www.3domains.net Open in urlscan Pro
107.154.168.215 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nets.hk/
Effective URL:
http://www.3domains.net/
Submission: On March 21 via manual (March 21st 2024, 1:54:31 am UTC) from MY — Scanned from DE

Summary HTTP 48 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 48 HTTP transactions. The main IP is 107.154.168.215, located in United States and belongs to INCAPSULA, US. The main domain is www.3domains.net.

This is the only time www.3domains.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	107.154.168.215 107.154.168.215	19551 (INCAPSULA) (INCAPSULA)
1 1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
48	13

16 107.154.168.215 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.168.215.ip.incapdns.net

nets.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.3domains.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cubichost.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	374 KB
15	3domains.net www.3domains.net	249 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1728	21 KB
3	jsdelivr.net 1 redirects cdn.jsdelivr.net — Cisco Umbrella Rank: 437	81 KB
2	cubichost.net cubichost.net	18 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	87 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	346 B
1	nets.hk 1 redirects nets.hk	108 B
48	10

	Domain	Requested by
15	pagead2.googlesyndication.com	cubichost.net pagead2.googlesyndication.com www.3domains.net tpc.googlesyndication.com
15	www.3domains.net	www.3domains.net cdn.jsdelivr.net
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.gstatic.com	pagead2.googlesyndication.com
3	cdn.jsdelivr.net	1 redirects www.3domains.net
2	www.google-analytics.com	www.3domains.net www.google-analytics.com
2	cubichost.net	www.3domains.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	nets.hk	1 redirects
48	13

This site contains links to these domains. Also see Links.

Domain
support.3domains.net
www.facebook.com
cubichost.net
www.nets.hk
www.idv.pw
www.zvz.cc
www.coms.hk
www.orgs.hk

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.3domains.net/
Frame ID: 576F832D51E6870CE036D8130542A42D
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&adk=769381493&adf=1569964852&lmt=1710986067&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.3domains.net%2F&pra=5&wgl=1&easpi=0&asro=0&dt=1710986066893&bpp=2&bdt=977&idt=183&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7620971279768&frm=20&pv=2&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=1&uci=a!1&fsb=1&dtd=197
Frame ID: 2D939AE26B75F1C2451FD8451359253E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
Frame ID: 1BCC29F5BE0D07FF6ED51FF83652CD77
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js
Frame ID: 94B424A7409D8C88C40F7F87902EAE80
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2427814762BB90191960472711DDCD46
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

3Domains Free Domain Name Service | Free and reliable domain name that belongs to everyone

Page URL History Show full URLs

http://nets.hk/ HTTP 301
http://www.3domains.net/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HeadJS (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<[^>]*data-headjs-load

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

48
Requests

58 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

890 kB
Transfer

2198 kB
Size

10
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://support.3domains.net/
Title: Support Center

Search URL Search Domain Scan URL

URL: http://support.3domains.net/kb
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1453968511498723
Title: Facebook

Search URL Search Domain Scan URL

URL: http://cubichost.net/JoinQQGroup.php
Title: QQ Group

Search URL Search Domain Scan URL

URL: http://www.nets.hk/
Title: NETS.HK

Search URL Search Domain Scan URL

URL: http://www.idv.pw/
Title: IDV.PW

Search URL Search Domain Scan URL

URL: http://www.zvz.cc/
Title: ZVZ.CC

Search URL Search Domain Scan URL

URL: http://www.coms.hk/
Title: COMS.HK

Search URL Search Domain Scan URL

URL: http://www.orgs.hk/
Title: ORGS.HK

Search URL Search Domain Scan URL

URL: http://cubichost.net/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nets.hk/ HTTP 301
http://www.3domains.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js HTTP 301
https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js

Request Chain 11

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 21

http://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js) HTTP 307
https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.3domains.net/
Redirect Chain

http://nets.hk/
http://www.3domains.net/

9 KB
4 KB

474ms
401ms

Document
text/html

107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: Apache/2 /
Resource Hash: c146845429b86063e315273a71f1d07e51b9b2d675ac91f3b7e7e03952420b5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Mar 2024 01:53:23 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache/2
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
X-CDN: Imperva
X-Iinfo: 13-34607682-34607683 NNNN CT(173 -1 0) RT(1710986065273 0) q(0 0 2 0) r(4 4) U2

Redirect headers

Connection: close
Content-Length: 0
Location: http://www.3domains.net/

GET
H/1.1 200
OK style.min.css
www.3domains.net/ 53 KB
12 KB 45ms
45ms Stylesheet
text/css 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/style.min.css
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: 91bb8413814acbeb8b889a2e4deb2867108d3318435c48224baed1e2dc246599

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:54:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 05:34:10 GMT
X-CDN: Imperva
Etag: "d27e-5d73eb77f1729-gzip"
Content-Type: text/css
X-Iinfo: 13-34607682-34458015 2CNN RT(1710986065273 405) q(0 0 0 -1) r(0 0) U18
Content-Length: 12294

GET
H2

200

head.min.js Show response
cdn.jsdelivr.net/headjs/1.0.3/
Redirect Chain

http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js

9 KB
5 KB

103ms
38ms

Script
application/javascript

2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js

Requested by

Host: www.3domains.net
URL: http://www.3domains.net/

Protocol

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db917fc3741ec881cde5f77f9d0514a27081219aea5b4cbc81a391345f5ae8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 641512
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220079-FRA, cache-lga21938-LGA
server: cloudflare
etag: W/"25cd-lcneMERBF627syGAcP2gCvGHp2o"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vqm9Rg96y8WR%2F64lmofQXRZ7hxbeC0YmypbA9wzMVmlrVUdr5Kyk%2FZlVo640YiTCWJYGjt9wWMmurx4WX8hqQ8p90JDZ290nzxnugE5PZJCid%2FFc0Ls%2BSmDyJDNEdPrbOWrF9LW5SVAxgX8xHqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 867a5060e9fa3626-FRA

Redirect headers

Date: Thu, 21 Mar 2024 01:54:25 GMT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wv6YLEDomAevf6khrV89MkRWe7oDRphHiOIQu0cE5Pr%2BqvP%2BlGwwf2g4J1vUH3wWdSw2Y0UMCVAxFl48dA3%2BdNDZ4xWzlO7VXd83EMe%2F51aBuejNch5jGDzUIL75lui9wvB3FLQgKZ%2BB%2BTxrm0s%3D"}],"group":"cf-nel","max_age":604800}
Location: https://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 867a50604e9e1e18-FRA
alt-svc: h3=":443"; ma=86400
Expires: Thu, 21 Mar 2024 02:54:25 GMT

GET
H/1.1 200
OK logo.png
www.3domains.net/static/images/ 14 KB
14 KB 82ms
43ms Image
image/png 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/logo.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: 7daa3655fc0061350fc8ec06f771276062acc7a7db1ba9b5a4ca1e805a76ffd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 13-34607765-34458015 2CNN RT(1710986065717 0) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:25 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:32 GMT
X-CDN: Imperva
Etag: "37a3-5d73eb54528d1"
Content-Length: 14243
Content-Type: image/png

GET
H/1.1 200
OK feature_records.png
www.3domains.net/static/images/ 4 KB
4 KB 85ms
44ms Image
image/png 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/feature_records.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: e19df5be8b1fb415566b5b242e6568a1c7201c6b75273bb9282547272e71aa30

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 11-27106171-27086375 2CNN RT(1710986065719 0) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:25 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:32 GMT
X-CDN: Imperva
Etag: "107d-5d73eb540c7b9"
Content-Length: 4221
Content-Type: image/png

GET
H/1.1 200
OK feature_easy.png
www.3domains.net/static/images/ 4 KB
4 KB 48ms
48ms Image
image/png 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/feature_easy.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: ebdbc54be08c11412e7dbe1bc9adfdfb514c8b873a072d0246a31b36a22d81c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 11-27106171-27106176 2CNN RT(1710986065719 47) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:25 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:32 GMT
X-CDN: Imperva
Etag: "f67-5d73eb5434c41"
Content-Length: 3943
Content-Type: image/png

GET
H/1.1 200
OK feature_safe.png
www.3domains.net/static/images/ 1 KB
2 KB 45ms
45ms Image
image/png 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/feature_safe.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: bd63b6776198e62b47d9446bb600d28860cbe4831926de8a1a7ec991ec89e4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 13-34607765-34366879 2CNN RT(1710986065717 88) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:25 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:32 GMT
X-CDN: Imperva
Etag: "59a-5d73eb5421b91"
Content-Length: 1434
Content-Type: image/png

GET
H/1.1 200
OK feature_international.png
www.3domains.net/static/images/ 8 KB
9 KB 50ms
50ms Image
image/png 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/feature_international.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: 171448c8903863c7d352d90cca7856aa3647aa504e989503e8c2796a52a21eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 11-27106171-27086375 2CNN RT(1710986065719 96) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:26 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:32 GMT
X-CDN: Imperva
Etag: "2182-5d73eb541b601"
Content-Length: 8578
Content-Type: image/png

GET
H/1.1 200
OK feature_support.png
www.3domains.net/static/images/ 3 KB
3 KB 59ms
59ms Image
image/png 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/feature_support.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: a35cb4f0ddc0fda688fd80fbd1f3228d0da885f5b52b9042d40fa093e4b1efa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 13-34607682-34607795 2CNN RT(1710986065273 581) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:25 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:32 GMT
X-CDN: Imperva
Etag: "ca3-5d73eb53e75f9"
Content-Length: 3235
Content-Type: image/png

GET
H/1.1 200
OK ads.js Show response
cubichost.net/ads/ 2 KB
1 KB 636ms
566ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://cubichost.net/ads/ads.js
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58df06faf2976cb6d4ebdc7748e6588af9ca1b83572c6a00d37831b3a7445c83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:54:26 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
Last-Modified: Sat, 05 Feb 2022 08:47:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "688-5d7416bbaaf21-gzip"
Vary: Accept-Encoding,User-Agent
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3q7IpuIpFeStlM%2FJTjYcAF3mPMGrZyCYlsqyqjw3aI6Jp9HVAaNBQci0k65OwqUoxnnQul1oxw44HV9hCEjDdsYw5tjtOgFRmYy2aR%2Bk%2Bj9mUciUOLK574wDKpORKVP"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 867a50619bbf0404-FRA
Content-Length: 808

GET
H/1.1 200
OK logoV4.png
cubichost.net/images/logo/ 16 KB
17 KB 606ms
530ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cubichost.net/images/logo/logoV4.png
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23cb7a06661ff87ea7f6ec436880db3482a7609ee9dc2757204adb4b44f54fe5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:54:26 GMT
CF-Cache-Status: REVALIDATED
Last-Modified: Mon, 18 May 2015 20:05:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "4025-51660b7ed3180"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yvU2iDiN1ST9REblE99i9Ki6IYVlHY9ptKjHcI9W1nPAUlvFgkJC3l6BwCpcfOp6A5rEFO%2BJ%2B1DvD68CtaNrQd8jtRzIS9mK05SUWdLDBCcLc1KC40fKRxcGPu5rOUy"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 867a5061ab7bb752-AMS
Content-Length: 16421

GET
H/1.1 200
OK _Incapsula_Resource Show response
www.3domains.net/ 132 KB
19 KB 55ms
54ms Script
application/javascript 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1065431823
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: b1419743846e1d45cdd50572735b6fc702c1973082bd47b93fdb53b5927b953b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
X-Robots-Tag: noindex
Content-Length: 18870
Content-Type: application/javascript

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

105ms
32ms

Script
text/javascript

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.3domains.net
URL: http://www.3domains.net/

Protocol

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 01:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 21 Mar 2024 03:48:08 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK dutch.jpg
www.3domains.net/static/images/header/ 87 KB
87 KB 68ms
49ms Image
image/jpeg 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/static/images/header/dutch.jpg
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/style.min.css
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: a8aacc22a22d1c2bad997d77fcb04636704040bd101e5c9f5ea8401c6748608e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/style.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-Iinfo: 11-27106171-27086375 2CNN RT(1710986065719 154) q(0 0 0 -1) r(0 0) U18
Date: Thu, 21 Mar 2024 01:54:26 GMT
Last-Modified: Sat, 05 Feb 2022 05:33:36 GMT
X-CDN: Imperva
Etag: "15b7c-5d73eb57f9da9"
Content-Length: 88956
Content-Type: image/jpeg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
221 B 40ms
39ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1083245193&t=pageview&_s=1&dl=http%3A%2F%2Fwww.3domains.net%2F&ul=en-us&de=UTF-8&dt=3Domains%20Free%20Domain%20Name%20Service%20%7C%20Free%20and%20reliable%20domain%20name%20that%20belongs%20to%20everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAAAACAAI~&jid=2068436406&gjid=314883252&cid=1138734006.1710986066&tid=UA-48167488-1&_gid=1204921921.1710986066&_slc=1&z=63622696

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

074450bfb32c912d76be071bfdebd1443a871fa521883d945158b8ab48a54fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.3domains.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 01:54:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.3domains.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 117ms
39ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48167488-1&cid=1138734006.1710986066&jid=2068436406&gjid=314883252&_gid=1204921921.1710986066&_u=YGBAgUABAAAAAGAAI~&z=682234498

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.3domains.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 21 Mar 2024 01:54:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.3domains.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
87 KB 115ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZEQ63XY3Q4&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0df85cec028249f967471acc566bf66e0d016d57f47083e1c00f2abe778496e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88828
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 01:54:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 102ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZEQ63XY3Q4&gtm=45je43k0v9124840781za200&_p=1710986066259&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1138734006.1710986066&pscdl=noapi&_eu=ABAI&_s=1&dl=http%3A%2F%2Fwww.3domains.net%2F&dt=3Domains%20Free%20Domain%20Name%20Service%20%7C%20Free%20and%20reliable%20domain%20name%20that%20belongs%20to%20everyone&sid=1710986066&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2946
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZEQ63XY3Q4&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 01:54:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.3domains.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 107ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2365874332886522

Requested by

Host: cubichost.net
URL: http://cubichost.net/ads/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33d728d01460522b3e47470dc3b102ddfa5a083046815d161ce101b751208ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.3domains.net/
Origin: http://www.3domains.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51115
x-xss-protection: 0
server: cafe
etag: 6424205321296502648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 21 Mar 2024 01:54:26 GMT

GET
H/1.1 200
OK _Incapsula_Resource
www.3domains.net/ 1 B
123 B 34ms
34ms Image
text/plain 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.3domains.net/_Incapsula_Resource?SWKMTFSR=1&e=0.5069464929927998
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK main.min.js Show response
www.3domains.net/static/script/ 34 KB
7 KB 39ms
39ms Script
application/javascript 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/static/script/main.min.js
Requested by: Host: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: c6842b2870483f9f69a773a27a35a9b096f45069748c8970f6d8b2b2d0b96b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:54:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 05:33:33 GMT
X-CDN: Imperva
Etag: "891e-5d73eb5534de9-gzip"
Content-Type: application/javascript
X-Iinfo: 13-34607682-34458015 2CNN RT(1710986065273 1229) q(0 0 0 -1) r(0 0) U18
Content-Length: 6839

GET
H/1.1 200
OK fontawesome-webfont.woff
www.3domains.net/static/fontawesome/ 64 KB
64 KB 43ms
43ms Font
application/x-font-woff 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/static/fontawesome/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: www.3domains.net
URL: http://www.3domains.net/style.min.css
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: http://www.3domains.net/style.min.css
Origin: http://www.3domains.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:54:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 05:33:31 GMT
X-CDN: Imperva
Etag: "ffac-5d73eb53146f9-gzip"
Content-Type: application/x-font-woff
X-Iinfo: 13-34607765-34607872 2CNN RT(1710986065717 787) q(0 0 0 -1) r(0 0) U18
x-incap-sess-cookie-hdr: Qb83QrKH03iWWDRb8IKpBVKT+2UAAAAA0yfjN2nfCbWKL7lt4faAlQ==
Content-Length: 65453

GET
H2

200

jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magni... Show response
cdn.jsdelivr.net/g/
Redirect Chain

http://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnifi...
https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnif...

215 KB
76 KB

40ms
39ms

Script
application/javascript

2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)

Requested by

Host: www.3domains.net
URL: http://www.3domains.net/

Protocol

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3b189a485b71fe96fb4f6a22e9c90ee700ed413f97e96fd742d3597d45d5d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 85648
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220035-FRA, cache-lga21975-LGA
server: cloudflare
etag: W/"35aa1-5IK8OdGOK8s1QceN9c1Y/zg++oA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JbQR4XZW7X2mXH9cerzz76WDX3PJn2WvPIywaqeKRWyddp92VL2gcAhP4%2BeFpn6aJ6CtDPtwEPmzxV5XTAQ1vw%2BYQwUL44HqvaADF7VPsN6tJmncSho%2BgCWqPtefE7DV547N%2BHnOaaz2rooM3A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 867a50658da23626-FRA

Redirect headers

Location: https://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK countries.min.js Show response
www.3domains.net/static/script/ 68 KB
17 KB 35ms
35ms Script
application/javascript 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/static/script/countries.min.js
Requested by: Host: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/headjs/1.0.3/head.min.js
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: /
Resource Hash: 67d7517c05f43a3d158bcf2cc334d3b6bb0ce1f533c1097e7693fbc75db64669

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:54:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 05:33:34 GMT
X-CDN: Imperva
Etag: "10fe2-5d73eb55af6d9-gzip"
Content-Type: application/javascript
X-Iinfo: 13-34607682-34458015 2CNN RT(1710986065273 1268) q(0 0 0 -1) r(0 0) U18
Content-Length: 17392

GET
H/1.1 200
OK en-us.json Show response
www.3domains.net/static/i18n/ 5 KB
2 KB 211ms
211ms XHR
application/json 107.154.168.215
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: http://www.3domains.net/static/i18n/en-us.json
Requested by: Host: cdn.jsdelivr.net
URL: http://cdn.jsdelivr.net/g/jquery@1.12.4(jquery.min.js),i18next@1.11.2(i18next.min.js),jshash@2.2(md5-min.js),jquery.cookie@1.4.1(jquery.cookie.min.js),qtip2@3.0.3(jquery.qtip.min.js),jquery.magnific-popup@1.0.0(jquery.magnific-popup.min.js),jquery.easytabs@3.2.0(jquery.easytabs.min.js),jquery.placeholder@2.3.1(jquery.placeholder.min.js),jquery.collapse@1.1.1(jquery.collapse.js)
Protocol: HTTP/1.1
Server: 107.154.168.215 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.168.215.ip.incapdns.net
Software: Apache/2 /
Resource Hash: 12079dd85ddb45ead6638b3f7492f35474f24abdd4098c59f6c2315a43cd25a2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://www.3domains.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 21 Mar 2024 01:53:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 05 Feb 2022 05:33:34 GMT
Server: Apache/2
X-CDN: Imperva
ETag: "1233-5d73eb55f34c9-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/json
X-Iinfo: 13-34607682-34607683 SNNN RT(1710986065273 1354) q(0 0 0 -1) r(2 2) U18
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1634

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/ 407 KB
138 KB 113ms
60ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2365874332886522&plah=www.3domains.net&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2365874332886522

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2569602031b6652981caab39f38fba95a5383d67cc997aed7f3a3be04540d83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141477
x-xss-protection: 0
server: cafe
etag: 17541235869343486930
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 01:54:26 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 2D93 0
16 B 242ms
242ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&adk=769381493&adf=1569964852&lmt=1710986067&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.3domains.net%2F&pra=5&wgl=1&easpi=0&asro=0&dt=1710986066893&bpp=2&bdt=977&idt=183&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7620971279768&frm=20&pv=2&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&ifi=1&uci=a!1&fsb=1&dtd=197

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2365874332886522&plah=www.3domains.net&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.3domains.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 01:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=nav-bar-wrap&ign=false&pw=1600&ph=1200&x=0&y=69.6

Requested by

Host: www.3domains.net
URL: http://www.3domains.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Mar 2024 01:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 1BCC 127 KB
42 KB 357ms
357ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f88714c5e155d227371c57ad760810f396b382a6073c4ce0fd9a350a83171eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.3domains.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42671
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 01:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 84d2527241fb8c00ce4670060c5f1154.js Show response
www.gstatic.com/mysidia/ Frame 1BCC 9 KB
4 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/84d2527241fb8c00ce4670060c5f1154.js?tag=client_fast_engine_2019

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:47:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151643
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4075
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:47:04 GMT

GET
H2 200 86afce54da96dfe352c11602b6998f11.js Show response
www.gstatic.com/mysidia/ Frame 1BCC 11 KB
5 KB 98ms
32ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/86afce54da96dfe352c11602b6998f11.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e523e9fc2e53beabb15afb270ddae636243a27520b4263cb568750e31d9cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 16:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Jun 2024 07:53:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1BCC 14 KB
2 KB 103ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 21 Mar 2024 01:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 00:38:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Mar 2024 01:54:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 1BCC 2 KB
822 B 33ms
32ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40413
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:40:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/ Frame 1BCC 23 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41633
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:20:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 1BCC 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:27:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/ Frame 1BCC 20 KB
8 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240319/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 14:28:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 Apr 2024 14:28:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1BCC 206 KB
62 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 02:03:19 GMT

GET
H2 200 b671e646565d0c2f8b43853dd556e31b.js Show response
www.gstatic.com/mysidia/ Frame 1BCC 36 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b671e646565d0c2f8b43853dd556e31b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 17:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15272
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 02:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 17:42:50 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5657974634225274290/ Frame 1BCC 3 KB
3 KB 96ms
29ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5657974634225274290/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36431f1c93737fa93a554114345f99d76876dd7a70b9c5224ef2eda4d3befc5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 08:13:21 GMT
date: Tue, 19 Mar 2024 08:13:21 GMT
x-content-type-options: nosniff
age: 150066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2613
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 10:34:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 1BCC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab3ba524f2d2f082c7e8e2726f6e8f92b20678688c75c8334e19b245395b1828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1BCC 33 KB
34 KB 87ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pagead2.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 08:09:19 GMT
x-content-type-options: nosniff
age: 150308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 08:09:19 GMT

GET
H3 200 adview
pagead2.googlesyndication.com/pagead/ Frame 1BCC 0
0 61ms
61ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/adview?ai=C25t5U5P7Zd-DCI_v9u8P6-ODyASV-MzAdrjNsvDJEbeC7aC6ORABIMjJ2yFglfqagqwHoAGOyLDQA8gBAakCzZ7FXaVTsj6oAwHIA8sEqgTEAU_QiOohKeyYUa1nAesya6qlhSkqRsZoCmXX_ILYxjQGy2ExXV1LZMTW2tTnijlBN604N_CmoULiLa1cj8BOCY7VCIYm6d5VgBFTlNxNa-hTqlglte_but0kkBbPPCZ46L7YZjLvqKKr7HdtyyvJJ3KlO7kBCeqAearLwNz255dpRYsr01lzZ5vSpUrcyx-KIthY1bMkgFoEOkEUrul_HikI_feK79KtXW4bzcXxVIjO2pbCK621MZhN5_CH4PwzO2Sw9uLABPPHl6yvBIgF5MSb-UmSBQQIBBgBkgUECAUYBIAH4N6UM6gH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcB8gcEELKvHdIIKgiR4YBwEAEYHzIH64uA4L-ADToIAICAgICAlChIvf3BOljr3vzln4SFA5oJ0QJodHRwczovL3d3dy5hdmlyYS5jb20vZGUvY2FtcGFpZ25zL2FjcS9mcmVlL2ZyZWUtc2VjdXJpdHktb2ZmZXItZm9yLWRpc3BsYXk_b21fc2VtX2NpZD1oaG9fc2VtX3N5On5kZS1kZV9hdnJfZnNzX2Rpc19wcm9fbmF1X2ZyZV9hZHdfZHRwX2xvdzpvcHRfaW5zdGFsbHN-JngtYy1jaGFubmVsPWdkbiZ4LWEtc291cmNlPWdvb2dsZSZ1dG1fc291cmNlPWdvb2dsZSZ4LWEtbWVkaXVtPWNwYyZ1dG1fbWVkaXVtPWNwYyZ4LWEtbmV0d29yaz1zZWFyY2gmdXRtX2NhbXBhaWduPWRlLWRlX2F2cl9mc3NfZGlzX3Byb19uYXVfZnJlX2Fkd19kdHBfbG93Om9wdF9pbnN0YWxscyZnY2xzcmM9YXcuZHMmgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTIzNjU4NzQzMzI4ODY1MjIYALIYCRICgmgYASIBAA&sigh=Ydsuaw9VEQI&uach_m=%5BUACH%5D&ase=2&template_id=5001&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 21 Mar 2024 01:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 40ms
40ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240314&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b99030da1562c438d0404fd4365582a206edc621b7a49062147607736971a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12417
x-xss-protection: 0

GET
H3 200 ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js Show response
pagead2.googlesyndication.com/bg/ Frame 94B4 52 KB
20 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ghSbiK71ebhuxEqc_YnF1-p9wbLv1ze7peYEguTjq34.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-2365874332886522&output=html&h=280&slotname=7465893975&adk=3885092059&adf=2208671371&pi=t.ma~as.7465893975&w=970&fwrn=4&fwrnh=100&lmt=1710986067&rafmt=1&format=970x280&url=http%3A%2F%2Fwww.3domains.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1710986066895&bpp=1&bdt=979&idt=203&shv=r20240314&mjsv=m202403180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7620971279768&frm=20&pv=1&ga_vid=1138734006.1710986066&ga_sid=1710986067&ga_hid=1083245193&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=315&ady=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321957%2C95326916&oid=2&pvsid=3645073400304428&tmod=1129915534&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&ifi=2&uci=a!2&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 150952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20261
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Mar 2025 07:58:35 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 01:54:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2427 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.3domains.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 20 Mar 2024 18:59:55 GMT
expires: Thu, 20 Mar 2025 18:59:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2427 40 KB
16 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 22:03:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13868
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 22:03:19 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2427 0
10 B 26ms
26ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Ouwl0A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:54:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 62ms
61ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240314&jk=3645073400304428&bg=!dXaldjnNAAZaswqNerM7ADQBe5WfOHpbEjUL9ZEl8iKyzbKBETLw4jVF0FN-SU-yTYhl-0Lk_SlemUAYzIpJxGhHP8TXAgAAADBSAAAAAmgBB34ANS9bLAj3ZxzqHPO4YLOYE2CaqT7IyWIAWoaSzsnlnn7jcpt1pDkpJSxYFLRSDWz3B0v7qpbFCgBYP82gP8z26x6ooOF9ymNpwCzmxiL1lMDsBrNgN4nIXMXkIX6eSIrG0ElM24gXl3KCKKOVkjZbjiEHQpKmDdJI9s8L1OXXdcHLntEY8B2pX-L0zZePhyrQbJkCaj5RhDiGt4iezdouoTjiZa8fkKa_BNPzki_QNzVxD8kO69QIrW7-pzIU4iexzoq42RvI62rSosLZvwLd42f4yavgAy8KFhVWSYTHvAw8RKDKs0FYNs3BJF8i393nZBCDbmVcRTc8TqISurxL3uw3YDWUFegROE830c9U_L7M8fCqkbdIyE6mduVHtBp0k6BlIdHTGDrxwdnF964gXhnXztAloiBy_h7aFyq0mPXgDmZI9cJEEJVA6G9xTc15A3XhTtT8IznQUQCULoo9MvIBIT5LFK5X2owlP8-A16X7nZd39t9dsElPGeGvkJlq8XMPb6gCFTPAr25nq5XKDppjTyOtMsWKZ7qLgrAOIZ8XymeYcG3UktkwOOO_TSzK7xVs0_-psBgV6_Uisp2MauS_0MwiH6Ss_xGquV1MhG3GCeju298ZSQC2GSdsHkr_fmcD9tGMLkSgotABswK76tZiJro1Q1F-mxoqWUid3PXknwqmRnUkzXsoRsmeg-H4QM0BQjp8iHj_dRNMKsv_lqzYvqpDE4Nt3LgWKxZwYWlhPv5Ga5kIFcn8KXPjvKK6QJAgHb-8dJBuGGvRzqmPBFJq7yMK7ke9aHFO09Gi4xIGzgpjFh7_kPtZoqG08oDr3enK7JKdsTyqVUiHXfR7Ltpr72LN2ZHiozUwPGCjWZTpJZU5rlHCP3b98uu4-jq-XhSOZpUmA6OTi09kW8IhamKnKBfg4lmTX1Bw1kIsV8AfkXMzuzJHiJD9XpTAOdLJqt7j-f6VFT-93qLSo9Nms4fmmGyeWCriiFEEPVBDAMYMWyL5r4-0c6wNIkzl1Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.3domains.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.3domains.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: bu7eap0qugk1ql158ovgp93o97
www.3domains.net/	1970-01-20 19:26:30	Name: language Value: en-us
.3domains.net/	1970-01-21 04:01:51	Name: visid_incap_128425 Value: fVN/CQoDRaa0A/MbecLxpVGT+2UAAAAAQUIPAAAAAACB2C/IIQ9thRAoDDGFOzd3
.3domains.net/	1969-12-31 23:59:59	Name: incap_ses_408_128425 Value: Z2XEe1/QYGmWWDRb8IKpBVGT+2UAAAAAjyXe78CovSulNy23mPzyug==
.3domains.net/	1970-01-21 04:52:26	Name: _ga Value: GA1.2.1138734006.1710986066
.3domains.net/	1970-01-20 19:17:52	Name: _gid Value: GA1.2.1204921921.1710986066
.3domains.net/	1970-01-20 19:16:26	Name: _gat Value: 1
.3domains.net/	1970-01-21 04:52:26	Name: _ga_ZEQ63XY3Q4 Value: GS1.2.1710986066.1.0.1710986066.0.0.0
www.3domains.net/	1969-12-31 23:59:59	Name: cookie Value: 1
.3domains.net/	1970-01-20 23:35:38	Name: __eoi Value: ID=43dd4d2dfeefd258:T=1710986067:RT=1710986067:S=AA-AfjajmrrBeV_oiHzXZC07ujkH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cubichost.net
fonts.googleapis.com
fonts.gstatic.com
nets.hk
pagead2.googlesyndication.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.3domains.net
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
107.154.168.215
188.114.96.3
2001:4860:4802:34::36
2606:4700::6810:5614
2606:4700::6810:5714
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9c
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
074450bfb32c912d76be071bfdebd1443a871fa521883d945158b8ab48a54fab
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0df85cec028249f967471acc566bf66e0d016d57f47083e1c00f2abe778496e6
12079dd85ddb45ead6638b3f7492f35474f24abdd4098c59f6c2315a43cd25a2
171448c8903863c7d352d90cca7856aa3647aa504e989503e8c2796a52a21eb8
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
23cb7a06661ff87ea7f6ec436880db3482a7609ee9dc2757204adb4b44f54fe5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d728d01460522b3e47470dc3b102ddfa5a083046815d161ce101b751208ccc
36431f1c93737fa93a554114345f99d76876dd7a70b9c5224ef2eda4d3befc5e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58df06faf2976cb6d4ebdc7748e6588af9ca1b83572c6a00d37831b3a7445c83
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5e37a5df91b0ea8648ef4923fcec72c2bba1a56ed3c5d80de765078df38c06f6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67d7517c05f43a3d158bcf2cc334d3b6bb0ce1f533c1097e7693fbc75db64669
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7daa3655fc0061350fc8ec06f771276062acc7a7db1ba9b5a4ca1e805a76ffd6
82149b88aef579b86ec44a9cfd89c5d7ea7dc1b2efd737bba5e60482e4e3ab7e
8b99030da1562c438d0404fd4365582a206edc621b7a49062147607736971a02
91bb8413814acbeb8b889a2e4deb2867108d3318435c48224baed1e2dc246599
a35cb4f0ddc0fda688fd80fbd1f3228d0da885f5b52b9042d40fa093e4b1efa5
a5e523e9fc2e53beabb15afb270ddae636243a27520b4263cb568750e31d9cb9
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a8aacc22a22d1c2bad997d77fcb04636704040bd101e5c9f5ea8401c6748608e
ab3ba524f2d2f082c7e8e2726f6e8f92b20678688c75c8334e19b245395b1828
b1419743846e1d45cdd50572735b6fc702c1973082bd47b93fdb53b5927b953b
b3b189a485b71fe96fb4f6a22e9c90ee700ed413f97e96fd742d3597d45d5d91
bd63b6776198e62b47d9446bb600d28860cbe4831926de8a1a7ec991ec89e4f6
c146845429b86063e315273a71f1d07e51b9b2d675ac91f3b7e7e03952420b5b
c6842b2870483f9f69a773a27a35a9b096f45069748c8970f6d8b2b2d0b96b52
d2569602031b6652981caab39f38fba95a5383d67cc997aed7f3a3be04540d83
db917fc3741ec881cde5f77f9d0514a27081219aea5b4cbc81a391345f5ae8ac
dda19d2f601c81c0a9188a28302d431e76c49a29f8e0b2d300747b56b5077e71
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e19df5be8b1fb415566b5b242e6568a1c7201c6b75273bb9282547272e71aa30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebdbc54be08c11412e7dbe1bc9adfdfb514c8b873a072d0246a31b36a22d81c4
f88714c5e155d227371c57ad760810f396b382a6073c4ce0fd9a350a83171eae

www.3domains.net Open in urlscan Pro 107.154.168.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

58 %HTTPS

85 %IPv6

10 Domains

13 Subdomains

13 IPs

4 Countries

890 kBTransfer

2198 kBSize

10 Cookies

10 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.3domains.net Open in urlscan Pro
107.154.168.215 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

58 %
HTTPS

85 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

890 kB
Transfer

2198 kB
Size

10
Cookies

48 HTTP transactions
1 data transactions