF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hogwarts Class Catalog | Hogwarts is Here

Page URL History Show full URLs

http://www.hogwartsishere.com/ HTTP 301
https://www.hogwartsishere.com/ HTTP 302
https://www.hogwartsishere.com/courses/ HTTP 302
https://www.hogwartsishere.com/courses/by-level/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

138
Requests

96 %
HTTPS

70 %
IPv6

20
Domains

34
Subdomains

33
IPs

5
Countries

7302 kB
Transfer

9779 kB
Size

17
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.fb.com/hogwartsisherefb

Search URL Search Domain Scan URL

URL: http://www.twitter.com/hogwartsishere

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hogwartsishere.com/ HTTP 301
https://www.hogwartsishere.com/ HTTP 302
https://www.hogwartsishere.com/courses/ HTTP 302
https://www.hogwartsishere.com/courses/by-level/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXP1q-Qd1JxvRSPA.bs3GwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1&google_hm=2

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqaQ-95FQxEdjqrZwkeDxQ&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEqaQ-95FQxEdjqrZwkeDxQ%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyMTAwNzM3MDc0ODIxNDk5Nw%3D%3D

Request Chain 116

https://fw.adsafeprotected.com/rfw/st/1627455/73523875/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2131671202406978&ias_chanId=1&ias_placementId=20487175905&bidurl=https://www.hogwartsishere.com/courses/by-level/&ias_dealId=&xsId=ABAjH0js2YtwSUiwOly5kUoGGlkt&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0js2YtwSUiwOly5kUoGGlkt&adContainerId=brand_safety_q_VzZd7-LqaOjuwP94ylkAY&cbFunctionName=goog_wrapCb_q_VzZd7-LqaOjuwP94ylkAY&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.hogwartsishere.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231206%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2131671202406978%26fa%3D1%26ifi%3D3%26uci%3Da!3%26btvi%3D1&adsafe_type=be&adsafe_jsinfo=,id:de746614-81bb-6fd0-be5d-177282e3bbc0,c:whdQpq,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-7v2b2,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tXUPcS3+11%7C12%7C131%7C141*.1627455-73523875%7C1411%7C14121%7C1413%7C15%7C16,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:18,oid:9d85dde8-9650-11ee-9380-8e147220b735,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 120

https://gcdn.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/42E7D5F5A664CB39833C388C55C2731AC6D5805E.7A82513830BD98CE3D8060CAD6962D55EB72AD/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55BD2B8EF6EFD2D4F58C5A867719B118A844F5AE.721DABE7EE520F93E4B905DAA890A13848BA3020/key/cms1/cms_redirect/yes/mh/bJ/mip/2a01:4a0:5a::9/mm/42/mn/sn-4g5ednly/ms/onc/mt/1702011696/mv/u/mvi/2/pl/29/file/file.mp4

138 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.hogwartsishere.com/courses/by-level/
Redirect Chain

http://www.hogwartsishere.com/
https://www.hogwartsishere.com/
https://www.hogwartsishere.com/courses/
https://www.hogwartsishere.com/courses/by-level/

28 KB
9 KB

296ms
124ms

Document
text/html

2600:3c03:1::68ed:94d1
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hogwartsishere.com/courses/by-level/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:3c03:1::68ed:94d1 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4184e1d7016f99ca0763314291a41c053b19a8bac3a044dcdbd549b5628de7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 05:05:44 GMT
referrer-policy: same-origin
server: nginx/1.18.0 (Ubuntu)
transfer-encoding: chunked
vary: Cookie
x-content-type-options: nosniff
x-frame-options: DENY

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 05:05:44 GMT
location: /courses/by-level/
referrer-policy: same-origin
server: nginx/1.18.0 (Ubuntu)
vary: Cookie
x-content-type-options: nosniff
x-frame-options: DENY

GET
H/1.1 200
OK bootstrap.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 185 KB
185 KB 848ms
174ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/bootstrap.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 76261f0cf1e114619e492dd9502126c189a3819bda96b6ab0956a61c61393a83

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 16 May 2021 21:15:10 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5e-2e3a4"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 189348

GET
H/1.1 200
OK app.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 125 KB
126 KB 849ms
175ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 067a944232e759ba3ecb8e24b439a85111909a3388151bf9bbc95cce4c85a970

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 16 May 2021 21:15:11 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5f-1f59e"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128414

GET
H/1.1 200
OK bootstrap-dark.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 185 KB
185 KB 849ms
176ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/bootstrap-dark.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: ea710d3643d7c8c5c4ca2a93079e33d0beae10cdf6671328f62959ccba6848e2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 16 May 2021 21:15:10 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5e-2e440"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 189504

GET
H/1.1 200
OK app-dark.min.css
burrow.hogwartsishere.com/static//ubold/css/config/purple/ 125 KB
125 KB 850ms
175ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app-dark.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 0ac41c47dbc6685c9e39788096a46fb155e0a0b63b56bfa6c07d05777144a8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 16 May 2021 21:15:09 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b5d-1f3ce"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 127950

GET
H/1.1 200
OK icons.min.css
burrow.hogwartsishere.com/static//ubold/css/ 389 KB
390 KB 850ms
175ms Stylesheet
text/css 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 4144e29632334fb2f188059c67c96f43d14796ffea4b844440d9954484afc24e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 16 May 2021 21:13:51 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0f-61519"
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398617

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cormorant:wght@400;500;700&display=swap

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70a6c4d63926c28d5bb981ed6b751acc071627cc85b48df0e3753107b36dda9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 05:05:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:05:45 GMT

GET
H2 200 cls.css
a.pub.network/core/pubfig/ 2 KB
1 KB 45ms
17ms Stylesheet
text/css 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/core/pubfig/cls.css
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:45 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1247
x-guploader-uploadid: ABPtcPqsFWF8Xtq9NpsxdZ8nXBlHgoc7ta1LE4AV5Uh7JR2TUzwjOMlQpOTlBOD5SnMpSvduo_5_LvIrjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Fri, 28 Oct 2022 14:36:10 GMT
server: cloudflare
etag: W/"816783146b3907e634d0e822ca759864"
vary: Accept-Encoding
x-goog-hash: crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
x-goog-generation: 1666967770269941
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-goog-stored-content-length: 2096
cf-ray: 832ab700b8c79bd4-FRA
expires: Sat, 09 Dec 2023 06:05:45 GMT

GET
H2 200 pubfig.min.js Show response
a.pub.network/hogwartsishere-com/ 131 KB
46 KB 24ms
22ms Script
application/javascript 2606:4700::6812:15ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pub.network/hogwartsishere-com/pubfig.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c7ef9d0a910ba3a7eb784fd8733865268c97143d426f1b569bee998df7bbf0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 40766
x-guploader-uploadid: ABPtcPqByiJhPF49hqPcc88STd-fYuD9j8KlArRHpFNQnh4TerjwFxRwqd7hcBh1o77Sq5724ItxhfHhTQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 07 Dec 2023 22:33:25 GMT
server: cloudflare
etag: W/"78862d2fcabf4b181235e53b669ede8e"
vary: Accept-Encoding
x-goog-generation: 1701988405804961
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=JwU9LA==, md5=eIYtL8q/SxgSNeU7Zp7ejg==
access-control-expose-headers: *
cache-control: public, max-age=1800
x-goog-stored-content-length: 134537
cf-ray: 832ab707bd429bd4-FRA
link: <https://d.pub.network/v2/sites/hogwartsishere-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires: Sat, 09 Dec 2023 05:35:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 48ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W8JV9KJ9MK

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2a66a9aed34c8a66ad7f65ebd9e2fc395cf4f3a144bb19c14a06f08a7b7eb20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81287
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 05:05:46 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 87ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

decabc2fcc0f80c5cc2febbab77b640f90ae09681a137077123f9ee5f12a784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51716
x-xss-protection: 0
server: cafe
etag: 9830620277274158860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:05:46 GMT

GET
H/1.1 200
OK face.jpg
burrow.hogwartsishere.com/static//fawkes/ 14 KB
14 KB 850ms
174ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/face.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 20a1ec59026619d78da1d6ea821a8830e632fe0f1c5312c31692c725e127c635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 30 May 2021 22:15:00 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b40e64-38a9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14505

GET
H/1.1 200
OK logo-sm.png
burrow.hogwartsishere.com/static//fawkes/ 51 KB
51 KB 88ms
87ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo-sm.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: e9a67c969c3bc952b413cb394d3f1bc233569aed96d8b71c5222e726de75fad7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:45 GMT
Last-Modified: Sun, 06 Jun 2021 20:46:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60bd3439-cb47"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52039

GET
H/1.1 200
OK logo_shadow.png
burrow.hogwartsishere.com/static//fawkes/ 68 KB
69 KB 89ms
88ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo_shadow.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 53b5689b00c27570b4124f51080a30cb74efc5a4b41986aed979e8ec015201bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Mon, 31 May 2021 07:13:17 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b48c8d-111e4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70116

GET
H/1.1 200
OK blank.png
burrow.hogwartsishere.com/static//fawkes/ 46 KB
46 KB 89ms
88ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/blank.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 92b4421f00f14288549a5ac6e0d9861f451d76221da13a17a775162037009c78

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 30 May 2021 21:33:28 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b404a8-b670"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46704

GET
H/1.1 200
OK vendor.min.js Show response
burrow.hogwartsishere.com/static//ubold/js/ 314 KB
314 KB 88ms
87ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/js/vendor.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 6a225a2413d51727a3b4535fc35f044137bebc005ec0cc8c66ee6a3ca7566f73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 16 May 2021 21:13:44 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b08-4e7b4"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 321460

GET
H/1.1 200
OK app.min.js Show response
burrow.hogwartsishere.com/static//ubold/js/ 18 KB
19 KB 89ms
88ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/js/app.min.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 20075c2cfe67e6d4e34cd1e20f00f8baca61043cc703869fcd7b11dec45ba367

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 16 May 2021 21:13:43 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b07-4931"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18737

GET
H/1.1 200
OK potterify.js Show response
burrow.hogwartsishere.com/storage/js/ 1 KB
2 KB 89ms
87ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/storage/js/potterify.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: dc62adf4113da7057c2c9ae71d462ca022aa0a6136de6e286265989cd2fc3eea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Thu, 20 Aug 2020 22:35:43 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "5f3efabf-5e0"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1504

GET
H/1.1 200
OK fawkes30.js Show response
burrow.hogwartsishere.com/storage/js/ 13 KB
13 KB 89ms
88ms Script
application/javascript 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/storage/js/fawkes30.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: bdebac216fe968e22edaead95a1004711d7c9fde77e93e81be2f53e9d62dd7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Mon, 21 Jun 2021 04:10:01 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60d01119-33a6"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13222

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
638 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/bootstrap.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39deb3024b64d67a27e79c3152ba16ea68026e8574fc9e4a3dbe1e291503ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 03:23:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:05:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
700 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,600,700,900

Requested by

Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/config/purple/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42b9fb690bdb0daa8893c7eaf592dc14b888ffd0641e65ed8a02848081d1546c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 05:05:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:05:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 05:05:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: woTpuB0MT4XnyYCAjL++rmo1NvEQs/jt5j8/uBflscmoE5c/KmPs9OiY4/qQR8VMbOWREAyCYKhkx8rPucYVwg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK logo-sm.png
burrow.hogwartsishere.com/static//fawkes/ 51 KB
51 KB 89ms
88ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo-sm.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: e9a67c969c3bc952b413cb394d3f1bc233569aed96d8b71c5222e726de75fad7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 06 Jun 2021 20:46:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60bd3439-cb47"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52039

GET
H/1.1 200
OK logo_shadow.png
burrow.hogwartsishere.com/static//fawkes/ 68 KB
69 KB 327ms
91ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/logo_shadow.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 53b5689b00c27570b4124f51080a30cb74efc5a4b41986aed979e8ec015201bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Mon, 31 May 2021 07:13:17 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b48c8d-111e4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70116

GET
H/1.1 200
OK face.jpg
burrow.hogwartsishere.com/static//fawkes/ 14 KB
14 KB 121ms
90ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/face.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 20a1ec59026619d78da1d6ea821a8830e632fe0f1c5312c31692c725e127c635

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 30 May 2021 22:15:00 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b40e64-38a9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14505

GET
H/1.1 200
OK blank.png
burrow.hogwartsishere.com/static//fawkes/ 46 KB
46 KB 237ms
91ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/blank.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 92b4421f00f14288549a5ac6e0d9861f451d76221da13a17a775162037009c78

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 30 May 2021 21:33:28 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b404a8-b670"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46704

GET
H/1.1 200
OK hogwarts.jpg
burrow.hogwartsishere.com/static//fawkes/ 122 KB
123 KB 143ms
87ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/static//fawkes/hogwarts.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 4687cf6d417887f52571a23d1452f865caf8a5d691577995834a2250a2ad671c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 30 May 2021 21:41:07 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60b40673-1e9a7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 125351

GET
H/1.1 200
OK astronomy_Ckf4qjB.jpg
burrow.hogwartsishere.com/media/course_covers/ 200 KB
200 KB 146ms
90ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/astronomy_Ckf4qjB.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: f82a58670983593c24a40a3f77c234502cdcdbacc350868e59530b53da348ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sat, 05 Nov 2016 23:21:04 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "581e6960-320bd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204989

GET
H/1.1 200
OK charms_ZBoDbCX.jpg
burrow.hogwartsishere.com/media/course_covers/ 176 KB
176 KB 291ms
87ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/charms_ZBoDbCX.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 5c430a931410b7f87fe65b9e1d7b9f1ce59b484e12f749b3c4d6715bbb6376d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sat, 05 Nov 2016 23:46:16 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "581e6f48-2bf56"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 180054

GET
H/1.1 200
OK dada2.jpg
burrow.hogwartsishere.com/media/course_covers/ 101 KB
102 KB 144ms
88ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/dada2.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: b47444d5f3e2f105e6af8a75c4cb467eadc5cb5d2353e30d3b389fc8d6cc5988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sat, 05 Nov 2016 23:32:55 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "581e6c27-19571"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103793

GET
H/1.1 200
OK FLYING_COURSE_BANNER.png
burrow.hogwartsishere.com/media/course_covers/ 350 KB
351 KB 236ms
91ms Image
image/png 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/FLYING_COURSE_BANNER.png
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 115c79a47aa3f879a52abc8063c07725740b6a2282c8b63647fc3bd8e77c4794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Tue, 26 Oct 2021 23:50:02 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "6178942a-578fc"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 358652

GET
H/1.1 200
OK herb.gif
burrow.hogwartsishere.com/media/course_covers/ 660 KB
661 KB 147ms
91ms Image
image/gif 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/herb.gif
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: add48fbf3aaa9f2c6bae3365d189b74345703b15ec6dc31040c1387c7662f4c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Mon, 07 Nov 2016 14:24:39 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "58208ea7-a5124"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 676132

GET
H/1.1 200
OK history.jpg
burrow.hogwartsishere.com/media/course_covers/ 151 KB
151 KB 209ms
87ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/history.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: edd8a5d24d64ff41fd0d6bf5de6d0f2ea253efc4aa31b3e85efc7a61d79ece69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sat, 05 Nov 2016 23:31:37 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "581e6bd9-25a53"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154195

GET
H/1.1 200
OK potions_J5YQA1O.jpg
burrow.hogwartsishere.com/media/course_covers/ 166 KB
167 KB 116ms
87ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/potions_J5YQA1O.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 4647e973849d5e0bb7b0eedad4e9f0721941a9d24487ff36ae28b340ab9e3d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sat, 05 Nov 2016 23:31:58 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "581e6bee-29918"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 170264

GET
H/1.1 200
OK transfiguration_WfYlMBX.jpg
burrow.hogwartsishere.com/media/course_covers/ 172 KB
173 KB 298ms
88ms Image
image/jpeg 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://burrow.hogwartsishere.com/media/course_covers/transfiguration_WfYlMBX.jpg
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: db0ef28259720936c3e10673c773962f5a6f7774d20f880e954816679ff3c530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hogwartsishere.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 06 Nov 2016 01:12:33 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "581e8381-2b154"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176468

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:13:02 GMT
x-content-type-options: nosniff
age: 28364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 21:13:02 GMT

GET
H/1.1 200
OK feather.woff
burrow.hogwartsishere.com/static//ubold/fonts/ 29 KB
29 KB 435ms
174ms Font
application/font-woff 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/feather.woff?t=1525787366991
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: ef3c47cb702e040372a3a4bce66d5e0ecc46c56325ec40f8c00b91da0d1d3f46

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 16 May 2021 21:13:47 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0b-733c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29500

GET
H/1.1 200
OK materialdesignicons-webfont.woff2
burrow.hogwartsishere.com/static//ubold/fonts/ 318 KB
318 KB 438ms
176ms Font
application/octet-stream 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/materialdesignicons-webfont.woff2?v=5.9.55
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 16 May 2021 21:13:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0d-4f67c"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 325244

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:46 GMT
x-content-type-options: nosniff
age: 368400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:46 GMT

GET
H2 200 H4clBXOCl9bbnla_nHIq75u9.woff2
fonts.gstatic.com/s/cormorant/v21/ 32 KB
32 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorant/v21/H4clBXOCl9bbnla_nHIq75u9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cormorant:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:10:20 GMT
x-content-type-options: nosniff
age: 24926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32316
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 20:59:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 22:10:20 GMT

GET
H/1.1 200
OK themify.woff
burrow.hogwartsishere.com/static//ubold/fonts/ 55 KB
55 KB 439ms
177ms Font
application/font-woff 45.79.154.113
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://burrow.hogwartsishere.com/static//ubold/fonts/themify.woff?-fvbane
Requested by: Host: burrow.hogwartsishere.com
URL: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.79.154.113 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1253-113.members.linode.com
Software: nginx/1.10.1 (Ubuntu) /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer: https://burrow.hogwartsishere.com/static//ubold/css/icons.min.css
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:46 GMT
Last-Modified: Sun, 16 May 2021 21:13:49 GMT
Server: nginx/1.10.1 (Ubuntu)
ETag: "60a18b0d-db2c"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56108

GET
H2 200 configs
d.pub.network/v2/sites/hogwartsishere-com/ 73 KB
7 KB 64ms
32ms Other
application/json 34.160.152.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.pub.network/v2/sites/hogwartsishere-com/configs?env=PROD
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 31.152.160.34.bc.googleusercontent.com
Software: /
Resource Hash: 3f0da7707f06c1071aa06004e666acb28ae6bb143ac90e580828205c714b925e

Request headers

Referer
Origin: https://www.hogwartsishere.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: https://www.hogwartsishere.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 8adfb573e280271277d37a5.main.js Show response
functionalfeather.com/static/513e3fd9872da98/ 68 KB
24 KB 68ms
19ms Script
text/javascript 2600:1901:0:7416::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/static/513e3fd9872da98/8adfb573e280271277d37a5.main.js

Requested by

Host: a.pub.network
URL: https://a.pub.network/hogwartsishere-com/pubfig.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

005c6d9033db7d1c50133baa06c8d9c1d727cc1bb6696516bc1546217d49f405

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sat, 09 Dec 2023 05:05:46 GMT
x-datacenter: gce-europe-west1
etag: "42ba8c1921992b782d6cb36d868f062509f7f503063c8944beb0291843c36cae"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-zg1t
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 1072352451
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 908496515906955 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 66ms
66ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/908496515906955?v=2.9.138&r=stable&domain=www.hogwartsishere.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

91f62d071223d6b0fedae02a86c4dc0af8f83bf3561a6c270c3baa2630769873

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 05:05:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 0Cgg9qT3r5d3USbneKUU+44OXDNxkp46lLIYjAObQoDTPu3rxxYtVBGYgJOWvc0nBtzalVLrGu3hKerau0L3ow==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 36ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-W8JV9KJ9MK&gtm=45je3bt0v9167133459&_p=1702098346189&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=550084752.1702098346&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1702098346&sct=1&seg=0&dl=https%3A%2F%2Fwww.hogwartsishere.com%2Fcourses%2Fby-level%2F&dt=Hogwarts%20Class%20Catalog%20%7C%20Hogwarts%20is%20Here&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2805
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W8JV9KJ9MK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hogwartsishere.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2131671202406978&plah=www.hogwartsishere.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b310d5197c931179032334dd012217d3e16d59eea4c34af9c1ef425aa99df6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137722
x-xss-protection: 0
server: cafe
etag: 9190441536172582576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:05:46 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 62E4 9 KB
4 KB 34ms
10ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 21 KB
9 KB 81ms
15ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:46 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 16 Dec 2023 05:05:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=908496515906955&ev=PageView&dl=https%3A%2F%2Fwww.hogwartsishere.com%2Fcourses%2Fby-level%2F&rl=&if=false&ts=1702098346383&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1702098346383.1062159065&ler=empty&it=1702098346263&coo=false&rqm=GET

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 05:05:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 36ms
7ms Image
image/gif 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=pqxovk&adnum=492471
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:45:23 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7384824
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: CUcDdN5SBeP4q5cHuM-FG0IqxrdaQaMoG5TVun4OM_Pk11b_F4tYyg==

GET
H2 200 rules-p-8d90tFdtzPf6a.js Show response
rules.quantcount.com/ 160 B
641 B 44ms
9ms Script
application/javascript 2600:9000:223c:6200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8d90tFdtzPf6a.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:6200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6edd8bca9c24a024e784d9868170abd8e13f73866848a9059f366afc2069dd70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:47:51 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1076
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:48:02 GMT
server: AmazonS3
etag: "4a2cfa18efd96f414af34b4d882a1d05"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: TmwKfxRUga95m5-car7qL2rEuZ5nExqlna2EbPuuSUb7CgTOrObigA==

GET
H2 200 pixel;r=1434018844;rf=0;a=p-8d90tFdtzPf6a;url=https%3A%2F%2Fwww.hogwartsishere.com%2Fcourses%2Fby-level%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-19...
pixel.quantserve.com/ 35 B
371 B 25ms
14ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1434018844;rf=0;a=p-8d90tFdtzPf6a;url=https%3A%2F%2Fwww.hogwartsishere.com%2Fcourses%2Fby-level%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1936006810-1702098346460;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=hogwartsishere.com;dst=1;et=1702098346507;tzo=-60;ogl=description.We've%20opened%20up%20our%20%3Cstrong%3Eentire%20%3C%2Fstrong%3Ecourse%20directory%252E%20You%20can%20now%20explor%2Cimage.http%3A%2F%2Fvignette1%252Ewikia%252Enocookie%252Enet%2Fharrypotter%2Fimages%2Fe%2Fee%2FClassroom_4F%252Epng%2Frev%2Ctitle.Online%20Hogwarts%20Courses%20()%20%7C%20HiH%20;ses=720803e7-da28-43ff-bc00-97ce40fc1925;mdl=

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07E5 160 KB
41 KB 782ms
781ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2131671202406978&output=html&adk=1812271804&adf=3025194257&lmt=1702098346&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.hogwartsishere.com%2Fcourses%2Fby-level%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702098346328&bpp=3&bdt=1280&idt=274&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2504060600202&frm=20&pv=2&ga_vid=550084752.1702098346&ga_sid=1702098347&ga_hid=278357185&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079265%2C31079864%2C31079865%2C31079920%2C95320884&oid=2&pvsid=1329038092762411&tmod=1829133352&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=302

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2131671202406978&plah=www.hogwartsishere.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36c2664e072cdddf8c2b1e7202c00c2d1df9050951d2d1d3dbe55da453d5eac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42185
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:05:47 GMT
expires: Sat, 09 Dec 2023 05:05:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 f0c3879e30ec529461c54c2af61a411be58eabc3fbbed Show response
functionalfeather.com/u/2a6ee3a48/ 303 B
330 B 43ms
26ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/u/2a6ee3a48/f0c3879e30ec529461c54c2af61a411be58eabc3fbbed

Requested by

Host: functionalfeather.com
URL: https://functionalfeather.com/static/513e3fd9872da98/8adfb573e280271277d37a5.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

f06bca8dce046d046398296a9f691960175f29b9c7a80a5c8f3ae795b7af6f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 09 Dec 2023 05:05:46 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 303
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
x-hostname: fen-hoothoot-europe-west1-spot-zg1t
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 09 Dec 2023 05:05:45 GMT

POST
H3 200 dc27c0dbf39cbf135c22e3f6eb5bfb63ef5ddccd1f8cdcdf495cd2 Show response
functionalfeather.com/ 3 B
29 B 19ms
19ms Fetch
application/json 2600:1901:0:7416::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/dc27c0dbf39cbf135c22e3f6eb5bfb63ef5ddccd1f8cdcdf495cd2

Requested by

Host: functionalfeather.com
URL: https://functionalfeather.com/static/513e3fd9872da98/8adfb573e280271277d37a5.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 09 Dec 2023 05:05:46 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
x-hostname: fen-hoothoot-europe-west1-spot-zg1t
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 09 Dec 2023 05:05:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 72ms
55ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94b5662dd0dff520b9020080f473c23437fa4d16dd300bdc836d4c6db8ba11b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12252
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 160 KB
55 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

662b186f2bcc40ecc658a7c6a0e3941f759618b61609645854bc19cf943beca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56001
x-xss-protection: 0
server: cafe
etag: 7515663865549759471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:05:47 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 05:05:47 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame A412 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 15:21:58 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 15:21:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 4409 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 15:21:58 GMT
etag: 5585625838579639069
expires: Fri, 22 Dec 2023 15:21:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame A412 4 KB
671 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 03:21:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:05:47 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame A412 16 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:00:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6784
x-xss-protection: 0
server: cafe
etag: 2582286893585073394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:00:08 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame A412 22 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36480
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:57:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 23EC 624 B
246 B 48ms
47ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNUanI2j4rbDF1VOOrWmEnw6apVxvM213c3byV8-h9usZBsRNrkTO4HIpRutdek3NYp2WcP6kbbQ4kv3XS6HqAkRs8JnP-bj36zEMeZvo0m37ffYyCan4qrCZ0cxXV8CHGIZNDVSsVypbj-In180l7wTtJLuR_vcYkRSEeR-FQkqHFg1G4E

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:05:47 GMT
expires: Sat, 09 Dec 2023 05:05:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EC26 89 KB
31 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:05:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EC26 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:18:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 21:18:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame EC26 20 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EC26 202 KB
61 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62114
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:13:50 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC26 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBOWLLZxLoQLCrhiFxTjjwCej7VUvMvc5WtV1DARR2s2N9LzTiiiq9uqt-e-88xcVAxSStZBZV2sFEdVYnG3--dyUOTpuu459d3OFLJzL989KneOs

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D1F 13 KB
5 KB 10ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 23:42:12 GMT
expires: Sat, 07 Dec 2024 23:42:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 50CD 829 B
1 KB 41ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fd415f2167fdb63d0af74ecfb5e4f247da14ff0a77402e10f53092f3540b6fcc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LbDpXj2rZMlTk-9JU6Jf3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-LbDpXj2rZMlTk-9JU6Jf3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:05:47 GMT
expires: Sat, 09 Dec 2023 05:05:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 830B 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36827
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 18:52:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 830B 8 KB
750 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 03:12:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:05:47 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 830B 15 KB
3 KB 30ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 830B 376 KB
131 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368395
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:45:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 830B 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34357
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:33:10 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D1F 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36922
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 23EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1

43 B
340 B

20ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNUanI2j4rbDF1VOOrWmEnw6apVxvM213c3byV8-h9usZBsRNrkTO4HIpRutdek3NYp2WcP6kbbQ4kv3XS6HqAkRs8JnP-bj36zEMeZvo0m37ffYyCan4qrCZ0cxXV8CHGIZNDVSsVypbj-In180l7wTtJLuR_vcYkRSEeR-FQkqHFg1G4E
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRVHl8DC3m%2BM9kLp49K7c70tzhxolxGkfLlTFtKAWTE%2FO1tQyQ3Jc2cp9TJ%2FmWTzfRaCcTEjuSXtSlwETjVgBHF%2FLLuyK%2FEwSLH85D9ZbBAFTi9VGo6e3bRmCJ16lrlWkV0GJENVsJrs9A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832ab71159d22c4d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 23EC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXP1q-Qd1JxvRSPA.bs3GwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1&google_hm=2

43 B
775 B

31ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNUanI2j4rbDF1VOOrWmEnw6apVxvM213c3byV8-h9usZBsRNrkTO4HIpRutdek3NYp2WcP6kbbQ4kv3XS6HqAkRs8JnP-bj36zEMeZvo0m37ffYyCan4qrCZ0cxXV8CHGIZNDVSsVypbj-In180l7wTtJLuR_vcYkRSEeR-FQkqHFg1G4E
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xK385E1G2TYW60WMWKmOo%2BaDcXtuC7HNtauijsl3TDyAF4Q8rsCkIy1RRWruaBYENHYAyYed%2Fy9Zj8MwqMel0d%2Fk8%2Bwn%2FbwEoN%2FVdCYfa7PBUwZKlD3LFNKO6wLY6FRwt7%2Fjay7zdwDQsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832ab71199215d98-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAhIXc7pEgz0DNqR9QKxIbg&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 23EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEqaQ-95FQxEdjqrZwkeDxQ&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEqaQ-95FQxEdjqrZwkeDxQ%26google_cver%3D1

43 B
894 B

24ms
23ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEqaQ-95FQxEdjqrZwkeDxQ%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNiN3_QBMAE&v=APEucNUanI2j4rbDF1VOOrWmEnw6apVxvM213c3byV8-h9usZBsRNrkTO4HIpRutdek3NYp2WcP6kbbQ4kv3XS6HqAkRs8JnP-bj36zEMeZvo0m37ffYyCan4qrCZ0cxXV8CHGIZNDVSsVypbj-In180l7wTtJLuR_vcYkRSEeR-FQkqHFg1G4E

Protocol

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
an-x-request-uuid: 5387f750-5626-4815-a531-dfb300ed0992
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.201; 80.255.10.201; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
an-x-request-uuid: d52d9437-6a2b-4065-a5e8-5f47ed20ad94
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEEqaQ-95FQxEdjqrZwkeDxQ%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.201; 80.255.10.201; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 23EC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyMTAwNzM3MDc0ODIxNDk5Nw%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyMTAwNzM3MDc0ODIxNDk5Nw%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
an-x-request-uuid: 71b8c88d-7e38-4860-b9b0-726c421cdecc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyMTAwNzM3MDc0ODIxNDk5Nw%3D%3D
x-proxy-origin: 80.255.10.201; 80.255.10.201; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 830B 0
234 B 1063ms
371ms Ping
image/gif 2404:6800:4002:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpxleqil&c=6488722394485&slotId=3244361197242.5&qqid=CL66zLrKgYMDFVGmgwcd4DMJOw&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 830B 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cl1p2qvVzZb69J9HMjuwP4Oek2AOP95XDdL7S58OIEmQQASCJhbaHAWCVwoOCmAfIAQWoAwHIA5sEqgSMAk_Q7rVqJtPNGh4hsn_0pfG8yn5fNKihdyYPe7CzOxqreJzICRres0fRduq8BenwGT2GOkFRFsLxdGnHPlYrdMbyJf4SqszMOHQ4xs3fVYOUT2DuoIMXtVZL_hjuPnicbozeypLeN7BJuKVBAJhF0IxN1jm-y4oP3jc3vC5PlnRNZyQkSQh-IKLa5oF41Af65lQzctwxV8eqCVfICF2aXdpiSRzEcolrPQMmAe0rRsAqHrg4CRtOvSfOMOV_TmEUfeqDE2XYrWYG9Usl28L-FZ1AQE0HTWasciINT5lS9qhVCOneKRzBAdL4v5eDkhMeVBUoZINsxTy7RFzj0X0PVe21jIYCnpfwMiY1Fi3ABN-HqsXJBOAEA4gF_r-WyUyQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYxJ_MusqBgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQC2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1702098347716&ai=Cl1p2qvVzZb69J9HMjuwP4Oek2AOP95XDdL7S58OIEmQQASCJhbaHAWCVwoOCmAfIAQWoAwHIA5sEqgSMAk_Q7rVqJtPNGh4hsn_0pfG8yn5fNKihdyYPe7CzOxqreJzICRres0fRduq8BenwGT2GOkFRFsLxdGnHPlYrdMbyJf4SqszMOHQ4xs3fVYOUT2DuoIMXtVZL_hjuPnicbozeypLeN7BJuKVBAJhF0IxN1jm-y4oP3jc3vC5PlnRNZyQkSQh-IKLa5oF41Af65lQzctwxV8eqCVfICF2aXdpiSRzEcolrPQMmAe0rRsAqHrg4CRtOvSfOMOV_TmEUfeqDE2XYrWYG9Usl28L-FZ1AQE0HTWasciINT5lS9qhVCOneKRzBAdL4v5eDkhMeVBUoZINsxTy7RFzj0X0PVe21jIYCnpfwMiY1Fi3ABN-HqsXJBOAEA4gF_r-WyUyQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYxJ_MusqBgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQC2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 830B 0
54 B 1061ms
378ms Ping
image/gif 2404:6800:4002:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpxleqit&c=6488722394485&slotId=3244361197242.5&qqid=CL66zLrKgYMDFVGmgwcd4DMJOw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.uc&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 830B 28 KB
18 KB 104ms
52ms XHR
text/xml 74.125.71.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dv4SYwJOMQWcJAPH3Nb4kN8lhY8wcIzz7_rSU3TjZ1kVjWYP5Lrsz2Q5z7eNj9-Zp9oJNFDswh5Evvt2pA0Tb2etBcPA&dbm_d=AKAmf-BPxM8YAerqthvuJJLurxJ2rRKxN5Rh7i_UEKfvXLDfkx8xuiNZxsSImCfvmm-ygU52PHnl7vWqDqZ6rl3_Jk51hU7cc80owR_O0jQ69SU4X41LOBPHHaaKUAvhCiOZvyktVSsQs1uUgXwz5mBceKLV1Rr4qQ9PiRJd9y9c2x_lO-RZp87u_W5UtheTpGXRa9Zj8iyyYxM9ZsC1q1azc72oGWqtFQMcrXvzN9h-EjME2mZ_ccwM7vliVDH_HOc9r20q9g1O2VQocW9ic03t792dXUQT6rvj_ieZOjj9ccK1h1788LyreqeB9pLm33b7f1_LU-XoHeRSTNlzbTT9LsXXPF5acS0lu9uuRBvxuk6G6vS8zaJjfxnP25zmAEOZSAKYLPSGD4OkXzFBNm9LpGEtRRZvP_Vo5V-RNE4pBmQaWr525PiF7BJweF22bJyE2vcCXzEojovhsRI3tlUyxq-aCPYvgMQVnnVeS6FtGrzT9NvFI4E0hgSoXohr4iY2P6zvqqVv8ewy0EgWIZtNl81PGCmsAuxPmdvLSI1OklX5a59sjvD3FhF-yE2rpIytPKQ0rSrYFJLYdPJSkTlc87vkkyc_MmhiK52b5gHlhzykGT7-8pgIpb4pudNZ9xwYKv3TiYfeMKIvFe8f11bjzH9OrkE7zgBrcE9VS6Rkx62QKzWKgfsjk9MgvQ3CbxzAIGDy7qiJn206fub_eVLDantCqFXojVjue1bMSBaKwQ4-_YOwY2E4AG0xK-HstIlXATgEfFjCr7RzR1YfPKQDxPPe11c4lsfknzlbtdHGYjRDMYDqLVfdKL-XV_fJEslTccIJzxYgKqYU6rb0SflcW-fdvumhm-C4KWNzzTdUrnFSsrVx9kzYskOmuAAXsxBJMxddgJsqJCJ27b9KXZJFkvL2tY2sV4dI_s8uB2I9HJBUx6hWGS_IzpT_lYRCjv3XB2MASSALr_MYsFi_tuWcXriRTCjF3GIxHovnAV7Iaznlp39wNBGA-ToBNB893Lkid_ka1cBuIFQ54SwQTkFuN07gi_-tDEKM071JCQa3NXONo2h24pd3HWE8_wKFVa7gnVcP22Eex_6bEr_iYgkwVp0zq2LcHSQtYPCQOLsJqv5Yw-e_uHz1TepGjSTvJalsX3DCKwj0WFfbjTqi-NMoRtGTXftQtTERx9EpV52ZHYNrBHS5mpHBWv-HvO-iS3-EHwQ6y02Yif3BrXE_eHnt-JGcLUdqfjGW4jU4QWDvL4R6NM099xOm59RkTtX_HqtcWbvJxy_NMTbYcoNi8Rur40EVEde5LlBVFrFHmUsFMb1o3UPr73C70QJMluNSwNYA05_ZWMOtAFdZPU_zEeSUSTnMW7XIDLaxhnt7yflx8dmlhOYB2Yf6gGIy6D0Bl5aBWiOz3feuf62afu2cxBgVHCXFuI0d6_gWe0ZUbC_Q-Iux9ZsEiHiT-iIt6chBILIegf2O4f8m1WIPBAH63_dyslo2jw_Dt58N2t2tV8eKjfzW5nFIrh4ynjSieZ4EoARZhqPC0Zi1GCcOJ2kAYWJp2oMqpp0HEo9hNafeNjIxaiawoJ05hEFTclmL9hbq7R7oLKPoCCjGHWjk02t5Kd2s5PefmOUcNc6WaRgV1I8Qf99dhn5qytBd8BoqnijZSvx8Zq2cJqjaKrVa2O4DS7m-covcyiQaJ_vlT-v_xsNRe3DTkZCHZBaWvtlZL3BA-dSYyil-oRfVDXfEiodLG-S-UEp1lwpirUE1GKuDQ4E5l5i19gtwzF_5nvv5_L6d6q0c0PY0CXmEyJObR8BEemTx-x7-m2i_jWsVXxybNSSfvsdt-XB1fHGEs2RowOFu93-0yLnFSBcVpjPtnH-AD62MR1NSRIAr0PeSOb-itO_U3jWnJA77L9v-gtod7G-prtO4HFnZ4u80maVSAgLIPQvaJJf3lIcUPeVAWVrbq84BqWUBZEQufty4ntkwgffl14VXqjpJ-7gvEEIqccg5O-axWlJH9ssu-6SMrn7hO10gFpYVGnSOxX5e5wW5trm7aO6QaH8RRZxqq6GrNc4XMTO8bGFVHuhe6seuMURyK2G-0t9u9HCpq2wnXPXTGKzfmP2TWS2hYVfGe3Y5C-BTJOM931OhmE0bJNWix5xgljwQtPTsHbU4STlrZbmVHljfSZCk0vBsUqxVR1kySG4Vuz554W6YIQTcWy0zUPwPlhc9VSGTnQaa5o5zztorKcMWkZ80AfX52YZ97JA7iG9_ZLfDoFJPC3VGIaGoBJspHJfVq0EO4c-VXxGcXlxDlKAKZ2PyzV3KVUOpHvQZFGW5Ja4A5gr_7V97QZcr6dOmTVeFMLtMMVhEW3zSQy7TVH9Tm9WHRwpu-NAWq18EgHwHWnCcvG09HPP1dZssyWYzM7gzAGHcQxjVWTg9wBbtKrrwJj7Jp21yZvrJRK_iNXKhLeiC0Odb0-oeGtIkstkf77O4d1Jw4VMw4oxR4dAFPW1PoxM3ZvcMbq7c-MrkVQ07B9ZD_LWLK5sG2I08XcwDgqo5mNHny9K2d63cXUahtvlLMOyVPnrrTdzK-PL4Y6dlqcTSE01JIsSvZyAkSsNfmJscurDhrBN0jlzvzniUOy4rWRpY338Jt108ns9BRzc9LFQBNNpEbvlwOuQUtZpIf9n5cZJ-kEyTP-b0fx8eQV4oDQtNweZ6sNN78-R7a_m5aheu5EneksXK90TsANX8B0DwWqDoRfeD6cVURKl_3QCjkZfc8Fe9zqkzBWCdjQsPVxdyu4kKgKvzlFOPGJ08oMXjqB88Xq0uPGhbRgcB7Ut7o5Do68Z_GXfzA8zmxouJDwtV9gnjFo0t8Q4pOBPoIAZVm4FhuUIvSxrLcM-WuGXJ52x4ijHwBjfaIwoud_zJLjjxHA5iVvX48XBe1cYN5ms9syk47-Q53321ozkIasDeAjeY_GF_5w6AOhBRHcQOrv4lJ9PSTvgXhoTDLg-aLZJ1DJdn5tyn5yB1v-VPogF_wZjyYGvYjkALvkG8jj7AFlZ0IRybkN0EwRXrL6YziZUY-7L_AMMhnZT73Bs_Xbb3DUC9Nn1pQ1GKjgIIxYqAoqGswxeiSyqTme3AnOtsvq7926MT40hA9GBXC93EnjZY-Lwt95k171TRhYDty6M8X3ZCzQqS-cmavhMjUNRbSOx4yfdT655_HeyPltORkgwoeVkkcnDNxG3dAANalPl_4YXQ5gz_YBaqWui5_2HTzA4IH64WPlokUWSvTsivkXnIGqdIzpFcQazeN7ZSIGLZ9oFKOyz0ALTnE0zm24dRdQoakZr4GCIe8UmZr2eixPoTQLbBMppdk2fxNcf9hIbjQl7zuat0n5uJovwSp_AyaGQqrtBroS5OMP9lqnEdeLg_3ELX6n-k4Ijtcs4zfzyG4seNo32SbH9kfYjg0nFFMduVT2qYKZlFgYWkHmmNN_i_hcHL9X1JwFcyvxkNclXpbX6GQBwlcLpMX98z7yjMyCByr_ERFwOSPFIZkA-AMb8g7RVl_97mGB2hRbdGjTXWgmyQgSRF6Kyf7tzZAh6C3LXPzoZ_YEkPhMV9QoEOg1xHfsIC4Nynsw7TGOhKDqj9Yzm_WPVQ3Qm3x6SeHX3vDMTg3BkFS4iBC1_O1kNo2I-_HFz1Lpay6FO0wAkzO5snhrkr_7QYUeuehwiFF1J1iVgXyLHET-tZ1cb_CAoskJU7uLDz9L4YivC6taI59xQoDBv8U8c3mP1s-LpgH3OIQY_oJJHD-SjpJLb77SQBYss-VCDV0X5_0abeZ1aZS3dZvX0tWXRWpQOnH3qHT4MfuBO07C0_9CSeN733tZQkcnTXNsT-P-juPSNw&cid=CAQSTwDICaaNNhTg5rxfAVBFrQGHjnJaAjHbleJFZCwUjZb6-RWIDYgIiLzETO602_Vw8jTY6QHtTl2gcrd8IHq7GRx3_uJ_ytJD9OxH1ngEJmcYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f154.1e100.net

Software

cafe /

Resource Hash

210db7c826b13b11d6bdefe305bfed13a19639f338ff978fb21791603176a93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17564
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 50CD 0
0 42ms
41ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=1329038092762411&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

POST
H2 200 52e2478ab8f0e5a3aca0de792cbb6f2d43d6de7
functionalfeather.com/3ff4efba9423081/ 2 B
332 B 16ms
16ms Ping
application/json 2600:1901:0:7416::1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://functionalfeather.com/3ff4efba9423081/52e2478ab8f0e5a3aca0de792cbb6f2d43d6de7

Requested by

Host: functionalfeather.com
URL: https://functionalfeather.com/static/513e3fd9872da98/8adfb573e280271277d37a5.main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 09 Dec 2023 05:05:47 GMT
via: 1.1 google
x-buildnumber: 1072352451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.hogwartsishere.com
x-hostname: fen-hoothoot-europe-west1-spot-zg1t
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 09 Dec 2023 05:05:46 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC26 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8484254591466&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC26 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8484254591466&version=m202309260101&ct=76&x=1&cor=14983444485314454000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EC26 110 KB
41 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae3q4c6vZDAV0vrdgcjI5J84_A-P57Mk2-t_TbKLClOqLqnrSMYw0OvssDE2-5oE98f7KvjktJ6CE3B6HICJK8XvRMF684q93OfUNEPPTrnD_KBwY2kdGvSs4NFKQIUQEShvNPG8rHOHMRY8Rg3kUbsnEyFZGTIXkT5VFjhkt2tFIJYBA&dbm_d=AKAmf-BKMZR_70iEKTYiMtmGfJ0WKx-rrdcAJKgxPsC6qxo7jtJ0QcGBit8BuUdT9gVpZ09BTveme47PcwbjPYtbicV9rcW3LGCnwf--iWdS9mKfE9KZUVGqWnVhXQdt_tGEkc40VOBxVNnDrDS7f75A_PoFXLJHQtsfOqgL6jn6dwYHDw3j9Ob5xF-LwfMleCEAr_SMOUlZ8uGp3Rw880ceDDG8cKGIh2-2ebXoyhiGeNKbiFysqB17AaslLBGY9cea6tFYllOqqAmU0M37WmWR8QqDLRPNCoZoV23WJweciyja-kzILa9ObjZY899Ornj0Nh0U9KjoWyL2I8Y8R3eKooVrwg2OAKxqOpDpGXh32QlO61bQJjzn_76FcJiTX8JS0x78y3PBsU8wCbzwn78QdWE58xEBNKjNa4LT_bWVd0XxQa5Npu5wuhag5SN7ton7RxluldJeUPVnkAm-LOhzqeID2CVm8-6PXgqSsOqUv0iy-29MJPIGMfwCXe4jULnc2wAy6P7o-2zYXK45zZ3FUCQyJM_QNYFhZKdFUC9iQU_diMaBDfr18Yueap-9NBW1gRWB8_EihZVlpWYU0i-wnFK-QMFunMZi7uKXKO2i9m0-3jAQYL9OSa0C4G-pWnRtkftGfMuEgaqLbr7p-eJbiIz4LXBL8P6fXd5eTvoNtUMj3z4yxKgTUIEtC8PoQw8TxKi1GyR7EIUYVjlg8N0s1bFwDnpCpMUbicCwzFAlEeDDkFS3eRJGq7rkfU7eYVtKfTIbdynHB_Df-RK5EvC3cz-6SWI6im0LEaIJb_YvF84OHcdfmIDiKWD7L8A9nID_-rXLztv5a5MCUjS2BsciQujEXXHdPz3nWd1g6uvgAq_51THqpx4RbhS0KzWDYU7D44Jl_9CRPt9uSpHlDa1cIdmMrYqlGkrhvDfsGWt0rlCbbUraE5HoTQyBHsvPgfV4W9Qu8Uzf0IfpA_GrmYfkbgGUWzc1bu3XCZMVpCaFKSAY42Y5XFL3Jtxs5Y9Ut9jgkN7gLbP4I02IGdvWNFoEU_uEKOafaFios0RzAeprJ9RCqwc_1DUQiWhfYu0VF5_KVA8TCB-hQZ_p1sw2mCCvLbSwcgFTDOHOGRwaH2Ak-E1KhWzXYQfrR65-2blOZjGXim0X-tNb2qRNMzi2nDLvifL50SZKNJwsDD__0POfinaO-NbQGzUx53Ij4z7oyngvyO3LjqN3wKntyjD7Bc39DFweCi7sZ69Y2I-jio_LaiyOVmb3om9zHQatVw3izIrA79XuDKF8hTS9UY_JAXoIItGhcz-XlQjGMdJvq9dZuEcAT8TqqaxAJckzsZRS0Ce_l9TaL6pE6PL4hAG1SSl4fcbcGlOWkchiefG--JIAvA-glym54HtA8sn53Q872faadckWC3gvA9EejZf_KPq2BJOMI-QVQqx4z4pNHTC-qs3crVF5v6u3QTqf9EY0U8iLXRk7eQQ0GG4NRC8Pthqo5mw11alVsM8UrOlwgTA_hSJPk9VovDfrD5wF59BoztQKmcJKRtdbFoGMYG4gIXBVDGmOQu7Np1hbKdt0DEYpMu51YF8QksN1N3oCOxTeqtYpqlrPCZLCBNBmbiLy22oR_WElx5n5KO7XjQjZwUCso5XdjTepIkRR-bx1nYTDrrhVp1r0CFKnn4K8zYQnspGFgODbCVcmLoifhP0KJwmfRUV2Vx9cYv-LwTn0LKKuyqp2HBTKx2mFrLSBweR6pdnFOE9zB0_92ubtifBdlR__Hq_JbOVssrB4aTJSLNUtBJCr0Sv0WSp-SlN_vwxCmETbjZcRPU8acPreDdnGZst5TSZOua5fVf2rJPrMEudSWC5mF0DDXAzEIosnL_mcqErNxFgLLCJgp2Nm7fpeyYiiLmjbqhIvbneqO9CD-wPX_QoEuMGylfVjDaHM30e2IvHOQjHxfUrE6iwOXgW3L0Dd1VO7GRBVIFOSYdcjuVhoMHQTjgDmLNPDfRFpCLNBNczjzUX58qFs8o-x0wGnEDcpUWhud3piNLOVZXO1fQol99NYWL2y1s7GZ_mm-sXnZi4x3F4loRCTH4I3l0d_jHeWMyP2Vt_IImLJq5wv7GOk_gTLezDPh5y73W0VOOcqlZiyxoN7bLSFcwdnZTBsqwFNXL5Yl8B3R6lsAsI86Jos54cUq2U0RyAmODe6VxWlwQK2vliCMgO02XbehDky3bkUbOrqAcjxFl0LI3ODP5eM5xQ4_0lEfXzz3No_PS0wBiVWQzEQAYjP6wdumlQCaKwJlXGa4On_WOjSevcHWXxl1bzeG-yJc3Bgr_ElM87S0rZ3zfJq_6pOdn_2zfYyYVQOyIOGMOFjTbGnK90_lttTC_uL1dYzrc_Ag97NiAnpk3WvHbTsQ_3cRgxjpSeQRzHNjD-gerpCsmZYEVQsKif_6b1d6Q_Tqq8K0MqgbnTnHCHBiG33vRmU1OZQ8r7VwPyPrp1_N-qenH0od8TrRKCAL22Z-cS8hHMBuLq-weCgsAYMF932MDaU8J03bJBHMpbO06MRl_JyG-4MHviTIi2jszGP-LjDeT7xYkJ7BpFmv8H0JxYmBpPzaadBvO0v-_AFBiHndrHYhZ5Wjw8mUk02AB63or8tiswfT_5b2ksFBysDf_yrZLRmLJZOSqhZtzKmKZhS_4JLHmJZAaP8FnR8NFYlMEETByYgkP3T_IhNbO2-qXiQUYBxgDogi09l6LoXivemr3syzzdS3sKp4dS2yEGuIfAn5C7s5wELXPrxVTLaTgYAaqsliyI3tjfMQV31ObktvXm-RbPD930E4e30kDvBtQ7QVATxMrnEcqcAvwzOkGz6ks7ke9FLZo2mGRElqFJRQa0mOmi97UYoT1ndCmG4ORju6kSqgBoUfjVhL6iMQWxe25IWpqIDRYo93eUZAGtxRqIN-CAiphjFUX2LzT3JojcT0SjL8gaexBsuRFRAAA0upJVh1dQJB9RLH_UR2LAAnt8DBLHgz96KS8lNBYl3leBMwn_QKs1xJ8vhbDzAN5InXsvAgq5kf9nx5EikA5q5MrzJPrE-56NI3vJTXF8olImzmD7dnWQ1Da96w7Sood_eWdV7OOX4huZ4Xg1HQCqbNQMLzwq94vF8jY4bkrH8oRMLb5I68HquuYPOc1DTyOAgtBf7w82_VfSWSkMNE_p5cF_xongsJU1JiQYAlzf0bq8WfFOrfx4VI0AnbdSWdx_krzaf1oEfx9EOOngkAaqIE1p1PRAZFwPqtoplp48FuduZ3qLM7YZN-G2H4IxQpkIJy1JMwOASbUMxD0_nNiFzTcwasnd9rcqaCSYGSt59MhFMOo7GkJR5zmq3evmkKfigFkMYvC-prDq_emHq2dBkm-Cbt6zKLqRdtYU2OeeirwTdHmAseT12dIcFCl1yWLEoTOvArs3Vl8PmeM_plxf72oxfk9GP-sWV8rXOYduUsW5AnV_QHAAh5S4NYxNSo5ABq8Wbm-aQ5BXqnnc3wbzgDHpLNSI7Vo5LNjuA249dJOw5BIJUJLSyvfsTrwKcsUcR1bSEGC-lSZmx_MzPydpQ8jB2i__4P51hSAuzOH27Q5jqfO71iO4xuXFnjR6cdf1IdQkxeBnSGNjY4GRSnqA_1ayIOrIvU-5cKf7Es3--FVFe5HJFrViXyMWN3LRNPcYJYFBrvRIaxrj3xUBRZbdKJqrvCpN8B6LL3vir91cnC4S9VeIiVtm6-WGCYCLChvyltWbnPQ&cid=CAQSTwDICaaNNhTg5rxfAVBFrQGHjnJaAjHbleJFZCwUjZb6-RWIDYgIiLzETO602_Vw8jTY6QHtTl2gcrd8IHq7GRx3_uJ_ytJD9OxH1ngEJmcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.hogwartsishere.com&ds=l&xdt=1&iif=1&cor=14983444485314454000&adk=497053792&idt=107&cac=0&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f32ab088b4a089cb616aa494a5c83a3ee0baea68091ec0a82b45cc75e225b472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D1F 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?73_nzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 830B 0
54 B 942ms
377ms Ping
image/gif 2404:6800:4002:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpxleqj1&c=6488722394485&slotId=3244361197242.5&qqid=CL66zLrKgYMDFVGmgwcd4DMJOw&fb=outstream-lima&vast_v=2.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
vast.doubleverify.com/v3/ Frame 830B 21 KB
4 KB 81ms
22ms XHR
text/xml 104.18.36.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.doubleverify.com/v3/vast?_media=3&ctx=10242044&cmp=30443038&sid=5513185&plc=380566222&adsrv=166&_redirect=1&psf=0&_vast=https://ad.doubleclick.net/ddm/pfadx/N7657.3553448DISPLAYVIDEO360/B30443038.380566222%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.hogwartsishere.com/courses/by-level/%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNzAyMDk4MzQ3ODA3CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdlFSOC0xQm9xR19TUW5TQ2JKbXdEZnVDR0VMTEhJMURZZmlzZDVoMUV2Q3dURkpnVHRuU2o0WXdBQWdOYTRERk1SMGlyajBkT292WkQwYk1KWTFheGlteG0xakVnMGNnU3YtRC1DMmdsbkNhVTFCQ1RodWNVV1FaSVA4YTFHUEpyTWZ4M0dsQzhHQ3k4a2tLY1lSbTM5elNvbTVGOVBEaG9RY0VoTVZaRnNaVERSejNOV1lBaXYteExna1Y4Z2YyTEluZHJ5V01fYUE5aEZmOGNDaHVOM2hidE1OMkZMZzNDdkl1SEJGemd3cVQ3NEt2NWpEMW4xUWtUSTdsSEVwZFVhRExoRTY0bXJPNHo5MjRLNDBuNE9qUUF6TW1SdFhEbG9VMlJUV3VaUDZyWnRlek9SdkNycF81UEw0WGdwbHVQS1MxZDRHQ05FVU9xSUVvUlNLbHN6M2dSTy1XeVhXZ0JodTN4YkNwWEoxWDMwSHR4cW1jejBDc2FMbHpmN2RYZ1dwcjVFSWVEa3BheTI2WVVZSGhYaVJKdTNkU29RSktFZUhoZ1FOUC05M2pYamNnQm9yTmNRNTZhSGdMRWdETHNraGZnMTU3eXVaZV8zbUJ1Y056am5yRVROcGROTmQtYXVKZjBicFVJSWlxVzloSkZhYS1zSFRuc29veG1CNF9kSFlKTDYxNzBvaFMtTDl5d196dHpPNi1pakt3bDgwX3hyS3FRTm9FeEpsOVl4MnQzQ3Q0OC05VTAtd05nb0VXYjhMMnBlUEJicmNmZllmZi1mLWhVaFdVRVhjX3Z4QTYydjFiNy1tNzlqUXpkdGpNVHVOaTdVNGYyckEwcGJQTW4zR0xfWkh5X2x5VHktc1laMVFDYUxxdzlFcng3Y09QRjg3VDBhR3VGS25OMGpubWN2Q3BtQVVIR1Y4MEo3R2w1blc1WXg4bWNCYWhtc3AySDNITXE4alhHUmlkekdQZm5YWFdIN1JPZUx1SVc0eVZCeENQbW4tYnVISEZ3RXg0Rkg0dlU1aVYxZUI4S3ZoS0U2V1lJcEYyVTdHQmRaTFEtR3kxREJEWktLejJVMFlpSnpBSWswNmNmUGlaOG5YYzlaYWhNeTF4d0o5RnBPU01HSFFnNGRjdFgzTU1WLWZDX3JCcVZ4ci0zNERaT1QyZnNhbUF5N1hsU19pUDNfRHV4NzhXVmtkTERSR2tNdVZGRmt3NDJZQWhUNGlieHhDeWJsalRycl85ZjVXNXdjSW5Vdm9MNGgxSUxLM2J5ZVIzVlhuY1o0VE5tT3JpQkR0RGVja3JVSC1KUUZLcHhzMU5aMW9HeUxiZ09Fa2h1TlN6RjJVS0lteXEzOWdBdFBpRmpnNUNNM21PbFBMaC04NTJxcjNEclFQLTVHVnhJWTRwS1M1bjU3WGJSOGxNWUVyZkZ2WVRTdVBiUllGQUVGcXA2cTYwVW5OejI0ZHhOQTR2MkxLNk1TbHozRzlKdGN5ZU5PWU5xQ18yQi1uOEF5TVpJU3FSVHlZam5JYXg3Mjk1dlRxTHlIcXdZZWg2UldEZkNaczdwdHZfYlk3UmExVnRuU0FGVkp1aXpOaHpSY2YzU1RFdXlMWVBzbzhzMW1mal9nRlpXd0Vjczg2aUxpQk94bTJtVGtjUlpTdHVwR0NSTUQxbkJSMzh5STA2eTJDVnJKdmFDdkVJdzJhekJ0LThCckhBRFFwcXRyZ3UtLVUxeGpWNnBBdHhVVzRoc0dQXzd1dS1mN0ZmUmtjbVltZXQ3ZEpzb1AwTVplVjQ1YUdheDdNRFNUancmc2FpPUFNZmwtWVRuN1lORTlVVzBTY1lLN3pnVVJHX0Rjd1ByS293Q1pmSTY3aWVYRjJCUUk1NVJYVUhJUWxkajJuTFBTWUdoUU1MdnktYnlEenp4TXI1dVFUSHZaRVA5U21abjZrd0RYTDE1dklBb1h4Vm42RVdISnEtY1JZVkluQWd3N2V5c3AwNDdSZjZBSkdNT0YxdkMzY29pdzZ2VWZNQzRlM3liUzJZenBnUmg0NE9UMkxZNTJ4QkVsSi0wSGZyNlBRV2tTRmFac1NGXzEzck1NTWZLRDhkb1o3RkpIQ2RZOWxlQ2g0YnBubE0zYndlc0dLQUpITTZUeVZhRnA0NmU4LTNrSkdLUG5nX3RQcXhnbnVyQjlXdVppNU9qdXU2bGduZzdLWVBfT0dwMDlHcTV0eTMyMV9PUTRPSSZzaWc9Q2cwQXJLSlN6SlVEMmxtRHNjZHVFQUUmY3J5PTEmZmJzX2FlaWQ9JTVCZ3dfZmJzYWVpZCU1RCZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5lYS5jb20vZ2FtZXMvZWEtc3BvcnRzLWZjL2ZjLTI0L2ZlYXR1cmVzJTNGdXRtX2NhbXBhaWduJTNERkNfYnJkX3d3X202X3ByZ212X2R2MzYwX21mJTI2dXRtX3NvdXJjZSUzRGR2MzYwJTI2dXRtX21lZGl1bSUzRHZpZGVvJTI2Y2lkJTNENzM1OTglMjZ0cyUzRDE2NTI4OTAxNDE1OTMlMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D206729091%26dc_adid%3D572283934&_api=7&_ssm=[SERVERSIDE]&_tsm=[TIMESTAMP]&gdpr=&gdpr_consent=&_abm=[APPBUNDLE]&_pum=[PAGEURL]
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8ba3e5b67eb02054b1b9c4ab80d30acad439daa1343461526e368483b1b57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
server: cloudflare
vary: origin, Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 832ab7126de56ade-FRA
link: <https://cdn.doubleverify.com>; rel=preconnect, <https://tpsc-video-eu.doubleverify.com>; rel=preconnect, <https://vtrk.doubleverify.com>; rel=preconnect
alt-svc: h3=":443"; ma=86400

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523875/ Frame EC26 255 KB
77 KB 114ms
33ms Script
application/javascript 52.211.95.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523875/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2131671202406978&ias_chanId=1&ias_placementId=20487175905&bidurl=https://www.hogwartsishere.com/courses/by-level/&ias_dealId=&xsId=ABAjH0js2YtwSUiwOly5kUoGGlkt&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0js2YtwSUiwOly5kUoGGlkt
Requested by: Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.95.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-95-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e8987d3f22316fda61a1f99bf2b11185fd83d39099730ca31867cd6e323c1016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame EC26 111 KB
39 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame EC26 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ae3q4c6vZDAV0vrdgcjI5J84_A-P57Mk2-t_TbKLClOqLqnrSMYw0OvssDE2-5oE98f7KvjktJ6CE3B6HICJK8XvRMF684q93OfUNEPPTrnD_KBwY2kdGvSs4NFKQIUQEShvNPG8rHOHMRY8Rg3kUbsnEyFZGTIXkT5VFjhkt2tFIJYBA&dbm_d=AKAmf-BKMZR_70iEKTYiMtmGfJ0WKx-rrdcAJKgxPsC6qxo7jtJ0QcGBit8BuUdT9gVpZ09BTveme47PcwbjPYtbicV9rcW3LGCnwf--iWdS9mKfE9KZUVGqWnVhXQdt_tGEkc40VOBxVNnDrDS7f75A_PoFXLJHQtsfOqgL6jn6dwYHDw3j9Ob5xF-LwfMleCEAr_SMOUlZ8uGp3Rw880ceDDG8cKGIh2-2ebXoyhiGeNKbiFysqB17AaslLBGY9cea6tFYllOqqAmU0M37WmWR8QqDLRPNCoZoV23WJweciyja-kzILa9ObjZY899Ornj0Nh0U9KjoWyL2I8Y8R3eKooVrwg2OAKxqOpDpGXh32QlO61bQJjzn_76FcJiTX8JS0x78y3PBsU8wCbzwn78QdWE58xEBNKjNa4LT_bWVd0XxQa5Npu5wuhag5SN7ton7RxluldJeUPVnkAm-LOhzqeID2CVm8-6PXgqSsOqUv0iy-29MJPIGMfwCXe4jULnc2wAy6P7o-2zYXK45zZ3FUCQyJM_QNYFhZKdFUC9iQU_diMaBDfr18Yueap-9NBW1gRWB8_EihZVlpWYU0i-wnFK-QMFunMZi7uKXKO2i9m0-3jAQYL9OSa0C4G-pWnRtkftGfMuEgaqLbr7p-eJbiIz4LXBL8P6fXd5eTvoNtUMj3z4yxKgTUIEtC8PoQw8TxKi1GyR7EIUYVjlg8N0s1bFwDnpCpMUbicCwzFAlEeDDkFS3eRJGq7rkfU7eYVtKfTIbdynHB_Df-RK5EvC3cz-6SWI6im0LEaIJb_YvF84OHcdfmIDiKWD7L8A9nID_-rXLztv5a5MCUjS2BsciQujEXXHdPz3nWd1g6uvgAq_51THqpx4RbhS0KzWDYU7D44Jl_9CRPt9uSpHlDa1cIdmMrYqlGkrhvDfsGWt0rlCbbUraE5HoTQyBHsvPgfV4W9Qu8Uzf0IfpA_GrmYfkbgGUWzc1bu3XCZMVpCaFKSAY42Y5XFL3Jtxs5Y9Ut9jgkN7gLbP4I02IGdvWNFoEU_uEKOafaFios0RzAeprJ9RCqwc_1DUQiWhfYu0VF5_KVA8TCB-hQZ_p1sw2mCCvLbSwcgFTDOHOGRwaH2Ak-E1KhWzXYQfrR65-2blOZjGXim0X-tNb2qRNMzi2nDLvifL50SZKNJwsDD__0POfinaO-NbQGzUx53Ij4z7oyngvyO3LjqN3wKntyjD7Bc39DFweCi7sZ69Y2I-jio_LaiyOVmb3om9zHQatVw3izIrA79XuDKF8hTS9UY_JAXoIItGhcz-XlQjGMdJvq9dZuEcAT8TqqaxAJckzsZRS0Ce_l9TaL6pE6PL4hAG1SSl4fcbcGlOWkchiefG--JIAvA-glym54HtA8sn53Q872faadckWC3gvA9EejZf_KPq2BJOMI-QVQqx4z4pNHTC-qs3crVF5v6u3QTqf9EY0U8iLXRk7eQQ0GG4NRC8Pthqo5mw11alVsM8UrOlwgTA_hSJPk9VovDfrD5wF59BoztQKmcJKRtdbFoGMYG4gIXBVDGmOQu7Np1hbKdt0DEYpMu51YF8QksN1N3oCOxTeqtYpqlrPCZLCBNBmbiLy22oR_WElx5n5KO7XjQjZwUCso5XdjTepIkRR-bx1nYTDrrhVp1r0CFKnn4K8zYQnspGFgODbCVcmLoifhP0KJwmfRUV2Vx9cYv-LwTn0LKKuyqp2HBTKx2mFrLSBweR6pdnFOE9zB0_92ubtifBdlR__Hq_JbOVssrB4aTJSLNUtBJCr0Sv0WSp-SlN_vwxCmETbjZcRPU8acPreDdnGZst5TSZOua5fVf2rJPrMEudSWC5mF0DDXAzEIosnL_mcqErNxFgLLCJgp2Nm7fpeyYiiLmjbqhIvbneqO9CD-wPX_QoEuMGylfVjDaHM30e2IvHOQjHxfUrE6iwOXgW3L0Dd1VO7GRBVIFOSYdcjuVhoMHQTjgDmLNPDfRFpCLNBNczjzUX58qFs8o-x0wGnEDcpUWhud3piNLOVZXO1fQol99NYWL2y1s7GZ_mm-sXnZi4x3F4loRCTH4I3l0d_jHeWMyP2Vt_IImLJq5wv7GOk_gTLezDPh5y73W0VOOcqlZiyxoN7bLSFcwdnZTBsqwFNXL5Yl8B3R6lsAsI86Jos54cUq2U0RyAmODe6VxWlwQK2vliCMgO02XbehDky3bkUbOrqAcjxFl0LI3ODP5eM5xQ4_0lEfXzz3No_PS0wBiVWQzEQAYjP6wdumlQCaKwJlXGa4On_WOjSevcHWXxl1bzeG-yJc3Bgr_ElM87S0rZ3zfJq_6pOdn_2zfYyYVQOyIOGMOFjTbGnK90_lttTC_uL1dYzrc_Ag97NiAnpk3WvHbTsQ_3cRgxjpSeQRzHNjD-gerpCsmZYEVQsKif_6b1d6Q_Tqq8K0MqgbnTnHCHBiG33vRmU1OZQ8r7VwPyPrp1_N-qenH0od8TrRKCAL22Z-cS8hHMBuLq-weCgsAYMF932MDaU8J03bJBHMpbO06MRl_JyG-4MHviTIi2jszGP-LjDeT7xYkJ7BpFmv8H0JxYmBpPzaadBvO0v-_AFBiHndrHYhZ5Wjw8mUk02AB63or8tiswfT_5b2ksFBysDf_yrZLRmLJZOSqhZtzKmKZhS_4JLHmJZAaP8FnR8NFYlMEETByYgkP3T_IhNbO2-qXiQUYBxgDogi09l6LoXivemr3syzzdS3sKp4dS2yEGuIfAn5C7s5wELXPrxVTLaTgYAaqsliyI3tjfMQV31ObktvXm-RbPD930E4e30kDvBtQ7QVATxMrnEcqcAvwzOkGz6ks7ke9FLZo2mGRElqFJRQa0mOmi97UYoT1ndCmG4ORju6kSqgBoUfjVhL6iMQWxe25IWpqIDRYo93eUZAGtxRqIN-CAiphjFUX2LzT3JojcT0SjL8gaexBsuRFRAAA0upJVh1dQJB9RLH_UR2LAAnt8DBLHgz96KS8lNBYl3leBMwn_QKs1xJ8vhbDzAN5InXsvAgq5kf9nx5EikA5q5MrzJPrE-56NI3vJTXF8olImzmD7dnWQ1Da96w7Sood_eWdV7OOX4huZ4Xg1HQCqbNQMLzwq94vF8jY4bkrH8oRMLb5I68HquuYPOc1DTyOAgtBf7w82_VfSWSkMNE_p5cF_xongsJU1JiQYAlzf0bq8WfFOrfx4VI0AnbdSWdx_krzaf1oEfx9EOOngkAaqIE1p1PRAZFwPqtoplp48FuduZ3qLM7YZN-G2H4IxQpkIJy1JMwOASbUMxD0_nNiFzTcwasnd9rcqaCSYGSt59MhFMOo7GkJR5zmq3evmkKfigFkMYvC-prDq_emHq2dBkm-Cbt6zKLqRdtYU2OeeirwTdHmAseT12dIcFCl1yWLEoTOvArs3Vl8PmeM_plxf72oxfk9GP-sWV8rXOYduUsW5AnV_QHAAh5S4NYxNSo5ABq8Wbm-aQ5BXqnnc3wbzgDHpLNSI7Vo5LNjuA249dJOw5BIJUJLSyvfsTrwKcsUcR1bSEGC-lSZmx_MzPydpQ8jB2i__4P51hSAuzOH27Q5jqfO71iO4xuXFnjR6cdf1IdQkxeBnSGNjY4GRSnqA_1ayIOrIvU-5cKf7Es3--FVFe5HJFrViXyMWN3LRNPcYJYFBrvRIaxrj3xUBRZbdKJqrvCpN8B6LL3vir91cnC4S9VeIiVtm6-WGCYCLChvyltWbnPQ&cid=CAQSTwDICaaNNhTg5rxfAVBFrQGHjnJaAjHbleJFZCwUjZb6-RWIDYgIiLzETO602_Vw8jTY6QHtTl2gcrd8IHq7GRx3_uJ_ytJD9OxH1ngEJmcYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.hogwartsishere.com&ds=l&xdt=1&iif=1&cor=14983444485314454000&adk=497053792&idt=107&cac=0&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:06:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame EC26 31 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:19:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11943
x-xss-protection: 0
server: cafe
etag: 4141415479739543000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 11:19:18 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame EC26 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:45:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:45:53 GMT

GET
DATA 200
OK truncated
/ Frame EC26 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f3a2b57bd5fef4acb35240b946f7228594a64944cef60fcf2a094de62847af2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 B30443038.380566222 Show response
ad.doubleclick.net/ddm/pfadx/N7657.3553448DISPLAYVIDEO360/ Frame 830B 41 KB
16 KB 106ms
66ms XHR
text/xml 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/pfadx/N7657.3553448DISPLAYVIDEO360/B30443038.380566222?ves=dGltZXN0YW1wOiAxNzAyMDk4MzQ3ODA3CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdlFSOC0xQm9xR19TUW5TQ2JKbXdEZnVDR0VMTEhJMURZZmlzZDVoMUV2Q3dURkpnVHRuU2o0WXdBQWdOYTRERk1SMGlyajBkT292WkQwYk1KWTFheGlteG0xakVnMGNnU3YtRC1DMmdsbkNhVTFCQ1RodWNVV1FaSVA4YTFHUEpyTWZ4M0dsQzhHQ3k4a2tLY1lSbTM5elNvbTVGOVBEaG9RY0VoTVZaRnNaVERSejNOV1lBaXYteExna1Y4Z2YyTEluZHJ5V01fYUE5aEZmOGNDaHVOM2hidE1OMkZMZzNDdkl1SEJGemd3cVQ3NEt2NWpEMW4xUWtUSTdsSEVwZFVhRExoRTY0bXJPNHo5MjRLNDBuNE9qUUF6TW1SdFhEbG9VMlJUV3VaUDZyWnRlek9SdkNycF81UEw0WGdwbHVQS1MxZDRHQ05FVU9xSUVvUlNLbHN6M2dSTy1XeVhXZ0JodTN4YkNwWEoxWDMwSHR4cW1jejBDc2FMbHpmN2RYZ1dwcjVFSWVEa3BheTI2WVVZSGhYaVJKdTNkU29RSktFZUhoZ1FOUC05M2pYamNnQm9yTmNRNTZhSGdMRWdETHNraGZnMTU3eXVaZV8zbUJ1Y056am5yRVROcGROTmQtYXVKZjBicFVJSWlxVzloSkZhYS1zSFRuc29veG1CNF9kSFlKTDYxNzBvaFMtTDl5d196dHpPNi1pakt3bDgwX3hyS3FRTm9FeEpsOVl4MnQzQ3Q0OC05VTAtd05nb0VXYjhMMnBlUEJicmNmZllmZi1mLWhVaFdVRVhjX3Z4QTYydjFiNy1tNzlqUXpkdGpNVHVOaTdVNGYyckEwcGJQTW4zR0xfWkh5X2x5VHktc1laMVFDYUxxdzlFcng3Y09QRjg3VDBhR3VGS25OMGpubWN2Q3BtQVVIR1Y4MEo3R2w1blc1WXg4bWNCYWhtc3AySDNITXE4alhHUmlkekdQZm5YWFdIN1JPZUx1SVc0eVZCeENQbW4tYnVISEZ3RXg0Rkg0dlU1aVYxZUI4S3ZoS0U2V1lJcEYyVTdHQmRaTFEtR3kxREJEWktLejJVMFlpSnpBSWswNmNmUGlaOG5YYzlaYWhNeTF4d0o5RnBPU01HSFFnNGRjdFgzTU1WLWZDX3JCcVZ4ci0zNERaT1QyZnNhbUF5N1hsU19pUDNfRHV4NzhXVmtkTERSR2tNdVZGRmt3NDJZQWhUNGlieHhDeWJsalRycl85ZjVXNXdjSW5Vdm9MNGgxSUxLM2J5ZVIzVlhuY1o0VE5tT3JpQkR0RGVja3JVSC1KUUZLcHhzMU5aMW9HeUxiZ09Fa2h1TlN6RjJVS0lteXEzOWdBdFBpRmpnNUNNM21PbFBMaC04NTJxcjNEclFQLTVHVnhJWTRwS1M1bjU3WGJSOGxNWUVyZkZ2WVRTdVBiUllGQUVGcXA2cTYwVW5OejI0ZHhOQTR2MkxLNk1TbHozRzlKdGN5ZU5PWU5xQ18yQi1uOEF5TVpJU3FSVHlZam5JYXg3Mjk1dlRxTHlIcXdZZWg2UldEZkNaczdwdHZfYlk3UmExVnRuU0FGVkp1aXpOaHpSY2YzU1RFdXlMWVBzbzhzMW1mal9nRlpXd0Vjczg2aUxpQk94bTJtVGtjUlpTdHVwR0NSTUQxbkJSMzh5STA2eTJDVnJKdmFDdkVJdzJhekJ0LThCckhBRFFwcXRyZ3UtLVUxeGpWNnBBdHhVVzRoc0dQXzd1dS1mN0ZmUmtjbVltZXQ3ZEpzb1AwTVplVjQ1YUdheDdNRFNUancmc2FpPUFNZmwtWVRuN1lORTlVVzBTY1lLN3pnVVJHX0Rjd1ByS293Q1pmSTY3aWVYRjJCUUk1NVJYVUhJUWxkajJuTFBTWUdoUU1MdnktYnlEenp4TXI1dVFUSHZaRVA5U21abjZrd0RYTDE1dklBb1h4Vm42RVdISnEtY1JZVkluQWd3N2V5c3AwNDdSZjZBSkdNT0YxdkMzY29pdzZ2VWZNQzRlM3liUzJZenBnUmg0NE9UMkxZNTJ4QkVsSi0wSGZyNlBRV2tTRmFac1NGXzEzck1NTWZLRDhkb1o3RkpIQ2RZOWxlQ2g0YnBubE0zYndlc0dLQUpITTZUeVZhRnA0NmU4LTNrSkdLUG5nX3RQcXhnbnVyQjlXdVppNU9qdXU2bGduZzdLWVBfT0dwMDlHcTV0eTMyMV9PUTRPSSZzaWc9Q2cwQXJLSlN6SlVEMmxtRHNjZHVFQUUmY3J5PTEmZmJzX2FlaWQ9JTVCZ3dfZmJzYWVpZCU1RCZ1cmxmaXg9MSZhZHVybD1odHRwczovL3d3dy5lYS5jb20vZ2FtZXMvZWEtc3BvcnRzLWZjL2ZjLTI0L2ZlYXR1cmVzJTNGdXRtX2NhbXBhaWduJTNERkNfYnJkX3d3X202X3ByZ212X2R2MzYwX21mJTI2dXRtX3NvdXJjZSUzRGR2MzYwJTI2dXRtX21lZGl1bSUzRHZpZGVvJTI2Y2lkJTNENzM1OTglMjZ0cyUzRDE2NTI4OTAxNDE1OTMlMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg&dc_cid=206729091&dc_adid=572283934;sz=0x0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;dcmt=text%2Fxml;dc_sdkv=h.0.0.0;dc_osd=2;dc_frm=2;dc_sdr=1;dc_ref=https://www.hogwartsishere.com/courses/by-level/;nel=0;vis=1;dc_sdki=445;dc_eid=420706098%2C44752538%2C44807615%2C75259414;ord=[timestamp]

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

00419a245e2fedee211c64bcf76b8623c85e3d3598b5074b0cae1d7c229b157d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16223
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8349 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 406762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1064608057035189096/ Frame F465 6 KB
2 KB 23ms
7ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10247
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1879
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 02:15:01 GMT
expires: Sun, 08 Dec 2024 02:15:01 GMT
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC26 0
0 90ms
54ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLNosQ71y1kv2Pb16_1jXQSQWF1PkbexNsNmWEaAxXbblw4C9sFjciRTmaabDPjO9pVJp9hWJsmbEjArvobQ3_awFoFHciRSBX_dGc8ghL5bmqNTN4okmWkhpz5iX4gQeZiz9J_HJIZ8g0NrUFWRp8vxuNCedaFAMyswDHrDBjd_-ByZYs3P4Ugvk99X9a80U4Ug-w2B9yKWZS2kAc2n2oIR45jv81IWSvIGWHzMC6tXU-ogxV2ZrSIuggZ_Byu-wm_qIhvUWViT7TVS5PCmH1Esj6vqRgvUitX8dHZYno0yT8ugJTV7fABDIoFMwhF5fTifh87pG5rm8HFIhD-tqhjVGJb1fYWllged6DEHo5LPDNgcHVMRIzrVYV5OylA42vfQSsTvOWstggrNX3sHSAgWKPoGwN4jGpeDz8Tsw0EV6746ilNKgQCTC6yoeMFj5X0rjQ4QEYQQGe9BtpPnBzCx2eqcWENYY6RTYEf_pOlFb2Lg6_hnm-RdoVMAZpADF4zQG3kAw3n3j87_2O4wD7DapPKRBuWPMSo5N8RIzDnjY26ovk2jKGFYnYNCdpMSvhsDpiyk5efuUQUGDtiZXzxtM6d-fsA9gvqg1-tjVWlQihdTcUCDl2Sc0ExagK1Hha55aNDFTaGZGSknemeNWgBlmcN6Zputj39hvd8G2Mq9I1hOTpdcf6x3HbE8FVLZkfwEmLXqmEpbIchf1tb4jqko0mC5GwWnOj_jk-Qp5pehowz7gzypli81sRPWwpWEW4PGojTLCrJXOuIiK9tW31gMTVG3aVQgfLaWzxCKLveBT-9ITv946o7KxxMelg9dvNBqOKHZAhuv7pAoPYZRUVhPBzw95ZN2LTmie2HH7zFsn9Th5SNp-BNiFgUXSNuy7xWdHjKWRb2hcbQ1IAu9nSIK3mmQfMioiRV9s0N1Lc_g7z4PKPYy3v1vEDDW4XMGJYxvxjK6deKNcWtx4vOWlSoa0C8lebze_jDG6r37TlSSzyUB4-8iPvvcZtjZlRPaXnaVtl2YO3bzZvoa1Or5u5vJSfm4vP_JLcdsn70j1PnRhiaEM9xZsJiyaRUWisBnrok2KY29ziitHWE4t2nrtGfM-kMTqw5rCCtxdrAqQja5HHMKQuxReQQKp138j3tBl8LnSfsBDVPmr12FpByL7OO5RimnQwcNLUHf33QxbbtkykWNvqd1ZYw-no90gTzVK9x3O4wqzZoI98mQCKFf2kBQeethT4ti8ufZfFx03NS8WEQa2wTT0xlxao6WxseAODRQhXtaqK7NJqXAgCpdftUTSQi2X01NoW131WOp-YtFAMIjMM8p7ZjVhYABd4vMLbx4NhyVDgLikm3Z7UX-4l_Xu_LMHB&sai=AMfl-YQX4sfn1kjScbFapjAnImCH5TMJ7IZX1U4bI2tFP8FtebtKA9rBILk3xfbm2ALo90z0N2ElzScfUfvTtxtxPoqnHPYW9MAiVtgA_YfUlB5x4dIkVfaoIapbhKpZSx3oaFcbqQMYYgw739rxd_KfVQIDoJt6RzEk724BZS0uLbED9If2un4PLNjSkQ17IMaKpmQ35wTQqAd5fCv7m_isqlDHkONZjLdWVyc3r0nqPXaibFV1DpdTdr86CP5O6Yg-UnGyQBsGDnLW4vYOYxLPivUqwG9hQBins0m1Z3T-nA&sig=Cg0ArKJSzJXcjm1-DD1TEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=138&cisv=r20231206.79794&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8349 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/1064608057035189096/css/ Frame F465 6 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2000
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:20 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame F465 70 KB
25 KB 31ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2597078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QasgaQLYwNOS%2B8jNnUKQUNRgyZqUDvwti7LfdhBDKgaWuxqAzu66SCFptBpqd6FE%2BuaSlmrdoVwvEp71xaDgadYkNJzDa5W8Cq7oCnBrLA5kj3zDeMzaQ30Rx7o0yuyzW2siWuidmoDlFGF07wyF%2FDVk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 832ab7134fe9bbf7-FRA
expires: Thu, 28 Nov 2024 05:05:48 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame F465 7 KB
4 KB 32ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2566297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uums9Gh29vK1Wytj2pytYEI0ejCPbxrJ1D8fhcwd6VSUfuLPnCAPYAhenZYBaeZPGytrjy9lzRZb11LvQHCTjiuLcxFq%2FvYwWVba4YUvq2PXd8Y2ljfCaI39VMJjHuGz3KC5xgM4HmP%2FffxsBGjJEOMD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 832ab7134fe8bbf7-FRA
expires: Thu, 28 Nov 2024 05:05:48 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:32:52 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 2 KB
800 B 9ms
9ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 15:16:30 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 429 B
349 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49427
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 15:22:01 GMT

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 25 KB
8 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8356
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:20 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 33 KB
33 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:40:15 GMT
x-content-type-options: nosniff
age: 12333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33567
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 01:40:15 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 33 KB
33 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 17:17:43 GMT
x-content-type-options: nosniff
age: 301685
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33601
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 17:17:43 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 25 KB
25 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:31:46 GMT
x-content-type-options: nosniff
age: 30842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25911
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:31:46 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 9 KB
9 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:45:15 GMT
x-content-type-options: nosniff
age: 206433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8971
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:45:15 GMT

GET
H3 200 5-min.jpg
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 12 KB
12 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/5-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:45:15 GMT
x-content-type-options: nosniff
age: 206433
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12054
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:45:15 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/1064608057035189096/script/ Frame F465 4 KB
959 B 10ms
10ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:19:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38766
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 930
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 18:19:42 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame EC26
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523875/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-2131671202406978&ias_chanId=1&ias_placementId=20487175905&bidurl=https://www.hogwartsishe...
https://static.adsafeprotected.com/4a.js

2 KB
2 KB

7ms
6ms

Script
application/javascript

2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id: ce47Uk_40n7.EHf_5AWPfR6VoMlkrWoX
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 123599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 07 Dec 2023 18:45:47 GMT
server: AmazonS3
etag: W/"589d8955c4906ab1b8e63a2f92d932d3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: D1EIae4ZzXNYHAQZvP5IjgCCorW3lWy4Vwm59APbcJk9EPxIHJfZWw==

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
server: nginx
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame E32A 91 KB
23 KB 7ms
7ms Script
application/javascript 2600:9000:223f:4c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6843398
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: pmWS6VhvYuGk1Oe-uEA5-z3TEnJJhjCBlTDU7ysNoOrV7mJ2NLN41g==

POST
H2 204 csi
csi.gstatic.com/ Frame 830B 0
54 B 690ms
379ms Ping
image/gif 2404:6800:4002:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpxleqmb&c=6488722394485&slotId=3244361197242.5&qqid=CL66zLrKgYMDFVGmgwcd4DMJOw&fb=outstream-lima&vmfc=13&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 830B 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 22:32:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455579
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 02 Dec 2024 22:32:49 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 830B
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

69ms
8ms

Fetch
video/mp4

2a00:1450:4001:67::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55BD2B8EF6EFD2D4F58C5A867719B118A844F5AE.721DABE7EE520F93E4B905DAA890A13848BA3020/key/cms1/cms_redirect/yes/mh/bJ/mip/2a01:4a0:5a::9/mm/42/mn/sn-4g5ednly/ms/onc/mt/1702011696/mv/u/mvi/2/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:67::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:05:48 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1715588
Last-Modified: Tue, 05 Dec 2023 16:11:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 09 Dec 2023 05:05:48 GMT

Redirect headers

date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55BD2B8EF6EFD2D4F58C5A867719B118A844F5AE.721DABE7EE520F93E4B905DAA890A13848BA3020/key/cms1/cms_redirect/yes/mh/bJ/mip/2a01:4a0:5a::9/mm/42/mn/sn-4g5ednly/ms/onc/mt/1702011696/mv/u/mvi/2/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC26 43 B
215 B 319ms
92ms Image
image/gif 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=de746614-81bb-6fd0-be5d-177282e3bbc0&tv=%7Bc:whdQqb,pingTime:-3,time:64,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:64,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXUPcS3+11%7C12%7C131%7C141*.1627455-73523875%7C1411%7C14121%7C1413%7C15%7C16,idMap:141*,rmeas:1,rend:0,renddet:na,siq:18%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC26 43 B
216 B 316ms
92ms Image
image/gif 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=de746614-81bb-6fd0-be5d-177282e3bbc0&tv=%7Bc:whdQqc,pingTime:-6,time:65,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B59~0%5D,as:%5B59~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXUPcS3+11%7C12%7C131%7C141*.1627455-73523875%7C1411%7C14121%7C1413%7C15%7C16,idMap:141*,rmeas:1,rend:0,renddet:na,siq:18%7D&tpiLookup=ao:www.hogwartsishere.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC26 43 B
215 B 295ms
93ms Image
image/gif 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=de746614-81bb-6fd0-be5d-177282e3bbc0&tv=%7Bc:whdQqA,pingTime:-2,time:89,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:438,beZ:439,mfA:441,cmA:442,inA:442,inZ:446,prA:446,prZ:450,si:455,poA:456,poZ:478,cmZ:478,mfZ:478,loA:503,loZ:505,ltA:526,ltZ:526%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXUPcS3+11%7C12%7C131%7C141*.1627455-73523875%7C1411%7C14121%7C1413%7C15%7C16,idMap:141*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:18,sinceFw:70,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/1064608057035189096/assets/ Frame F465 8 KB
8 KB 7ms
7ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1064608057035189096/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/1064608057035189096/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 12:55:21 GMT
x-content-type-options: nosniff
age: 490227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 02 Dec 2024 12:55:21 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 9BC4 23 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44283
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 16:47:45 GMT
expires: Sat, 07 Dec 2024 16:47:45 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC26 0
0 46ms
45ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLNosQ71y1kv2Pb16_1jXQSQWF1PkbexNsNmWEaAxXbblw4C9sFjciRTmaabDPjO9pVJp9hWJsmbEjArvobQ3_awFoFHciRSBX_dGc8ghL5bmqNTN4okmWkhpz5iX4gQeZiz9J_HJIZ8g0NrUFWRp8vxuNCedaFAMyswDHrDBjd_-ByZYs3P4Ugvk99X9a80U4Ug-w2B9yKWZS2kAc2n2oIR45jv81IWSvIGWHzMC6tXU-ogxV2ZrSIuggZ_Byu-wm_qIhvUWViT7TVS5PCmH1Esj6vqRgvUitX8dHZYno0yT8ugJTV7fABDIoFMwhF5fTifh87pG5rm8HFIhD-tqhjVGJb1fYWllged6DEHo5LPDNgcHVMRIzrVYV5OylA42vfQSsTvOWstggrNX3sHSAgWKPoGwN4jGpeDz8Tsw0EV6746ilNKgQCTC6yoeMFj5X0rjQ4QEYQQGe9BtpPnBzCx2eqcWENYY6RTYEf_pOlFb2Lg6_hnm-RdoVMAZpADF4zQG3kAw3n3j87_2O4wD7DapPKRBuWPMSo5N8RIzDnjY26ovk2jKGFYnYNCdpMSvhsDpiyk5efuUQUGDtiZXzxtM6d-fsA9gvqg1-tjVWlQihdTcUCDl2Sc0ExagK1Hha55aNDFTaGZGSknemeNWgBlmcN6Zputj39hvd8G2Mq9I1hOTpdcf6x3HbE8FVLZkfwEmLXqmEpbIchf1tb4jqko0mC5GwWnOj_jk-Qp5pehowz7gzypli81sRPWwpWEW4PGojTLCrJXOuIiK9tW31gMTVG3aVQgfLaWzxCKLveBT-9ITv946o7KxxMelg9dvNBqOKHZAhuv7pAoPYZRUVhPBzw95ZN2LTmie2HH7zFsn9Th5SNp-BNiFgUXSNuy7xWdHjKWRb2hcbQ1IAu9nSIK3mmQfMioiRV9s0N1Lc_g7z4PKPYy3v1vEDDW4XMGJYxvxjK6deKNcWtx4vOWlSoa0C8lebze_jDG6r37TlSSzyUB4-8iPvvcZtjZlRPaXnaVtl2YO3bzZvoa1Or5u5vJSfm4vP_JLcdsn70j1PnRhiaEM9xZsJiyaRUWisBnrok2KY29ziitHWE4t2nrtGfM-kMTqw5rCCtxdrAqQja5HHMKQuxReQQKp138j3tBl8LnSfsBDVPmr12FpByL7OO5RimnQwcNLUHf33QxbbtkykWNvqd1ZYw-no90gTzVK9x3O4wqzZoI98mQCKFf2kBQeethT4ti8ufZfFx03NS8WEQa2wTT0xlxao6WxseAODRQhXtaqK7NJqXAgCpdftUTSQi2X01NoW131WOp-YtFAMIjMM8p7ZjVhYABd4vMLbx4NhyVDgLikm3Z7UX-4l_Xu_LMHB&sai=AMfl-YQX4sfn1kjScbFapjAnImCH5TMJ7IZX1U4bI2tFP8FtebtKA9rBILk3xfbm2ALo90z0N2ElzScfUfvTtxtxPoqnHPYW9MAiVtgA_YfUlB5x4dIkVfaoIapbhKpZSx3oaFcbqQMYYgw739rxd_KfVQIDoJt6RzEk724BZS0uLbED9If2un4PLNjSkQ17IMaKpmQ35wTQqAd5fCv7m_isqlDHkONZjLdWVyc3r0nqPXaibFV1DpdTdr86CP5O6Yg-UnGyQBsGDnLW4vYOYxLPivUqwG9hQBins0m1Z3T-nA&sig=Cg0ArKJSzJXcjm1-DD1TEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=308&vt=11&dtpt=167&dett=3&cstd=138&cisv=r20231206.79794&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame EC26 0
63 B 47ms
46ms Ping
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBtSr2jtXFkFhNd7MBVjhzQh75NvTeMQ77aP0dA2m86X-dKDwODbAQ_w-ijKEv96G1OHHsSnzdieXsTmiu8Z06I5y7Tv8Fl2KkeqmQJtADtNCucMsNwep0yZf2AQ2KSxwZ-1qpR2tDnmTsP9dXeJtDTAy7PZoSE8gKknI1MGxoOfT3BpI&sai=AMfl-YTdtWGnUHRWp_W7hBoIqCsnrHtLhygU8z-v_NpGPavP2Dv4-Njsf9_-XI1TPlmpAYFydQamPNzQ8kUSSbjv19BYTYocVAJI7cEaohhteENSADWW6lw1cORdkpmOr1Q&sig=Cg0ArKJSzGJui7VhE5VwEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=

Requested by

Host: www.hogwartsishere.com
URL: https://www.hogwartsishere.com/courses/by-level/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9BC4 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:50:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 18:50:25 GMT

GET
H3 206 file.mp4
r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 830B 2 MB
2 MB 17ms
7ms Media
video/mp4 2a00:1450:4001:67::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a24e7b3830e2c5212d6ff52b7af0ea8b6d0bb85141bc9c5d9d4534b14bf87a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 09 Dec 2023 05:05:48 GMT
date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1715587/1715588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1715588
last-modified: Tue, 05 Dec 2023 16:11:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8349 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Btb3Hq_VzZd7-LqaOjuwP94ylkAYAAAAAOAHgBAI&bg=!JCelJ2jNAAY3kmNgF5I7ADQBe5WfONeBytqZm9OLUcybcGpsV57lD1G3sUARBA0lx7kJZD-aPYUXSyRyMGg8FbUh-52JAgAAAL5SAAAABGgBB5kDbIo9gaIUEGWUf0tIUjWwUMjWdEbDLiEQuUCkspuVKUtnuDC05VsmQUsOQ9ruE934Io_sTP-3WcgHKCYZk5f63nMMrOuSpPzoNE95WoREJ6iP0YWYvYLNNAOeyfDeRC6FwZexiFkV8ep02SYT8qYkVpvDxNi0NgKWz56d9PCZ0SaGpJpOHN6tuSiB2r7gaGieI7n7uC7e2oxNPAT3avSRxpDPucl7haY7K9sI5CXAQSAqhF5bJ70ucrL54OIeGNNBT6gx-6_qQo8Plbx_WZ7KkZmSuYz6KldnAgRfIKwhpsScQDUi8tEmVVs0pdW6MzJiIHJhpHYlXSQxGv-S9wdZHj7O0A8Bzvaq34blgJ2D6_ppmpKpdkq0fOM40FtuRnNkZeljcbLkTdy_H9gKugK0OfeowbTBEoFsLxOQpN3mUWHUll06i7rH15xAuzEMKvM8-lpZUMoTkGFxP8yrKTDtx1xlISE3FECJuyq4lHTfzItdg41UBIBTgdIGEILs5E75KyBh_nSoZWSSXt_5HQ2d4u11jyy94MPsf0jEb8jnClGEsZMLTbWYCKjw1XX9yBsSmGnLoMB2z3YI08WAJuTuYtuYbssLP9wMULsQatKoORl0pcrt9oALFQ5e78zYbVD1sew-_Yh4Z8rAZVHOC7AFKOJC95mUJ6allsxBYOKHahEXVUXEQd8Zk1U7zlXMh-eL09PYifXYdQNhk_w_iq8L-ASNH_OJ6JokXz1J_mBr9GenXdBYV0Ft7QsqcJdy2RWuwcDP1YDvMtu7_uKw4BBIgzdVnttS_MR3hRfxQ4SOcgfVnXVOe6tHy1_647ZdZq5izieT8UZZKM4YrE7jSLe4cj7KWFbGNBlwio5TxXDSe3sGmN8YU0DQ8V2ocpfEoFuT3Hp_e_62iS3v6b2Y7SuRZ4IyJDLOHeZPAhHGyqlD0ayM9oqtZthpEks0mh9-oaUHyuET5h2nGOD34xm0BqOK0U1sCi6FJKCUCIoOC1poulnka-vdhnu-QYaMZyT9qQZBCkys1R8eHINWCOmys7vZrBZabLsP-J80y-fr_cJcDncNK-bKAil9QtMv_HGiPW8ZhAn30jm5vYFGCRSU5tCwK5bCAl489kw0jstaIpj6JqlEofQUf6vpJBhkT3uVMDXFLU70KqZC4-PC9c4AsQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC26 43 B
215 B 176ms
92ms Image
image/gif 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=de746614-81bb-6fd0-be5d-177282e3bbc0&tv=%7Bc:whdQsv,time:208,type:e,im:%7Bpci:%7Btdr:107%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:15,o:193,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B120~0%5D,as:%5B120~728.90%5D%7D%7D,%7Bsl:i,t:126,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:80,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15~75%5D,as:%5B15~728.90%5D%7D%7D,%7Bsl:o,t:141,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B67~0%5D,as:%5B67~0.0%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXUPcS3+11%7C12%7C131%7C141*.1627455-73523875%7C1411%7C14121%7C1413%7C15%7C16,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:18,sis:129%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BC4 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bd43Qq_VzZbOpMNqz2fcP05-2sAEAAAAAOAHgBAI&bg=!s7ClsP_NAAY3kmNgF5I7ADQBe5WfOKPRfSn1SHPCc2U9bFw1ibrKtnCic_XcQXFli4wztkTWTnzVkkeGZ7tLlFPkF2ywAgAAAGBSAAAAA2gBB5kDTALscDzfteYRTWTMFrfZ4Inwtru3rQJRu5RdNdhp8IvVvFwybGJNi3j3WX_hV0yLFdTxiMtUVum_o4eN24xKTaKfmUGdbQTYwb3KNICDqXwQLT6ipBlwvf0Vjf9H9MkArpukWtWhvBYuT9xRX1ly6AB48iHn6MBkY_tY6VnQtBgvdePS40fUspwIA9u46RHDsQcV5XfQbfeUXr5SDQNlNB4sCMA97OVAeFzSAU1HAmDt5MgKZQXWpLC6luXxMetVCuNvewaHhb0UGXsuhzqKSDfvM3X64MTZkkA--ZzzHnXbQmk_a7uSmz0--GamfjBAtisMrzyBRzdGirg5fJlyXvTN7roM-VYF2vUMTR_Y2jWN8jGy1j-hl_6J7D5ZcmR9v5SN2lLiieMgxb2Z3txrpWlYmYDvhlv3FWzL-UMAGQSxoajKGncBVyZ25dlSzpmwkOpNcYlg-0sl7Bhb3zfCQQ4jLq2KalJarGsXNMqCRlgKIOwfNoSrjUi8ihA2NQMSJoRJRn4J-z95sBv0v2YjvvEn3fKOO8SWcl4ZgiHbDk_Ycw3BuvryGq6Uyl7adXcy8Ay39k-UtV7tLLCL1En6EJv6WzOdG5fCkCrdnnKCwj1xq6LBEgODKmO6ucbQiLfJyQdZQ5nbBiPpIUbA710SUPyZOmuqmC8ioePmF2AG6dvR8sb1LHpupg_WMrot60ZYO68nn2MkEbfwSiwdmzKC4E5mq-svUEahG_zNDiocxKFpGtl85NPdX6N2Y6-T0oKt4TTINafB9z9RDdodvxdlAPDMtKxkNZYtk98CaJx1CYF9K_elChKEO4wAdblpsv78BeiPHL1Y45RO76OvW_ZKhvfD-wlKWB_TFej3WgudsbPKY576TvjuHtxZXcPf1SL9OhzrJpBMgdeZru-VEN8eCKhXkdg9Ca8GlDzf_Hg2rCU1RmkSpIRDoyOeSv7fXGAWSMPfhxJwJbgJOmwo2HBOghfwqgyXuAjnBX_A1fUNB8FJulMJE6NbpCyHMo_m3_QPBA9pmXiSBvnPM-h9wwEe0zyXfqV0VVgYZenyWYiizziRhL7or5yDntN42oPhyiz9DVGD7Hy3EtI71xsjugpPzraCgjkzD688Gtxm8b0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=1329038092762411&bg=!9_Sl9LvNAAY3kmNgF5I7ADQBe5WfOFRcytnVGhTLU1-VYDGoCUNFnKyLAvipU48x_01KuOBCpv6nqp3UCzDVn_A0CsluAgAAAI5SAAAAA2gBBwoAAeeZAuPnmxI3kDNi6Ih7ISPwbQI0e-1Dho_GgHkJwNXuX_Yuupf_choV9B5Z3ofychqjW9T61bnb3oxzyBXmH2rl5azDUPkYsDvMZWQShUhaxoTx-Mu-28Q4ZisCpkqbxI7QTClKGSYviFI6pNPy78P3AJAOHKtcjm4xirRjZj2IgRm0hB9BiY06IbAtMvkK_lQLEiDt9AS4H2P8Mtu9TKmj-eoVsPVCJHnfmaZcmvDgukmTZuGNmwQO6B0vhZUB8hw2855A13aMZJtRfKZcd5ox2_KLpt_fWbWepOZCamVM7JzbI-lGcSp5NPE7lYVUwAV8Wz7OnqWNE3TWTcKdUb5GyYKNohdgCJuitPHz5wHRNaqZhWMOPkXSIzEZgVvnhXNekHoHbJkyoSdXwFkkbkkq1jXzH0WF9zrLB0gVjmacHnTIbwXpUbDyYmxmTP78LS9wP2qzBAhKfY1jHm5DxeD-ZElnfmhymdiGA9z5-XVAVL4s9R33m9pG6XdiMvrcNSOxtXnrHTLKSDD7jA0PQ86PWKMq7GzwxNlK4z4HRGTWbxPmZ6t0obveCNW3vigp--M8kZYB5dspKKLOK5gvBB6jyZFyJNdpDx5FQrNdNTs33m86s9-wJ-iXASZEvXe7Ms1htHPhpU50zwkqJn4e7UndwZIrgvhp7DBBDnWGCbs0BFk8jkTwM9_9U3W7DnpymlIej_2WyjeHWZcKjTsknhOfhRYOEF8a7Rj7wKVZ1tBuUiXqgBXqb8CHH2Fz_wgTdUjYGJVm_JQpVl6HdlPTNy5yvuzZisyPOyzj_paNK1T9TVxxO2u4MefIgMkcXDVijmIpw4SIJzpnl6eeS8e0sfO-KS9F1beKrdnHPleEQD_BHoDjIsyPIiDNbyYfPlKWjKajmMneiPleJBLfn3_aSNOCSnHiRI0E_G7-2wfSgLKXC-fSc8AI1Cr-ihmbrxTRQFZlNgET8wAmcsSLkZ41qDQ3jUqFmVeU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EC26 43 B
215 B 94ms
94ms Image
image/gif 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=de746614-81bb-6fd0-be5d-177282e3bbc0&tv=%7Bc:whdQvp,pingTime:-10,time:388,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1702098348435%7C%7C78365ab46ea725212e15f2a77418f650%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7C6c60833b2cb37e9d7b496a3347c27178%7C%7C7fe9720e27b3da1996afeebb5f050b59%7C%7C5084bfb3b46d3a839d36753a1e409813%7C%7C9367c028c365e82fde768095f23b0240%7C%7C5a248721c172dcc4eb7b5735e13f38b6%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:61b8:46a3:581b:1f2c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame 830B 0
54 B 375ms
375ms Ping
image/gif 2404:6800:4002:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lpxleqtd&c=6488722394485&slotId=3244361197242.5&qqid=CL66zLrKgYMDFVGmgwcd4DMJOw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.14t~vil.1ac~vfl.1ba&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4002:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC26 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMMuDKYWLZJ3OqosUciPiBHAQmcuCzrMtoK75EdpcFUCgkn5kzTZQmCKp38BLmOhIrazHR8pN6JRmQTMaFXatIC2X1mGw4VXUCN2iTRb09Gg2NsXdG5-Qfaefcf4yxsOAqAaS3kw4A6L9I&sai=AMfl-YTfcKjChLGDWpaaLZaHl-9IG7DXLbGTWDWs0UghuohPRGZws5AUuQTGXMiFE17tzFqF8bdIRvUH4G6ritrsWhbNBbCHB_1PHI0Tzhga4YzImE27xaBa79dpUb94-pnZsRrCtdmZ96BDhhYk0OcUBfR7xZR_I4iz1dOs&sig=Cg0ArKJSzMCPuRrkf0tuEAE&cid=CAQSTwDICaaNNhTg5rxfAVBFrQGHjnJaAjHbleJFZCwUjZb6-RWIDYgIiLzETO602_Vw8jTY6QHtTl2gcrd8IHq7GRx3_uJ_ytJD9OxH1ngEJmcYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=381,836,1000,1031,1031&tos=381,455,164,31,0&v=20231207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098347610&rpt=286&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC26 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8484254591466&version=m202309260101&ct=76&x=1&cor=14983444485314454000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:05:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hogwartsishere.com/	1970-01-20 17:28:37	Name: sessionid Value: uq5affbai0jen4iuqi2o62ey14b6ib52
.pub.network/	1970-01-21 02:24:18	Name: _fsuid Value: 1b2b0d2e-5c26-4be4-9d01-6a63f16fe397
.hogwartsishere.com/	1970-01-21 02:24:18	Name: _ga_W8JV9KJ9MK Value: GS1.1.1702098346.1.0.1702098346.0.0.0
.hogwartsishere.com/	1970-01-21 02:24:18	Name: _ga Value: GA1.1.550084752.1702098346
.hogwartsishere.com/	1970-01-20 18:57:54	Name: _fbp Value: fb.1.1702098346383.1062159065
.quantserve.com/	1970-01-21 02:18:32	Name: mc Value: 6573f5aa-7ec97-13780-09fa0
.hogwartsishere.com/	1970-01-21 02:12:47	Name: __qca Value: P0-1936006810-1702098346460
.hogwartsishere.com/	1970-01-21 02:17:06	Name: _awl Value: 2.1702098346.5-add0eed092e3e9d0443fe7fc971e452a-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-21 02:09:54	Name: IDE Value: AHWqTUl_9pQuuq3E5wnjds3tkU64x6nhUoOqGwYCEIgkFyyHMju9oqwXcZhI7CRT
.casalemedia.com/	1970-01-21 01:33:54	Name: CMID Value: ZXP1q-Qd1JxvRSPA.bs3GwAA
.casalemedia.com/	1970-01-20 18:57:54	Name: CMPS Value: 3169
.casalemedia.com/	1970-01-20 18:57:54	Name: CMPRO Value: 3169
.hogwartsishere.com/	1970-01-21 02:09:54	Name: __gads Value: ID=9187e9e82dc51bd8:T=1702098346:RT=1702098346:S=ALNI_MbTl04yuJqgfpPQZ8uuO4QHEdfvAQ
.hogwartsishere.com/	1970-01-21 02:09:54	Name: __gpi Value: UID=00000d0fcd6a6030:T=1702098346:RT=1702098346:S=ALNI_Mahvm2Wskn1p5Aq4nTDRQi0_-8jAA
.adnxs.com/	1970-01-20 18:57:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jlEP<!!]tbPl1M>e)ZlrFUfJ+tGXxoXD>Ks7Z8``/Opo>bD<Y!PK/j5*X^XoIpC#zb3If)y3KL9D3I?+^QaihE
.adnxs.com/	1970-01-20 18:57:54	Name: uuid2 Value: 4421007370748214997
.doubleclick.net/	1970-01-20 21:07:30	Name: APC Value: AfxxVi6xm9cVXSajI3XtWsfhyYaO7ZKREIS7gvXqXmQZLtM83uy6xA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
ad.doubleclick.net
bid.g.doubleclick.net
burrow.hogwartsishere.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d.pub.network
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
functionalfeather.com
fw.adsafeprotected.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
pixel.quantserve.com
r2---sn-4g5ednly.c.2mdn.net
region1.google-analytics.com
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
static.adsafeprotected.com
tpc.googlesyndication.com
vast.doubleverify.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.hogwartsishere.com
104.18.36.54
142.250.184.226
142.250.185.70
172.64.151.101
185.89.210.101
2001:4860:4802:32::36
216.58.212.130
2404:6800:4002:81e::2003
2600:1901:0:7416::1
2600:1f18:1aca:4281:61b8:46a3:581b:1f2c
2600:3c03:1::68ed:94d1
2600:9000:223c:6200:6:44e3:f8c0:93a1
2600:9000:223f:4c00:8:48e:53c0:93a1
2606:4700::6811:180e
2606:4700::6812:15ce
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:67::7
2a00:1450:4001:810::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.160.152.31
45.79.154.113
52.211.95.38
74.125.71.154
00419a245e2fedee211c64bcf76b8623c85e3d3598b5074b0cae1d7c229b157d
005c6d9033db7d1c50133baa06c8d9c1d727cc1bb6696516bc1546217d49f405
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
067a944232e759ba3ecb8e24b439a85111909a3388151bf9bbc95cce4c85a970
0ac41c47dbc6685c9e39788096a46fb155e0a0b63b56bfa6c07d05777144a8fe
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
115c79a47aa3f879a52abc8063c07725740b6a2282c8b63647fc3bd8e77c4794
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20075c2cfe67e6d4e34cd1e20f00f8baca61043cc703869fcd7b11dec45ba367
20a1ec59026619d78da1d6ea821a8830e632fe0f1c5312c31692c725e127c635
210db7c826b13b11d6bdefe305bfed13a19639f338ff978fb21791603176a93e
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e3479d14727cf6b6581add352dad3c9fb8a89b1586d49dc0e606249e7abe437
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
36c2664e072cdddf8c2b1e7202c00c2d1df9050951d2d1d3dbe55da453d5eac1
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39deb3024b64d67a27e79c3152ba16ea68026e8574fc9e4a3dbe1e291503ef48
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f0da7707f06c1071aa06004e666acb28ae6bb143ac90e580828205c714b925e
4144e29632334fb2f188059c67c96f43d14796ffea4b844440d9954484afc24e
4184e1d7016f99ca0763314291a41c053b19a8bac3a044dcdbd549b5628de7ab
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42b9fb690bdb0daa8893c7eaf592dc14b888ffd0641e65ed8a02848081d1546c
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4647e973849d5e0bb7b0eedad4e9f0721941a9d24487ff36ae28b340ab9e3d1f
4687cf6d417887f52571a23d1452f865caf8a5d691577995834a2250a2ad671c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7ef9d0a910ba3a7eb784fd8733865268c97143d426f1b569bee998df7bbf0a
539cc993691ac34295a0b8e0b720aa3db63a2e80c78d49e1c4c4132bb4a5dc09
53b5689b00c27570b4124f51080a30cb74efc5a4b41986aed979e8ec015201bb
5553138957b1a7a87169ee4a2dbed5d66df20abbfcc9043e0f5cb38c19fd3eb3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c430a931410b7f87fe65b9e1d7b9f1ce59b484e12f749b3c4d6715bbb6376d9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662b186f2bcc40ecc658a7c6a0e3941f759618b61609645854bc19cf943beca1
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6a225a2413d51727a3b4535fc35f044137bebc005ec0cc8c66ee6a3ca7566f73
6edd8bca9c24a024e784d9868170abd8e13f73866848a9059f366afc2069dd70
70a6c4d63926c28d5bb981ed6b751acc071627cc85b48df0e3753107b36dda9b
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
76261f0cf1e114619e492dd9502126c189a3819bda96b6ab0956a61c61393a83
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7b310d5197c931179032334dd012217d3e16d59eea4c34af9c1ef425aa99df6c
7c8f51219f79a7ffaaca9b739e91aedd1cd6816e3b7fa5b80cddf84ae17aade8
7d60255211b63ebd7ab57221ffe52ae073eab1c1c3a93c48df42b224e7f7c527
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f3a2b57bd5fef4acb35240b946f7228594a64944cef60fcf2a094de62847af2
8833293f6762feb57c976e996042e2dcf201b282c034504008e2bf0a98dd3527
91f62d071223d6b0fedae02a86c4dc0af8f83bf3561a6c270c3baa2630769873
92b4421f00f14288549a5ac6e0d9861f451d76221da13a17a775162037009c78
94b5662dd0dff520b9020080f473c23437fa4d16dd300bdc836d4c6db8ba11b7
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9d8ba3e5b67eb02054b1b9c4ab80d30acad439daa1343461526e368483b1b57c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24e7b3830e2c5212d6ff52b7af0ea8b6d0bb85141bc9c5d9d4534b14bf87a65
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
add48fbf3aaa9f2c6bae3365d189b74345703b15ec6dc31040c1387c7662f4c3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a66a9aed34c8a66ad7f65ebd9e2fc395cf4f3a144bb19c14a06f08a7b7eb20
b47444d5f3e2f105e6af8a75c4cb467eadc5cb5d2353e30d3b389fc8d6cc5988
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
bbead98319b2bee5757af35b4eacf615df3e45da2f69cb999cd4694a26bfb90f
bdebac216fe968e22edaead95a1004711d7c9fde77e93e81be2f53e9d62dd7ec
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c3477a72ef1db732762ffb13ba55d7df867b64c2abf5f88a1fdff29e6dbe374d
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce2b61e64a17f1488f20bafee5aa20a8d8ec897b990f709634f5bd1cc620e6b0
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
db0ef28259720936c3e10673c773962f5a6f7774d20f880e954816679ff3c530
dc62adf4113da7057c2c9ae71d462ca022aa0a6136de6e286265989cd2fc3eea
decabc2fcc0f80c5cc2febbab77b640f90ae09681a137077123f9ee5f12a784b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
e8987d3f22316fda61a1f99bf2b11185fd83d39099730ca31867cd6e323c1016
e9a67c969c3bc952b413cb394d3f1bc233569aed96d8b71c5222e726de75fad7
ea710d3643d7c8c5c4ca2a93079e33d0beae10cdf6671328f62959ccba6848e2
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edd8a5d24d64ff41fd0d6bf5de6d0f2ea253efc4aa31b3e85efc7a61d79ece69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c47cb702e040372a3a4bce66d5e0ecc46c56325ec40f8c00b91da0d1d3f46
f06bca8dce046d046398296a9f691960175f29b9c7a80a5c8f3ae795b7af6f5f
f32ab088b4a089cb616aa494a5c83a3ee0baea68091ec0a82b45cc75e225b472
f430ad6611692180cc5bfba88afb989ac5cde063c2e929a28026be4c2c3e9f45
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f82a58670983593c24a40a3f77c234502cdcdbacc350868e59530b53da348ba4
fc757f9ba6603eb9913106a4cd83c7a7c0a8a4f845a0aceb1103606bc324ad00
fd415f2167fdb63d0af74ecfb5e4f247da14ff0a77402e10f53092f3540b6fcc

www.hogwartsishere.com Open in urlscan Pro 2600:3c03:1::68ed:94d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

96 %HTTPS

70 %IPv6

20 Domains

34 Subdomains

33 IPs

5 Countries

7302 kBTransfer

9779 kBSize

17 Cookies

2 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hogwartsishere.com Open in urlscan Pro
2600:3c03:1::68ed:94d1 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

96 %
HTTPS

70 %
IPv6

20
Domains

34
Subdomains

33
IPs

5
Countries

7302 kB
Transfer

9779 kB
Size

17
Cookies

138 HTTP transactions
1 data transactions