sign.cococloud-signing.online Open in urlscan Pro
148.72.153.23 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://sign.cococloud-signing.online/
Submission: On January 16 via api (January 16th 2024, 6:30:16 pm UTC) from US — Scanned from DE

Summary HTTP 127 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 16 domains to perform 127 HTTP transactions. The main IP is 148.72.153.23, located in St Louis, United States and belongs to AS-30083-GO-DADDY-COM-LLC, US. The main domain is sign.cococloud-signing.online.

This is the only time sign.cococloud-signing.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	148.72.153.23 148.72.153.23	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:4a5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:e4:... 2606:4700:e4::ac40:a407	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
17	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 2	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.210.149.152 35.210.149.152	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
127	24

6 148.72.153.23 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: usloft4420.startdedicated.com

sign.cococloud-signing.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

socialproof.cocotweaks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.cocotweaks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

coco-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4a5f (United States)

ASN13335 (CLOUDFLARENET, US)

api.cococloud-signing.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e4::ac40:a407 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.44.5 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.149.152 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 152.149.210.35.bc.googleusercontent.com

tps-dn-ew1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157 ade.googlesyndication.com — Cisco Umbrella Rank: 356	544 KB
20	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	169 KB
17	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	8 MB
11	gstatic.com www.gstatic.com fonts.gstatic.com	132 KB
7	cococloud-signing.online sign.cococloud-signing.online api.cococloud-signing.online	658 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1448 ka-f.fontawesome.com — Cisco Umbrella Rank: 3140	188 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	260 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	5 KB
3	doubleverify.com 1 redirects tps.doubleverify.com — Cisco Umbrella Rank: 650 tps-dn-ew1.doubleverify.com — Cisco Umbrella Rank: 16941	572 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	cocotweaks.com socialproof.cocotweaks.com analytics.cocotweaks.com	6 KB
1	coco-analytics.com 1 redirects coco-analytics.com	453 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	21 KB
127	16

	Domain	Requested by
24	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net sign.cococloud-signing.online tpc.googlesyndication.com s0.2mdn.net
24	pagead2.googlesyndication.com	sign.cococloud-signing.online pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
17	s0.2mdn.net	sign.cococloud-signing.online s0.2mdn.net
14	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com sign.cococloud-signing.online googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
6	sign.cococloud-signing.online	sign.cococloud-signing.online
5	ka-f.fontawesome.com	kit.fontawesome.com sign.cococloud-signing.online
4	www.googleadservices.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net sign.cococloud-signing.online
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	ade.googlesyndication.com
2	tps.doubleverify.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads4.g.doubleclick.net	sign.cococloud-signing.online
1	tps-dn-ew1.doubleverify.com
1	api.cococloud-signing.online	sign.cococloud-signing.online
1	kit.fontawesome.com	sign.cococloud-signing.online
1	analytics.cocotweaks.com	sign.cococloud-signing.online
1	coco-analytics.com	1 redirects
1	socialproof.cocotweaks.com	sign.cococloud-signing.online
1	cdn.jsdelivr.net	sign.cococloud-signing.online
127	25

This site contains links to these domains. Also see Links.

Domain
cococloud-signing.online

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
cocotweaks.com GTS CA 1P5	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
cococloud-signing.online GTS CA 1P5	`2023-12-23` - `2024-03-22`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 20 frames:

Primary Page: http://sign.cococloud-signing.online/
Frame ID: 417B717D1B95D26249BC031BFDBFB606
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: DF4277D94119C4C158011C14C3908639
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6605374199763197&output=html&adk=1812271804&adf=3025194257&lmt=1705429811&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fsign.cococloud-signing.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1705429810884&bpp=3&bdt=449&idt=218&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5108997774258&frm=20&pv=2&ga_vid=1422385448.1705429811&ga_sid=1705429811&ga_hid=591081583&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C44795921%2C44809003%2C95320377%2C95320888%2C95321627%2C95322165%2C31061690&oid=2&pvsid=2030129343137059&tmod=1853224034&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=239
Frame ID: 92B40CFFB1E37F476E641F913AACDF61
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 5B8B098BF141D6069A2AF4F18414D39A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: F319162F3AFD3CD97E1E6F1D94F6509D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: EE52750C546FEAEB4581B6CC5E759543
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 2597FAD59A58C1FDE2A60DB164AF1DEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNUUuIMTyPk45pxUvs38w6F7whiR_OPgpoVytcIu-Drf_Lpr_iW_LTFhzUlCYWjdM31S1ihrBB_EBe7Vts5njJOMnTGPo8IcJWzOMPb_Q0U8NjyJSDscDe_8j0UL_s3w9LQW7DWVd1-2MskjMOedVYWRR59qzuWyVNHC86tMWGwUL5vnZGU
Frame ID: 6C814472C15B3CA563E7E9ECB73FBAA2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E8E274FABF130BDD7FF676BB64696386
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2F9EB0F392A1E62D7950ED7999FE413
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8A28D688ED67FF8D6525F7ABA042D307
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DB575E64AA67E8F4C446392738D53A7A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B9AD33FB4FBF488F6D765E372D7F64C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C49693CAC097AEDD35A8EDF919084001
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 9A0639FB0B62B472ED9EE53067831E0A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B08A50075C894013969B27D55978D9CA
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
Frame ID: C215B5F3CBCE5E624A484966683F7079
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: 194A25C54D8F1D4C529393B1F170256F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js
Frame ID: CA8B6EF52337CAF9EBFD3135AF9B6941
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Frame ID: A58D9E079151430B5C6EC211B9183448
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CocoCloud API Signing (App Signer)

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

127
Requests

89 %
HTTPS

63 %
IPv6

16
Domains

25
Subdomains

24
IPs

4
Countries

9674 kB
Transfer

12237 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cococloud-signing.online/
Title: cococloud api

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://coco-analytics.com/pixel/qckO1E9tGWdIA7iZ HTTP 301
https://analytics.cocotweaks.com/

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZabLNJcqBZt2lF4KgvlN9AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESENi5v7Cn8-ZpWSfmFKLvP3s&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEwMDQ3MzA1OTA1MDU1MzExMA%3D%3D

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://googleads.g.doubleclick.net/pagead/adview?ai=C5jjXM8umZbKTEsOws8IPgqS80ALy-5CUdbnq7Jq9EtnZHhABIMfXuERglYKggrAHoAHvieLdA8gBAakCC94UsJJQsj6oAwHIA8sEqgTpAU_QINngErAHp07tFNguKMd6FD-iBTQVSmDzCl2P0YMrr-ivhRO9p-NP7QzSOWLNa1FYjY_FijKKC0eQOY-_qNKqYQ8XOesjgCWk_FKBVyg6M7odMRhd-O9gM8vQd67bGgTsU1rUOBNl3c3Zz9a6YEckZWmJ10jOVATMiQCk4QA_EytLwCWrFMhdhl0x6L2531Lrm1zjQL1zbvutS7DDr_GMEIbO5l8WlA6GW42EFUw6DfCAIQ_uGq2BDpiZ6-OR9YI-51sCVQD9cABo3iE5Ezjs5QtRblKEZ0vq0KcUQTWBCrXSQCZxIMskwASsxs7E0ASIBbW_5vRNgAegm6h1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ3Psc0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj78dSQxeKDA5oJXmh0dHBzOi8vd3d3LnRlbGVrb20uZGUvc3RhcnQvbWFnZW50YS10YXJpZmUteW91bmc_d3RfbWM9ZGFyX21mbW15b3h4XzMyMjg4MjY6MTE0MzE1NDM6NjE4ODA3MjWACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNjYwNTM3NDE5OTc2MzE5NxgA&sigh=CaxryCTcDSw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216736506660558710823%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224808944367349382529%22}&andc=true

Request Chain 96

https://tps.doubleverify.com/visit.jpg?ctx=28754477&cmp=3228826&sid=1619877&plc=70613798&adsrv=178&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&cbvp=2 HTTP 302
https://tps-dn-ew1.doubleverify.com/event.jpg?impid=b7de720629294ec9a3269d422d3150d3&consid=&api=2&rc=true

Request Chain 97

https://googleads.g.doubleclick.net/pagead/adview?ai=CoWnOM8umZbOTEsOws8IPgqS80ALy-5CUdbnq7Jq9EtnZHhABIMfXuERglYKggrAHoAHvieLdA8gBAakCC94UsJJQsj6oAwHIA8sEqgTpAU_Q3fwKPUxSAzxi9RW334jgXTNmJXwRKNVrcGMoQOJvZl-8cOjzIe01k6doQ8OiBZViScb3jk9-TqyP0-xodOzXqYgeHS5eUd5qS5_46lAmfYNNJUWz4vE9eroOUeuKS5Jz4sO75UOh4m1i7Nnk3o7YvPTgjR818EFUmKyUmMzaI8fqhs0xcemvK12KqaSYwnFKtC4VQiK063BHzRNS0fxPkrNcN9IPDP1cYzOWzNuoLlDh_R_bbvf-zUW5R9SJDgg0ZUCFc3YNyU2dXK3OfQmSLkHiwiVTo0UjSaMk1QPU9lHTjZN69nTmwASsxs7E0ASIBbW_5vRNgAegm6h1qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQtpYc0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj78dSQxeKDA5oJXmh0dHBzOi8vd3d3LnRlbGVrb20uZGUvc3RhcnQvbWFnZW50YS10YXJpZmUteW91bmc_d3RfbWM9ZGFyX21mbW15b3h4XzMyMjg4MjY6MTE0MzE1NDM6NjE4ODA3MjWACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNjYwNTM3NDE5OTc2MzE5NxgA&sigh=LUwYayb_p4U&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212227407313990429070%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215076484957427723297%22}&andc=true

127 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sign.cococloud-signing.online/ 5 KB
2 KB 2009ms
1863ms Document
text/html 148.72.153.23
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://sign.cococloud-signing.online/

Protocol

HTTP/1.1

Server

148.72.153.23 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

usloft4420.startdedicated.com

Software

nginx /

Resource Hash

cd8274399f560697ea81cb3af48a795fa401553f74f372511d4338cb2d3ad067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 16 Jan 2024 18:30:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK reset.css
sign.cococloud-signing.online/css/ 1 KB
947 B 121ms
119ms Stylesheet
text/css 148.72.153.23
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://sign.cococloud-signing.online/css/reset.css

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

HTTP/1.1

Server

148.72.153.23 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

usloft4420.startdedicated.com

Software

nginx /

Resource Hash

ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 18:30:10 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sat, 05 Aug 2023 21:10:06 GMT
Server: nginx
ETag: W/"64cebaae-444"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
sign.cococloud-signing.online/css/ 3 KB
1 KB 237ms
119ms Stylesheet
text/css 148.72.153.23
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://sign.cococloud-signing.online/css/style.css

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

HTTP/1.1

Server

148.72.153.23 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

usloft4420.startdedicated.com

Software

nginx /

Resource Hash

68fd9ac0d461f81fa8b12f010fd31e279bfb343898b0fe44c5313d4a8325c215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 18:30:10 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sat, 05 Aug 2023 21:10:06 GMT
Server: nginx
ETag: W/"64cebaae-d08"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 75 KB
21 KB 40ms
21ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64ca6069ef4a8c4879c89cb1170d66f7e29c8e37cb0118c0354bce2f4082f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32446
x-jsd-version: 11.10.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21932-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"12b28-cjcSNvnYbsEv95wMhNhqWdHNFsQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOMWKd0zA5RG9xLjJtlApXGFJatsZAiHvEODPJZz2D1I%2Foe8XywvEF4wr%2F3rnGO8EfO6%2BA6TzE3UNWE79tcStggjpXszfP2DZU%2FMzV%2BjvWfNcRrhoJHxpWg1npwI%2BJd%2FCHpUq%2FvCTeAPuGVajFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84686d9b59798ffe-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 154ms
60ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6605374199763197

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08834595c0f8cde36751c96864f0883669822b6ea31e9228e60f6cea3824758c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Origin: http://sign.cococloud-signing.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51312
x-xss-protection: 0
server: cafe
etag: 14221223962880941153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 16 Jan 2024 18:30:10 GMT

GET
H2 200 b2vs7j4mda2oox7c10gkp0ij01gyshfi Show response
socialproof.cocotweaks.com/pixel/ 27 KB
6 KB 556ms
473ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://socialproof.cocotweaks.com/pixel/b2vs7j4mda2oox7c10gkp0ij01gyshfi
Requested by: Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 73c07654ad2b5ddcb0a5621a8bc5825adae3f385e69c5d4b4e9e634974ff8927

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: cache
date: Tue, 16 Jan 2024 18:30:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.30
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHjpm6ci%2Fnls%2BuhiEi5zMbML40ZkNRnzMoGtTBCOMIYGj1%2F6ViHVzXwiwwawkgZRBmCVgW6QjiwDE9of9kE45%2BJ2ygdAV8sdibAkZbJTs%2FeqfVWwpaF6MClTfJDEdjDdZyT6KgSX4sowqzQSLQ5Z5mnq4%2FVwz3M7jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 84686d9d4b6e6517-LHR
alt-svc: h3=":443"; ma=86400
expires: Tue, 16 Jan 2024 18:30:11 GMT

GET
H2

200

/ Show response
analytics.cocotweaks.com/
Redirect Chain

https://coco-analytics.com/pixel/qckO1E9tGWdIA7iZ
https://analytics.cocotweaks.com/

0
0

318ms
293ms

Script
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.cocotweaks.com/
Requested by: Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

date: Tue, 16 Jan 2024 18:30:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sn%2BY3fmP2GZ%2Bqdlg49oRQjJzzd9AUfV8TL5C6cmKlc5UxZd9gJupzC0%2FzHpPa35yk2149Ay9vd8i8hr%2BvEyr0%2BWDguQQYlKcC0EW88eb4OPeoZXcrhHbveussp13Zbl47pydXrLlqjHK2XEFJidnteQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://analytics.cocotweaks.com/
cf-ray: 84686d9d288e4d7c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 7bf6b281dc.js Show response
kit.fontawesome.com/ 12 KB
5 KB 155ms
135ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/7bf6b281dc.js
Requested by: Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97196c8e56651aa5a75bb5117068e9060bac7f1d8aebcdb8f6ec2c8b915e41f3

Request headers

Referer: http://sign.cococloud-signing.online/
Origin: http://sign.cococloud-signing.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 84686d9b5a5c9174-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F6mxLMtJceTdJBlmxvWB

GET
H2 200 icon-free.jpeg
api.cococloud-signing.online/files/free/icon/ 201 KB
202 KB 598ms
353ms Image
image/jpeg 2606:4700:3034::6815:4a5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.cococloud-signing.online/files/free/icon/icon-free.jpeg

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:4a5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b821a49a63cd21285769175f3fa3505ab6c720e499dfa5def0be08b1afa29a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
last-modified: Thu, 22 Jun 2023 03:50:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6493c50e-32581"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wpxJ38MzqnKGd66%2FJUVWWMYQLQ4kbHwDZYb7lBllOSe9EhTBo%2FLOMVjwYW7Ggw6g9bIJ2FJqRudT%2B4NG2A2TgL3W8ta1hdjTRVTSrdLggaz5pbCMC54LROO7zCRBHVDDBLQQvvl2P%2FoJx1btnQZJwRQQ7g9qzgThWZ9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 84686d9ccc54f0cf-CDG
alt-svc: h3=":443"; ma=86400
content-length: 206209

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 101 KB
23 KB 48ms
26ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free.min.css?token=7bf6b281dc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7bf6b281dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
age: 344948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:52 GMT
server: cloudflare
etag: W/"edc53d8d44037708e54122b9e30bb2a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kngjZW7fbG7czIYo%2BWECYnURUkhhrIdKw7QkoswXMl8uOAHMN3kCFNTBtxCIBpvkplA0Vll6zR%2FOG09noGfr5F73OfmEUpm76JjKrdAjx4i62WABYmuQ8xlnzGv1ONjxNkTjtn%2BQHrOZpG%2FW2HAMVCbqnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84686d9cef963668-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: aaSM41QDqgqT7ql8MuOwE0h8SDZ-FogWwO3q8qzUBXzlvM89dGUx3A==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 27 KB
5 KB 50ms
28ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-shims.min.css?token=7bf6b281dc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7bf6b281dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
via: 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
age: 344948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"604d6da359831b0dc67e0f522f1ff94d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FUrpQHH9zUsVAU%2BWDVpIOHllSExDrcw%2FHxvzcQub37fBa%2F0%2FrYHn%2BY32qaC9xXbyUet%2BH89QfddHLIOq0FXuqQugkbKdTlzcl0NnkicbAz34ot%2BSVRxdsmMJkvB2FdKaw35CynjQYY0Df6m8fWA8FJW6A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84686d9cef9d3668-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cMoyrrmCwJTnBR4EuQLtcmRb1n1RP4EVoHO89jPQDWJoTP6Y6ewdfw==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 823 B
1 KB 44ms
22ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v5-font-face.min.css?token=7bf6b281dc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7bf6b281dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
via: 1.1 b619a16f6f8fe9793bf642d2a8434284.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS54-C1
age: 344948
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"496965a55b1faa4d5c41073ef276afc0"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2MCpD%2FmWAblE1P%2FoyRlIO8zxaCEbfjUj8owiZ4VSCbI5g10hy0h37b5flYSM6BfEuEXR4%2FT3LvUqoR1MNBOlqGYg3NkYsSrQy0YBMjAvjjMQ8ln1RrJRcYvUdIJk%2FMtoKqyutoJJJAcEeNye8aZzvq41w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84686d9cef983668-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: O5aMEOrRZIFGzYvW2uy63-ku20UtieV2sXkpSUSOlDYYZIUEnR17NQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.1/css/ 2 KB
1 KB 96ms
74ms Fetch
text/css 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/css/free-v4-font-face.min.css?token=7bf6b281dc
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7bf6b281dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
via: 1.1 dcbc01ed47e0218a59f0fec8e1b9aa18.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: VIE50-P1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 30 Nov 2023 17:25:51 GMT
server: cloudflare
etag: W/"cc84affe95dbdd9726525f57d20b4ea6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtPpeuzNLKQYevTgrFMOb2QwnR3kIP%2Bd%2B9Q8nSja%2BfB8i0U%2Btabug5ZsDs2AvLgmr4LtOTeXmvMnp%2FoYu0Lv7jd0qEm2XdMLBEsh4bhLpE3lYrId9X8ckQi6np0%2Bn3kkzTny%2Bi8BfgagTAe6wcj8yqLMNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 84686d9cef9b3668-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 6ImeBNPLYUlMx8fY7xwvFKyR5XlBrczdjceF6vQOvyQMTYNAhqS8JA==

GET
H/1.1 200
OK sf-pro-display_semibold.woff
sign.cococloud-signing.online/fonts/ 169 KB
169 KB 120ms
119ms Font
font/woff 148.72.153.23
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://sign.cococloud-signing.online/fonts/sf-pro-display_semibold.woff

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/css/style.css

Protocol

HTTP/1.1

Server

148.72.153.23 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

usloft4420.startdedicated.com

Software

nginx /

Resource Hash

70415e1a1d105a91799dcb375f07e0373f11f7bc67bb4e9edc92a6fb7717457b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://sign.cococloud-signing.online/css/style.css
Origin: http://sign.cococloud-signing.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 18:30:10 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 05 Aug 2023 21:10:10 GMT
Server: nginx
ETag: "64cebab2-2a360"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 172896

GET
H/1.1 200
OK sf-pro-display_regular.woff
sign.cococloud-signing.online/fonts/ 141 KB
141 KB 128ms
120ms Font
font/woff 148.72.153.23
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://sign.cococloud-signing.online/fonts/sf-pro-display_regular.woff

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/css/style.css

Protocol

HTTP/1.1

Server

148.72.153.23 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

usloft4420.startdedicated.com

Software

nginx /

Resource Hash

783c806f4f139353c95084071e370f5880f764aa636342344a95fdea5c76545c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://sign.cococloud-signing.online/css/style.css
Origin: http://sign.cococloud-signing.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 18:30:10 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 05 Aug 2023 21:10:10 GMT
Server: nginx
ETag: "64cebab2-2337c"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144252

GET
H/1.1 200
OK sf-pro-text_regular.woff
sign.cococloud-signing.online/fonts/ 141 KB
141 KB 257ms
129ms Font
font/woff 148.72.153.23
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL

http://sign.cococloud-signing.online/fonts/sf-pro-text_regular.woff

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/css/style.css

Protocol

HTTP/1.1

Server

148.72.153.23 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),

Reverse DNS

usloft4420.startdedicated.com

Software

nginx /

Resource Hash

feff9474770c269895eafb43b8115675e51be329baf7b3e8b918e3ce7ae0620a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://sign.cococloud-signing.online/css/style.css
Origin: http://sign.cococloud-signing.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Tue, 16 Jan 2024 18:30:10 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 05 Aug 2023 21:10:10 GMT
Server: nginx
ETag: "64cebab2-23214"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143892

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.1/webfonts/ 153 KB
153 KB 19ms
18ms Font
font/woff2 2606:4700:e4::ac40:a407
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.1/webfonts/free-fa-solid-900.woff2
Requested by: Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368

Request headers

Referer: http://sign.cococloud-signing.online/
Origin: http://sign.cococloud-signing.online
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 156504
last-modified: Thu, 30 Nov 2023 17:53:29 GMT
server: cloudflare
etag: "98ff5c340b38803d09d3f22fd9a00501"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wifutzi8X7%2FUVnOLjRsom%2FqfMNCTY6m5i0CcqiG3KuYYKXAeNoZssej17cig8sngW9Y9QWKFtMYYnYiwdXff5TzTEQhu6A6mHq%2BkQIlTA2H1ZDXZyY8FJWP9jt0gg6OJ8IxY60rkw84TOo8eDLo9Z9eDsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 84686d9d78353668-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qL6rBz-1BaSutcd9mA-vF_22oTNaiNG49sJdgpS2SMQxab9aIjqRtA==

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 126ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6605374199763197&plah=sign.cococloud-signing.online

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6605374199763197

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88889ac60f915b7716ab3188edec5f44769a3a6c4704b4a45716d3f623bf17a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139387
x-xss-protection: 0
server: cafe
etag: 5267513220562467277
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:10 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame DF42 9 KB
4 KB 86ms
25ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6605374199763197

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:27:43 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:27:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 92B4 559 KB
108 KB 1011ms
1010ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6605374199763197&output=html&adk=1812271804&adf=3025194257&lmt=1705429811&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=http%3A%2F%2Fsign.cococloud-signing.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1705429810884&bpp=3&bdt=449&idt=218&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5108997774258&frm=20&pv=2&ga_vid=1422385448.1705429811&ga_sid=1705429811&ga_hid=591081583&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320239%2C44795921%2C44809003%2C95320377%2C95320888%2C95321627%2C95322165%2C31061690&oid=2&pvsid=2030129343137059&tmod=1853224034&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6605374199763197&plah=sign.cococloud-signing.online

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7b60319d461e70442d64df9eb5301eb25086d281f172cb7995c99ef3b083794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 109858
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
expires: Tue, 16 Jan 2024 18:30:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 62ms
61ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

867dfaacd19aa6a6331ef5686a62830121237234ecc829f2b8a4048d01c86bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12287
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02be3ffa6ff1033481c1ebc9cbe9ca2f1d3de21e973ab2554f48db6e71c6c072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56400
x-xss-protection: 0
server: cafe
etag: 10418281465405035471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 5B8B 9 KB
4 KB 16ms
15ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:08:27 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame F319 9 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:08:27 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame EE52 9 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:08:27 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 2597 9 KB
4 KB 17ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55305
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 03:08:27 GMT
etag: 9219409622527106327
expires: Tue, 30 Jan 2024 03:08:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5B8B 4 KB
1 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 17:33:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B8B 205 B
519 B 65ms
27ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 10:38:20 GMT
x-content-type-options: nosniff
age: 28312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 15 Jan 2025 10:38:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5B8B 604 B
696 B 69ms
31ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
x-content-type-options: nosniff
age: 359991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 5B8B 16 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69565
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6823
x-xss-protection: 0
server: cafe
etag: 11129212757755515379
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:47 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 5B8B 22 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 13:35:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17707
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 13:35:05 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame F319 9 KB
4 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H2 200 24c99e14925e42e286b16c1a5d25afd8.js Show response
www.gstatic.com/mysidia/ Frame F319 11 KB
5 KB 65ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/24c99e14925e42e286b16c1a5d25afd8.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4917
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 01:55:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 08:44:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F319 14 KB
1 KB 125ms
93ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 17:31:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F319 2 KB
903 B 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame F319 23 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:09:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F319 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:33:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame F319 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F319 205 KB
65 KB 120ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame F319 37 KB
15 KB 58ms
27ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H2 200 4b0ef9dfa83525e0607f42119c034d23.js Show response
www.gstatic.com/mysidia/ Frame EE52 9 KB
4 KB 45ms
17ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 11:37:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370345
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4079
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 11:37:47 GMT

GET
H2 200 24c99e14925e42e286b16c1a5d25afd8.js Show response
www.gstatic.com/mysidia/ Frame EE52 11 KB
5 KB 60ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/24c99e14925e42e286b16c1a5d25afd8.js?tag=text/vanilla_highlight_ms_cta_adjustment

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4917
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 01:55:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 15 Apr 2024 08:44:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EE52 14 KB
1 KB 298ms
272ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 18:21:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EE52 2 KB
856 B 18ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame EE52 23 KB
9 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:09:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EE52 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:33:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame EE52 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE52 205 KB
65 KB 92ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame EE52 37 KB
15 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C81 624 B
246 B 53ms
51ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNUUuIMTyPk45pxUvs38w6F7whiR_OPgpoVytcIu-Drf_Lpr_iW_LTFhzUlCYWjdM31S1ihrBB_EBe7Vts5njJOMnTGPo8IcJWzOMPb_Q0U8NjyJSDscDe_8j0UL_s3w9LQW7DWVd1-2MskjMOedVYWRR59qzuWyVNHC86tMWGwUL5vnZGU

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
expires: Tue, 16 Jan 2024 18:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E8E2 89 KB
31 KB 94ms
92ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E8E2 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:33:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame E8E2 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8E2 205 KB
65 KB 101ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8E2 42 B
63 B 46ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJXqU_nBcRiXXZS5Wb2jFJpP7K_68OkC2kIrpsRqjVHQOxIOcLFEKY3eWj_w5owuSJ56XEyUMpuBgRsv_vz_MhwKLc7mKg8VYripD8Ju-43aeT8O0

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2F9 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 40394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 07:16:58 GMT
expires: Wed, 15 Jan 2025 07:16:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8A28 829 B
1 KB 80ms
24ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f29345703860e95b04c837766984c28f36d2e08091ed45dace9ebb4777f47b3c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-loNNK_JUyVjzDX8d-zfj9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://sign.cococloud-signing.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-loNNK_JUyVjzDX8d-zfj9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
expires: Tue, 16 Jan 2024 18:30:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame DB57 14 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 17:49:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DB57 2 KB
822 B 13ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:36 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame DB57 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:09:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DB57 3 KB
1 KB 14ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 08:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 08:33:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame DB57 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:10:35 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB57 205 KB
65 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jan 2024 18:30:12 GMT

GET
H2 200 4cee352c918c506f58256258d534a665.js Show response
www.gstatic.com/mysidia/ Frame DB57 37 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 07:24:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 04:29:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 07:24:47 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 6C81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1

43 B
340 B

22ms
21ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNUUuIMTyPk45pxUvs38w6F7whiR_OPgpoVytcIu-Drf_Lpr_iW_LTFhzUlCYWjdM31S1ihrBB_EBe7Vts5njJOMnTGPo8IcJWzOMPb_Q0U8NjyJSDscDe_8j0UL_s3w9LQW7DWVd1-2MskjMOedVYWRR59qzuWyVNHC86tMWGwUL5vnZGU
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPF32Pgm9f9bz6FpTLyrrGz2FziA3mf1gWfdIpmRm3DYoF8p8RJ0OBu6ZBXRSjKkW2fdEj7XnJIyMMQvNQ1de9w%2FVHnxeoipOH%2BiPSEEvaXQq%2BV0ch4%2FHAH2q1ifOFUZvAb%2FADLqhrpESA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84686da84a87bb49-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6C81
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZabLNJcqBZt2lF4KgvlN9AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1

43 B
770 B

23ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNUUuIMTyPk45pxUvs38w6F7whiR_OPgpoVytcIu-Drf_Lpr_iW_LTFhzUlCYWjdM31S1ihrBB_EBe7Vts5njJOMnTGPo8IcJWzOMPb_Q0U8NjyJSDscDe_8j0UL_s3w9LQW7DWVd1-2MskjMOedVYWRR59qzuWyVNHC86tMWGwUL5vnZGU
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RepBAuN69b%2Bvbbhq5Lze%2BovR0vFx8aYSTZqWu66WJMKquPACn6FSNgY6rPORdBTdWjgiDys3h0A0JDUIYIoDTngLzYgtNx8aUsA%2Fy50UAYFepD1TdQWXaUZ8qpH%2BJxvFCziO7h2I8yGC1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84686da89abb91ea-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPVl6fZWuPFG9Y4t8bJHPxs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6C81
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESENi5v7Cn8-ZpWSfmFKLvP3s&google_cver=1

43 B
1007 B

10ms
10ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESENi5v7Cn8-ZpWSfmFKLvP3s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNUUuIMTyPk45pxUvs38w6F7whiR_OPgpoVytcIu-Drf_Lpr_iW_LTFhzUlCYWjdM31S1ihrBB_EBe7Vts5njJOMnTGPo8IcJWzOMPb_Q0U8NjyJSDscDe_8j0UL_s3w9LQW7DWVd1-2MskjMOedVYWRR59qzuWyVNHC86tMWGwUL5vnZGU

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
an-x-request-uuid: 175afc01-61e8-4aa4-aa83-6371e7ce4300
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.130; 178.162.209.130; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESENi5v7Cn8-ZpWSfmFKLvP3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6C81
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEwMDQ3MzA1OTA1MDU1MzExMA%3D%3D

170 B
243 B

23ms
23ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEwMDQ3MzA1OTA1MDU1MzExMA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
an-x-request-uuid: 54c83b03-f961-4a94-9af6-6856870ca3d4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzEwMDQ3MzA1OTA1MDU1MzExMA%3D%3D
x-proxy-origin: 178.162.209.130; 178.162.209.130; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B9A 143 B
166 B 18ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 17:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C496 143 B
166 B 18ms
17ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 17:38:21 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame D2F9 39 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 12:25:58 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8E2 0
20 B 44ms
44ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1441002073285&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8E2 0
20 B 45ms
45ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1441002073285&version=m202309260101&ct=76&x=1&cor=9546580073329312000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E8E2 101 KB
39 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB61DGGgxe_3nDZP5Ht0mFUwDcl5kwDOazYxC8bkSfDBhSNYNNfvn-iRUCg_V1r5fwYeV8kxBSfWTrDw-b8DSS2WPSoR3vkexR9Yh9aPaw-IqQlQmLdh6q_FfSDnv3AWQ5OHqbQtgAVcwEoxKuSY_8e8KiQUp5OAloAcq7WcSqgqQwYcM&dbm_d=AKAmf-Csm4QvJrMYb4FAZX0c9ZNCVM-Osdu_RdP9XMz2SKeyIIGc7sBUT_FB2R419T6MSyX3L10QkOzqFQ5ZAl1aK6EoUC0BbHOIY60gkMgqyRsbsRkTSOsVKwcXZsYcHTJA5KKmeBJFr1AuufRGqP7NylQMdxY_DZSF7x2Q12wQ5CIpp8Vx7tw4rbfiroO_DSW19S46LzPCKmOpuMQQkOzRXUUSh7gPPKMCguy_jQisqWrczCi9k6yiRbHnHNhbS42qUxxXotq6HNALMU4mWCAKeW6KEoShNNtJIenG_yzHmdfXSdre3AehcvJIqCPNvsd5-SFY5T02i0Oe2V4EoAPZRlE9k5SrttcBNG-WHE6wwlcGquBXHBMjzAOMduvxfqYZbF26mt4j8wITgwx9qg3Q4LZCOxPydfLbvB5nditocNBgUaW-4Zvc2QP4HHDIShFc5ee9h2CO7Xf-22v0FCjJ0hD2yFzv7Hg1fjX5k0tbCPOUq8AOwAYUt3v1n4TOsrr54yEXenbBPr7x7uM7rx3i_OEqOs2knKPaYKiVKo87HikYmkCEZHkmAeRC4-fBdtvl_mK_Gzb2gkCyOFScri_0AQmNOXOwc0UfB4Vil1fCfK867tIdLqfL1XV2ldCWjD9y5GTB1rXE7EXhcr0AUIHj95Vj9XscPC4T-E1bmhWGuemJoNEB8riejjLNy5ImWjqmcyNPCifKiTDdsCAyZahx0Q8RFlLHF157btLfzu4K5cnIHBz_KOqqKPyAG2H7dUTzYyDVRyrLRPG3qXGYOhA3eY1-OrSRbWKpDOvIZktze1K_wv58aJsH-QltQ7-82njCvFiJgOZ4Ubj9j1gXYll8gZ4Z4DLP_IpiCpcwjiJ91Xc-Ga8TOw9jG62QwWbLArMr-yDiCZ6Q0g5BMB2QxYmGvi7g_KgtgU7YUpXgLpnF-jcvbReYZecBWwtXpym_TYCY93NbcLbSBlOvsJlm0fPFlf5WBlJwAFwqUwhQBwf-C38UJmLLSZCa8ZG1aAqGc5UfrzbFs14HtQ0VgYF40yU_o0_YnoJ-2r9BMUO5rlWFT9SPEGp75uoJ7XPM2sGo-p-GvEdmjqWmMbSfVmhqHT9lwYkpF9V8xGRnuZy7a6qt-Av_i1YZXm9C-54z8Hk5oug8UYs8W6UjdRwBYtYid-jdBVsiWDGyfh73yaZ4xw-ywGs05lJmldvk6JQ6rj9qwRKK7QfNj7bMLDs_M6X1IaaySXog2Q_cu8E92BmvD5O7anf30wKnkChOBB3YW6B4aYdk9KwULaVIOui7V09dBaSvYb1249oV992O-HfcxxXedksCKFE0XKGtg6AITtXIv5Dsxk1jVWOhC46whr9hsG5hfGP_uu0TDDWEfzlMk5Rfq_4mKR8pX4Vsz8TPEW19SN7m4bK-p1T_iJ9pcLCkGPXWwPpKNE1q-HQWgotVjDZ-VKeZ8E-4ZiH5Mnqd4bfiE78hKS2jx2RChZ-pecGWyl7JwN0VsYA_8wiDSK-tuiPujtEOKY1JsZy2kwr0TsAf8Qv5iHK80c6SrCYRfgDwDE8bCdwM13C-O9_X-_zQQ2L3R9Qi0YbwzOwo8Amfy2he5B7ZBaa-4Eabmi5Jc0KM-YmAkzl7LOZWVQs-mZs6L1lD7mTxna6jZRAo5IBSG1hjmzU8wJWuZlC1Mnc0F-3GO5cuS454oqxE9ah0CKHmoLWHt8G_f8i61DWy2FUKlw-Qa0C_AXgGnom8ODYa07WU9aMNB3xbgs_IqoDdmoDR-XKP4PRefvdwl3Z78J9JbEMXNpzdtpIgHR6UnTR3q6CDNgHq_BWMCFlRH-hFStz8lcRHbDDrGg06HbS_UBerotMyHccSjQ0sKwOZ0-hjl7XrnYluPhAB-Q-SRCiLYgB2m5IIaO0hrJKUAzsy5G4nwR44nAM5piCGvfZjtPJymwWDh6dD87dcNzdFeQFCAb-3WJm-vmX9rBDSsyfkDC717QkSkLNudalXU1sShX28DThgUH4rZfgDx4elk3ECjuQwYaajnYNWwiP3agJvxgwBESjJmhHg_lsXWsfV5W3Ge729nGZ13nYUHLEti9qNaSLJ77TvDPUmpA4sGKlHOMIA_XXJbhIUd9x2XZMMk2YYuYMVqKmSvTNPx9Sm8NeyXQknFz7d4qck1rg1ev49aZCDkLSqKdeMkgVhG-i6vaeiBk6NY7MeWdq9aMzRzBU-o0Ov4LCm3CPdMMz7BUiBuJEvN1dY6Y0L8-hgq_btz9D7gTLhoddBaiXtHCEAXS78ccmTVyrtP49h5MgccotcxbeAs7FqWCh_GDyVfciJZsN5PTKw4lIqj_hRVe19mfhstvjbnioa5JRTo4FRtigGoiqlFYRhpzUX1_1j_SF2SCQMjdE5pALbhKeLjXtLjdGDbDqPoNL6ridD1VKzjPWoyXfGPau1QST75bf4bvgVpTOjyKc4f6tgbKFJB2uBqXlmKZxBVneGcwPxrl-CaLHmHuOQhKZMT1iO0FFwNn25bzOGvq5VYeme_Kq66toKDHaEJKZspmyp0YPhLy9uw43UywUMFyHX68TEffVl1E6p7Yc-vGdftKozHmD6XyQLjQ7MhBBKIE62U9K-O7tlRkjENukxq0SOv7VyCzTmH3u5OQZaiuUFwsZr4wanuNax9fCjxu1SSzL2PjG7XG6AdE0o3FOgDLetfqZiWHXFynnNwJ0ZaJs0Xrcd9Xq0ZoqPZ9BLSaXwJjzj14yvrOI6QyW2V2j0UEZqc-ij0vyJlwiBYA2icf53CazcebnTE5-sUlKrIjqBe_Z8QF24EEvsOqWutKJpqh0gqsJv1oC97SrfDlMIMAHsg4FZ69h6Dwl_Ar1jEz8xPIdQyGegcuG_F4QEEaIqw5ZEwgvjmeU0dRwcFZHecy9HqpW4a7nLuhg5b9d3ylDFn9b2ZwK4M22m_NH0c-Elexvb1E1uxDeyxc01avwwoY0CiLH-zmuhSwRhK2q4BRExsulcTHiHxTjJWoXpyxSBfDLcjzkBle_40H_e9FPzoz39ACXjt6YYkrS5h6zAhm7lU5fksGKi5yuJfQpXD1_nL_vVdob65hljpjKIG0iFGfQe4zjOa1p1lEXBtAlGAhwemYn1VKWnmUPmb-GyRWytdkDP-r5wgm0iGr8OnBppUmJ4Q5IJiJhNaQVaHtjnVKMe2PnEE9ctUiFzgNgqkN1V5nU7itpEX8_eF3NuvU56Hixm3Fb-IaasrYMzpLbyve_Tg6EoktO2Ctp-XhKaKjJe2YZGTg469T5Sq5em2Q-p4a_XesbFQK-XUjSTy5NdD5BQVZNFafSrQlVWRh51KU4eHE-x-_dQc1E_gB9seEMTAMx0ZR2NzHbvItwvsu3M9voUQgJomuOT4bGoML9r7lY-ZjDVQBbr-uhAGweZw6HGvC4l4R6GxCy4Z-jN29wyOCVibs2ruyC0U5dSVotPcUQ3b6ds1Llf9Qd8aFthe2brNGCMNEbwjMFIK-XQQbLxfTv7lpqdSidjMUPa4figoNirsW-ovkhgtGBibFHduErVMxuKd2RSuA-sb2FI3xEzmdN1kjvhZWI1Va9JEgWQG3BkRGTl5jBTWWgxmBJLW_qg8WENYqNNUgCJ2ZniTH0EnoS7OquL4EBvpr06XFdB12jMh5is5VjB1lHzu0tkZNOgFeFuyH1rCwWqz20WfXwoVeeLiOqq6e8ibHW-obClLH-r-vxfiY8AHjQKLIXMqjy_F5N4bTtda5dSiohMX5ZCwVXP6nH-TNabYWgBxmw&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsign.cococloud-signing.online%2F&ds=l&xdt=1&iif=1&cor=9546580073329312000&adk=1726166463&idt=99&cac=0&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b80a0436c21d06b65145815cfe0b995366bc08c6ddf369885fab7f5371f156e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40046
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A28 0
0 45ms
44ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2030129343137059&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame E8E2 172 KB
61 KB 47ms
13ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame E8E2 11 KB
4 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AB61DGGgxe_3nDZP5Ht0mFUwDcl5kwDOazYxC8bkSfDBhSNYNNfvn-iRUCg_V1r5fwYeV8kxBSfWTrDw-b8DSS2WPSoR3vkexR9Yh9aPaw-IqQlQmLdh6q_FfSDnv3AWQ5OHqbQtgAVcwEoxKuSY_8e8KiQUp5OAloAcq7WcSqgqQwYcM&dbm_d=AKAmf-Csm4QvJrMYb4FAZX0c9ZNCVM-Osdu_RdP9XMz2SKeyIIGc7sBUT_FB2R419T6MSyX3L10QkOzqFQ5ZAl1aK6EoUC0BbHOIY60gkMgqyRsbsRkTSOsVKwcXZsYcHTJA5KKmeBJFr1AuufRGqP7NylQMdxY_DZSF7x2Q12wQ5CIpp8Vx7tw4rbfiroO_DSW19S46LzPCKmOpuMQQkOzRXUUSh7gPPKMCguy_jQisqWrczCi9k6yiRbHnHNhbS42qUxxXotq6HNALMU4mWCAKeW6KEoShNNtJIenG_yzHmdfXSdre3AehcvJIqCPNvsd5-SFY5T02i0Oe2V4EoAPZRlE9k5SrttcBNG-WHE6wwlcGquBXHBMjzAOMduvxfqYZbF26mt4j8wITgwx9qg3Q4LZCOxPydfLbvB5nditocNBgUaW-4Zvc2QP4HHDIShFc5ee9h2CO7Xf-22v0FCjJ0hD2yFzv7Hg1fjX5k0tbCPOUq8AOwAYUt3v1n4TOsrr54yEXenbBPr7x7uM7rx3i_OEqOs2knKPaYKiVKo87HikYmkCEZHkmAeRC4-fBdtvl_mK_Gzb2gkCyOFScri_0AQmNOXOwc0UfB4Vil1fCfK867tIdLqfL1XV2ldCWjD9y5GTB1rXE7EXhcr0AUIHj95Vj9XscPC4T-E1bmhWGuemJoNEB8riejjLNy5ImWjqmcyNPCifKiTDdsCAyZahx0Q8RFlLHF157btLfzu4K5cnIHBz_KOqqKPyAG2H7dUTzYyDVRyrLRPG3qXGYOhA3eY1-OrSRbWKpDOvIZktze1K_wv58aJsH-QltQ7-82njCvFiJgOZ4Ubj9j1gXYll8gZ4Z4DLP_IpiCpcwjiJ91Xc-Ga8TOw9jG62QwWbLArMr-yDiCZ6Q0g5BMB2QxYmGvi7g_KgtgU7YUpXgLpnF-jcvbReYZecBWwtXpym_TYCY93NbcLbSBlOvsJlm0fPFlf5WBlJwAFwqUwhQBwf-C38UJmLLSZCa8ZG1aAqGc5UfrzbFs14HtQ0VgYF40yU_o0_YnoJ-2r9BMUO5rlWFT9SPEGp75uoJ7XPM2sGo-p-GvEdmjqWmMbSfVmhqHT9lwYkpF9V8xGRnuZy7a6qt-Av_i1YZXm9C-54z8Hk5oug8UYs8W6UjdRwBYtYid-jdBVsiWDGyfh73yaZ4xw-ywGs05lJmldvk6JQ6rj9qwRKK7QfNj7bMLDs_M6X1IaaySXog2Q_cu8E92BmvD5O7anf30wKnkChOBB3YW6B4aYdk9KwULaVIOui7V09dBaSvYb1249oV992O-HfcxxXedksCKFE0XKGtg6AITtXIv5Dsxk1jVWOhC46whr9hsG5hfGP_uu0TDDWEfzlMk5Rfq_4mKR8pX4Vsz8TPEW19SN7m4bK-p1T_iJ9pcLCkGPXWwPpKNE1q-HQWgotVjDZ-VKeZ8E-4ZiH5Mnqd4bfiE78hKS2jx2RChZ-pecGWyl7JwN0VsYA_8wiDSK-tuiPujtEOKY1JsZy2kwr0TsAf8Qv5iHK80c6SrCYRfgDwDE8bCdwM13C-O9_X-_zQQ2L3R9Qi0YbwzOwo8Amfy2he5B7ZBaa-4Eabmi5Jc0KM-YmAkzl7LOZWVQs-mZs6L1lD7mTxna6jZRAo5IBSG1hjmzU8wJWuZlC1Mnc0F-3GO5cuS454oqxE9ah0CKHmoLWHt8G_f8i61DWy2FUKlw-Qa0C_AXgGnom8ODYa07WU9aMNB3xbgs_IqoDdmoDR-XKP4PRefvdwl3Z78J9JbEMXNpzdtpIgHR6UnTR3q6CDNgHq_BWMCFlRH-hFStz8lcRHbDDrGg06HbS_UBerotMyHccSjQ0sKwOZ0-hjl7XrnYluPhAB-Q-SRCiLYgB2m5IIaO0hrJKUAzsy5G4nwR44nAM5piCGvfZjtPJymwWDh6dD87dcNzdFeQFCAb-3WJm-vmX9rBDSsyfkDC717QkSkLNudalXU1sShX28DThgUH4rZfgDx4elk3ECjuQwYaajnYNWwiP3agJvxgwBESjJmhHg_lsXWsfV5W3Ge729nGZ13nYUHLEti9qNaSLJ77TvDPUmpA4sGKlHOMIA_XXJbhIUd9x2XZMMk2YYuYMVqKmSvTNPx9Sm8NeyXQknFz7d4qck1rg1ev49aZCDkLSqKdeMkgVhG-i6vaeiBk6NY7MeWdq9aMzRzBU-o0Ov4LCm3CPdMMz7BUiBuJEvN1dY6Y0L8-hgq_btz9D7gTLhoddBaiXtHCEAXS78ccmTVyrtP49h5MgccotcxbeAs7FqWCh_GDyVfciJZsN5PTKw4lIqj_hRVe19mfhstvjbnioa5JRTo4FRtigGoiqlFYRhpzUX1_1j_SF2SCQMjdE5pALbhKeLjXtLjdGDbDqPoNL6ridD1VKzjPWoyXfGPau1QST75bf4bvgVpTOjyKc4f6tgbKFJB2uBqXlmKZxBVneGcwPxrl-CaLHmHuOQhKZMT1iO0FFwNn25bzOGvq5VYeme_Kq66toKDHaEJKZspmyp0YPhLy9uw43UywUMFyHX68TEffVl1E6p7Yc-vGdftKozHmD6XyQLjQ7MhBBKIE62U9K-O7tlRkjENukxq0SOv7VyCzTmH3u5OQZaiuUFwsZr4wanuNax9fCjxu1SSzL2PjG7XG6AdE0o3FOgDLetfqZiWHXFynnNwJ0ZaJs0Xrcd9Xq0ZoqPZ9BLSaXwJjzj14yvrOI6QyW2V2j0UEZqc-ij0vyJlwiBYA2icf53CazcebnTE5-sUlKrIjqBe_Z8QF24EEvsOqWutKJpqh0gqsJv1oC97SrfDlMIMAHsg4FZ69h6Dwl_Ar1jEz8xPIdQyGegcuG_F4QEEaIqw5ZEwgvjmeU0dRwcFZHecy9HqpW4a7nLuhg5b9d3ylDFn9b2ZwK4M22m_NH0c-Elexvb1E1uxDeyxc01avwwoY0CiLH-zmuhSwRhK2q4BRExsulcTHiHxTjJWoXpyxSBfDLcjzkBle_40H_e9FPzoz39ACXjt6YYkrS5h6zAhm7lU5fksGKi5yuJfQpXD1_nL_vVdob65hljpjKIG0iFGfQe4zjOa1p1lEXBtAlGAhwemYn1VKWnmUPmb-GyRWytdkDP-r5wgm0iGr8OnBppUmJ4Q5IJiJhNaQVaHtjnVKMe2PnEE9ctUiFzgNgqkN1V5nU7itpEX8_eF3NuvU56Hixm3Fb-IaasrYMzpLbyve_Tg6EoktO2Ctp-XhKaKjJe2YZGTg469T5Sq5em2Q-p4a_XesbFQK-XUjSTy5NdD5BQVZNFafSrQlVWRh51KU4eHE-x-_dQc1E_gB9seEMTAMx0ZR2NzHbvItwvsu3M9voUQgJomuOT4bGoML9r7lY-ZjDVQBbr-uhAGweZw6HGvC4l4R6GxCy4Z-jN29wyOCVibs2ruyC0U5dSVotPcUQ3b6ds1Llf9Qd8aFthe2brNGCMNEbwjMFIK-XQQbLxfTv7lpqdSidjMUPa4figoNirsW-ovkhgtGBibFHduErVMxuKd2RSuA-sb2FI3xEzmdN1kjvhZWI1Va9JEgWQG3BkRGTl5jBTWWgxmBJLW_qg8WENYqNNUgCJ2ZniTH0EnoS7OquL4EBvpr06XFdB12jMh5is5VjB1lHzu0tkZNOgFeFuyH1rCwWqz20WfXwoVeeLiOqq6e8ibHW-obClLH-r-vxfiY8AHjQKLIXMqjy_F5N4bTtda5dSiohMX5ZCwVXP6nH-TNabYWgBxmw&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fsign.cococloud-signing.online%2F&ds=l&xdt=1&iif=1&cor=9546580073329312000&adk=1726166463&idt=99&cac=0&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 11:31:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 30 Jan 2024 11:31:29 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame E8E2 31 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 23:06:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 23:06:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame E8E2 41 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 321735
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jan 2025 01:07:57 GMT

GET
DATA 200
OK truncated
/ Frame E8E2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99bbdaaa696c78cb6af3968f27b784c396e68592b156e96444c1f99372592f31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A06 50 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 15:56:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B9A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
expires: Tue, 16 Jan 2024 18:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C496
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
39ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
expires: Tue, 16 Jan 2024 18:30:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B08A 38 KB
13 KB 13ms
13ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 15:13:18 GMT
expires: Wed, 15 Jan 2025 15:13:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/12977775661556909822/ Frame C215 671 B
439 B 77ms
47ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

153b9c71df431376e7e82b2a07e232527d66b0bdd19660c177e19f78c77cf564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 410
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 16 Jan 2024 18:30:12 GMT
expires: Wed, 15 Jan 2025 18:30:12 GMT
last-modified: Tue, 16 Jan 2024 15:33:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8E2 0
0 142ms
56ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspXRu4asOBKeHAalt0pmGU3wxg3bDpvQXZfJbO5b37jDXUaIbktmnnmzWu2ojiNol27lkgu4r-PoSHyLf8Av-PpP9sTbN1eoEnJlEYzHb3coEcEPfb4p8c55T1QNH9ilfzkpL5fBFDkbwDQBDjBcDojM-URxEuTzHnLMzSpHSX3d3rMnRQKs61JzS29aWOooX1YF-hm6gl9tUj53vhyIlWet_RiuUAJYB7PPBtxD62AFSg4bsZIDTiGJ3SEWz4yjoa3SijvZlJZXaSEylDZE0QiitFOXsOWGgalDbUvIdcnzyNOJeHSt60wh0rA3sdMQCOXwZ0WgNbSN8qN7iLg7ns8zJLNyA6CSiDQX4dhT_Tsz-3q-uH3zXB8r7YDE3WatJr0yRyCgrjsLuzplp-XXDg7gY2-WQWVD0aUKAmRzgHH9u1Vik74OvYAq1BSGM6nZ7BJEU8B3-HggucevJm7wcxu0vZBSgHLa757LX7yIjLocuNgFjnQUzxMYadV_C5cgZrLBCLOCgqEBxyplB7ZngEIeMe8hYRS3Nx2YrWbv-HEmW_vjFqvq_E_7NxiQYPGBAo2_qDbI1ZwTZ8hPhSDe_soLIzNDoqDC5gSRiTGNytlORkXf0upaNpL8Zkdh8o13VM_l0frCSGjlwyKS08BxkAaV-WTKf9QkzeUC_BffZfFLCgTa11yNbX4yQgY_5w0w7qFfvvRIIJhTzzPqhUPtiq45WztZjTE7L4zIsfL5h29tGS_b8j9y5aoL3wagYFWBfh1mNwCtOiVsBu-8L1xJJ7DVs5ZDMaGefDQ7XUd1roaZkqcqoG2abWAVR42JJ_ycs2qLaaa9E5fwbPnf2dIZw3nymxbeoDFFmvOF6ZgpNOk1CvgioITFCGyrYfsxr6z5efH1vLhQTORZ39K-v1J2rAE5ABcIDPxvLl-ExvaxmTLaoc7ZRo-QNYrHZ5c6xu3tWORMeFMSLynpAgH5PjUNNSb-dww5wNvVyvm9DeIjX9J-waMmclNAxUkDFgfh6zEk2QMtKVIiGCiCkZgxfbIhgn5Vjqss8yLgJjP8NIL8fVfFhkdhEOjBq87ePGmyYPPxBICELy-u5Unvvvdl6y9N3Qm7YRGKrI94fQWc9nYMykxAoqlPMiw-iGzD3X2qbS_rIaBCrPHzyCsNAVG3MPfeUmMrhMe7N5hGljn2IhodYmaagPoszYO62180T-wQW_ws5H2esCE4aTt6O03AA_nBtT4PhOtBw7WDxMQyGhuG80TIH0XKKgHGaLJNcgZ2UoSAsLt5X1j8sJsrx-H3lWarn-cD3sZY0Ixr8LUerXRsynxYNwwLjNvxmApAO19tRoS2VMkygZ4YrM51IW1dZorOmyk3gk_lquK2C2xRRod24&sai=AMfl-YS2YllqJQ88diJeWw8S8NMNiapQtMJBRWZyc8u9RDxu_PQWjh2yFDpGGP9r52jPwxPWumwWjwBEV5hsmA2JerYGsSjAP8UxguuMqvym4K2_wqRLBr8eW3ygjawDxfIqXXWVtDwq4ALaldR7ZUlK6zFzxu4EpohQVUz84kBNtAmIvv9bFBR-YzBIqwHqdVj9251OStH3LWyqUBq-OeUVBIbKf-u_jk0moZCujL5U_tJKD84z5rCYxdGRHNC_AObUPTmNWQX0-vSJJE0dBIZ-q2jM8xFLlyAlBOjlTw&sig=Cg0ArKJSzHGAEUMbwlZtEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=131&cbvp=1&cstd=124&cisv=r20240109.19624&arae=0&ftch=1&adurl=

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 18:30:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1509591724079332205/ Frame F319 3 KB
3 KB 14ms
14ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1509591724079332205/14763004658117789537?w=300&h=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81fd4d2bf3b6745c597351f6db2a0fcbd2fac82db440fd2a1638513f90ef7a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 18:12:09 GMT
date: Fri, 12 Jan 2024 18:12:09 GMT
x-content-type-options: nosniff
age: 346683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 10:50:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F319 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b67667c7d667182ab0a010e6f180168eaefc4b0a6b6108b3ce02e98f7f66024a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F319 33 KB
34 KB 49ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 65435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:19:37 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1509591724079332205/ Frame EE52 3 KB
3 KB 13ms
13ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1509591724079332205/14763004658117789537?w=300&h=300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81fd4d2bf3b6745c597351f6db2a0fcbd2fac82db440fd2a1638513f90ef7a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 18:12:09 GMT
date: Fri, 12 Jan 2024 18:12:09 GMT
x-content-type-options: nosniff
age: 346683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2687
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 10:50:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame EE52 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0feb1540c6e3bafe15801717fe0ae478f0a6a1f75c45a61616f310365d4ca6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EE52 33 KB
33 KB 44ms
27ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 00:19:37 GMT
x-content-type-options: nosniff
age: 65435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Jan 2025 00:19:37 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 194A 50 KB
19 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 15:56:58 GMT

GET
H3 200 MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js Show response
pagead2.googlesyndication.com/bg/ Frame CA8B 50 KB
19 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MNPEufyHKrFh2_EWRx-UnP0dcxrUNKrTLXUcVCyZOgA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:56:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 354794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19761
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 15:56:58 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F319
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C5jjXM8umZbKTEsOws8IPgqS80ALy-5CUdbnq7Jq9EtnZHhABIMfXuERglYKggrAHoAHvieLdA8gBAakCC94UsJJQsj6oAwHIA8sEqgTpAU_QINngErAHp07tFNguKMd6FD-iBTQVSmDzCl2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216736506660558710823%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%2...

0
0

73ms
45ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216736506660558710823%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224808944367349382529%22}&andc=true

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16736506660558710823","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"4808944367349382529"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Jan 2024 18:30:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 18:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16736506660558710823","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"4808944367349382529"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame F319 0
162 B 192ms
26ms Image
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=28754477&cmp=3228826&sid=1619877&plc=70613798&adsrv=178&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&cbvp=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Jan 2024 18:30:13 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 01/15/2024 18:30:13

GET
H/1.1

204
No Content

event.jpg
tps-dn-ew1.doubleverify.com/ Frame EE52
Redirect Chain

https://tps.doubleverify.com/visit.jpg?ctx=28754477&cmp=3228826&sid=1619877&plc=70613798&adsrv=178&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&cbvp=2
https://tps-dn-ew1.doubleverify.com/event.jpg?impid=b7de720629294ec9a3269d422d3150d3&consid=&api=2&rc=true

0
116 B

67ms
19ms

Image
text/plain

35.210.149.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=b7de720629294ec9a3269d422d3150d3&consid=&api=2&rc=true
Protocol: HTTP/1.1
Server: 35.210.149.152 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 152.149.210.35.bc.googleusercontent.com
Software: openresty/1.25.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 16 Jan 2024 18:30:13 GMT
Server: openresty/1.25.3.1

Redirect headers

Location: https://tps-dn-ew1.doubleverify.com/event.jpg?impid=b7de720629294ec9a3269d422d3150d3&consid=&api=2&rc=true
Pragma: no-cache
Date: Tue, 16 Jan 2024 18:30:13 GMT
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Expires: 01/15/2024 18:30:13

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EE52
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoWnOM8umZbOTEsOws8IPgqS80ALy-5CUdbnq7Jq9EtnZHhABIMfXuERglYKggrAHoAHvieLdA8gBAakCC94UsJJQsj6oAwHIA8sEqgTpAU_Q3fwKPUxSAzxi9RW334jgXTNmJXwRKNVrcGM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212227407313990429070%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%2...

0
0

74ms
44ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212227407313990429070%22,%22debug_reporting%22:true,%22destination%22:%22https://telekom.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221001948399%22],%2222%22:[%22true%22],%224%22:[%2201-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215076484957427723297%22}&andc=true

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12227407313990429070","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"15076484957427723297"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Jan 2024 18:30:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 16 Jan 2024 18:30:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12227407313990429070","debug_reporting":true,"destination":"https://telekom.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1001948399"],"22":["true"],"4":["01-16"],"6":["true"]},"priority":"500","source_event_id":"15076484957427723297"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame B08A 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 12:25:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D2F9 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IzQUEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame C215 120 KB
41 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 12:23:29 GMT

GET
H3 200 template-2d058155.js Show response
s0.2mdn.net/sadbundle/12977775661556909822/ Frame C215 37 KB
13 KB 24ms
24ms Script
application/x-javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12977775661556909822/template-2d058155.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:34:34 GMT
date: Tue, 16 Jan 2024 15:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13540
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:33:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 index-70c4f56f.css
s0.2mdn.net/sadbundle/12977775661556909822/ Frame C215 4 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:34:34 GMT
date: Tue, 16 Jan 2024 15:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1455
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:33:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 94ms
45ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 18:30:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 92ms
44ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 18:30:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8E2 0
0 50ms
50ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspXRu4asOBKeHAalt0pmGU3wxg3bDpvQXZfJbO5b37jDXUaIbktmnnmzWu2ojiNol27lkgu4r-PoSHyLf8Av-PpP9sTbN1eoEnJlEYzHb3coEcEPfb4p8c55T1QNH9ilfzkpL5fBFDkbwDQBDjBcDojM-URxEuTzHnLMzSpHSX3d3rMnRQKs61JzS29aWOooX1YF-hm6gl9tUj53vhyIlWet_RiuUAJYB7PPBtxD62AFSg4bsZIDTiGJ3SEWz4yjoa3SijvZlJZXaSEylDZE0QiitFOXsOWGgalDbUvIdcnzyNOJeHSt60wh0rA3sdMQCOXwZ0WgNbSN8qN7iLg7ns8zJLNyA6CSiDQX4dhT_Tsz-3q-uH3zXB8r7YDE3WatJr0yRyCgrjsLuzplp-XXDg7gY2-WQWVD0aUKAmRzgHH9u1Vik74OvYAq1BSGM6nZ7BJEU8B3-HggucevJm7wcxu0vZBSgHLa757LX7yIjLocuNgFjnQUzxMYadV_C5cgZrLBCLOCgqEBxyplB7ZngEIeMe8hYRS3Nx2YrWbv-HEmW_vjFqvq_E_7NxiQYPGBAo2_qDbI1ZwTZ8hPhSDe_soLIzNDoqDC5gSRiTGNytlORkXf0upaNpL8Zkdh8o13VM_l0frCSGjlwyKS08BxkAaV-WTKf9QkzeUC_BffZfFLCgTa11yNbX4yQgY_5w0w7qFfvvRIIJhTzzPqhUPtiq45WztZjTE7L4zIsfL5h29tGS_b8j9y5aoL3wagYFWBfh1mNwCtOiVsBu-8L1xJJ7DVs5ZDMaGefDQ7XUd1roaZkqcqoG2abWAVR42JJ_ycs2qLaaa9E5fwbPnf2dIZw3nymxbeoDFFmvOF6ZgpNOk1CvgioITFCGyrYfsxr6z5efH1vLhQTORZ39K-v1J2rAE5ABcIDPxvLl-ExvaxmTLaoc7ZRo-QNYrHZ5c6xu3tWORMeFMSLynpAgH5PjUNNSb-dww5wNvVyvm9DeIjX9J-waMmclNAxUkDFgfh6zEk2QMtKVIiGCiCkZgxfbIhgn5Vjqss8yLgJjP8NIL8fVfFhkdhEOjBq87ePGmyYPPxBICELy-u5Unvvvdl6y9N3Qm7YRGKrI94fQWc9nYMykxAoqlPMiw-iGzD3X2qbS_rIaBCrPHzyCsNAVG3MPfeUmMrhMe7N5hGljn2IhodYmaagPoszYO62180T-wQW_ws5H2esCE4aTt6O03AA_nBtT4PhOtBw7WDxMQyGhuG80TIH0XKKgHGaLJNcgZ2UoSAsLt5X1j8sJsrx-H3lWarn-cD3sZY0Ixr8LUerXRsynxYNwwLjNvxmApAO19tRoS2VMkygZ4YrM51IW1dZorOmyk3gk_lquK2C2xRRod24&sai=AMfl-YS2YllqJQ88diJeWw8S8NMNiapQtMJBRWZyc8u9RDxu_PQWjh2yFDpGGP9r52jPwxPWumwWjwBEV5hsmA2JerYGsSjAP8UxguuMqvym4K2_wqRLBr8eW3ygjawDxfIqXXWVtDwq4ALaldR7ZUlK6zFzxu4EpohQVUz84kBNtAmIvv9bFBR-YzBIqwHqdVj9251OStH3LWyqUBq-OeUVBIbKf-u_jk0moZCujL5U_tJKD84z5rCYxdGRHNC_AObUPTmNWQX0-vSJJE0dBIZ-q2jM8xFLlyAlBOjlTw&sig=Cg0ArKJSzHGAEUMbwlZtEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=413&vt=11&dtpt=282&dett=3&cstd=124&cisv=r20240109.19624&arae=0&ftch=1&adurl=

Requested by

Host: sign.cococloud-signing.online
URL: http://sign.cococloud-signing.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C215 8 KB
6 KB 53ms
53ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0666f40798e361d6cd6af5eaaed7a0d8f90606b6da95d5d0e38fc33a580b6842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5863
x-xss-protection: 0

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame C215 5 KB
2 KB 22ms
21ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 17:08:31 GMT

GET
H3 200 apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame C215 4 MB
4 MB 22ms
22ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/apple_iphone15_blau.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:11:36 GMT
x-content-type-options: nosniff
age: 76717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3833315
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 09:30:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 21:11:36 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame C215 2 KB
1 KB 19ms
19ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 15:56:16 GMT

GET
H3 200 stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame C215 4 KB
2 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1945
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 21:28:30 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/12977775661556909822/ Frame C215 5 KB
2 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12977775661556909822/logo-d0d80991.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Wed, 15 Jan 2025 15:34:34 GMT
date: Tue, 16 Jan 2024 15:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10539
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 15:33:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C215 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:30:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 Jan 2024 18:30:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B08A 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BYH4QNMumZauMJI2wjuwP86WR0A4AAAAAOAHgBAI&bg=!-fql-rXNAAaumcC-jpk7ADQBe5WfOM7me9pnmyu0Rf7g7r0SgziV3t_ONxhmUGKoNxFQvcBuZNvlxyZo_nNFK9KzQQ4AAgAAAGtSAAAAAmgBBwoAJb5gX0Ml6akxqk30o8Ip9dXUrrNgFgbGkpTIpkdJ2WIUrLzfV_WZAx2uhEcC2jS8KUpgFTyeHBFM8YzCX3NGbMjARdXnQh3I0sV64te5zbIK4XrWmdyxSdyAtVF37cAggM4ZNgpM9RH4b6pfBECcb5qRphamEnSKU7FyKffEc_9tYQP7BroltWu5qqWsJNxD6mBX64TT_FGlwpC4lEisX0dJpBB7xCfCkvuBI9PGLsAPUiSzWylNTTfQuZcPQHwu4VSpUuerDC7Pa5w9tLOxA7ALhgj5POvHvCrs8qx9gWCVRVAHJbT8msTzA7DstZDVvI4RIcGG2eyuMM1360j1VEhCiTKxUiRhh1WsUUWWkfeY296rudrDbx4IlQr9DQAvhkqei6LQ25zCg-ulvFmZZu3SlWS3sgyRWTnx-hMAdvRbAERc7LJHZMznWynOxjuQugL-gB6P9Aa0rt1pOPcNvpK6Fc1deRLVu8VvKknrZkrAdYjLkvIdKLJIALBMggpIP_ylzh-qmXb9Shdu6MQZvZOtUP4o-rVkJgnWTA2pl6iHL_nIP7A0yAo_1wzprf0ye39oqkc1CDek9tC-FpSZS1yuiko1I5yf338bSi7g2gzfGrbfKzST8cKu-u84-DZEnU4xlJ5j9ntpYTqpxEBbxaYZGSwQmGvnZMJxEnnf1VKM2sF_if5oI4dSyV2MEw6w1V7WB-54r1LHcnXm3G4EXRItnmkdw9mj-vzNnQw6jVZ9WeEQCPEWSBcBW6oAANrtVniVyHR1EFYe1a8M7gVfDBIhukM_AvutP1HpGDDLeYuJoRCfuKoaiIIeVyz0hwE5W42QQ-ubBE-0FFwqyuZHf8Bfx1s_WrJKl8JCYfGFmVMOd4HEyjBeyiaw5-Y_Ka6EMWYVo6PjQB_tLoj4yX1jxZbPWyoCtH36ebXFtxQfrjRZXwfkIghRmHNaF_g0r4uJzjbo-l4OvL8PXQdOKBLzLaXfkKu6g0tBVHKinUBYnKANhSxDDXs07-UNjjT35-qCJUHyar-LrGRN4oecIRM17X15crQ-DmdRi9yBrikjXf_AezkefhruiDq3UEvzUJtWB4jwZBCOsRyJmK339F1NYi7gizi_Yg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame A58D 39 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 12:25:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Jan 2025 12:25:58 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame C215 28 KB
28 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:29:02 GMT
x-content-type-options: nosniff
age: 71
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 18:44:02 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame C215 14 KB
14 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:26:07 GMT
x-content-type-options: nosniff
age: 246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 18:41:07 GMT

GET
H3 200 InterstateRegular.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame C215 29 KB
29 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 18:21:00 GMT
x-content-type-options: nosniff
age: 553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29508
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 18:36:00 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame C215 5 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 17:08:31 GMT

GET
H3 200 apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame C215 4 MB
4 MB 16ms
15ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/apple_iphone15_blau.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:11:36 GMT
x-content-type-options: nosniff
age: 76717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3833315
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 09:30:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 21:11:36 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame C215 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 15:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Jan 2024 15:56:16 GMT

GET
H3 200 stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame C215 4 KB
2 KB 17ms
16ms Image
image/svg+xml 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=5cMivoSK0L&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 21:28:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1945
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 10:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 Jan 2024 21:28:30 GMT

GET
H2 200 dc_oe=ChMIq_askcXigwMVDZiDBx3zUgTqEAAYACCq2oNdQhMI9PjdkMXigwMVQ9hMAh0CEg8q;dc_eps=AHas8cAzAN4jYjsp6G_V-YHHIxuQYmB_BPUNqO2TfMxFgWa73eZaDQZhcRC5MfoB61CKCc4p2hhpm_4;stragg=1;&timestamp=1705429813306;s...
ade.googlesyndication.com/ddm/activity/ Frame E8E2 42 B
401 B 127ms
47ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIq_askcXigwMVDZiDBx3zUgTqEAAYACCq2oNdQhMI9PjdkMXigwMVQ9hMAh0CEg8q;dc_eps=AHas8cAzAN4jYjsp6G_V-YHHIxuQYmB_BPUNqO2TfMxFgWa73eZaDQZhcRC5MfoB61CKCc4p2hhpm_4;stragg=1;&timestamp=1705429813306;str=nextSlide;strtype=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIq_askcXigwMVDZiDBx3zUgTqEAAYACCq2oNdQhMI9PjdkMXigwMVQ9hMAh0CEg8q;dc_eps=AHas8cAzAN4jYjsp6G_V-YHHIxuQYmB_BPUNqO2TfMxFgWa73eZaDQZhcRC5MfoB61CKCc4p2hhpm_4;stragg=1;&timestamp=1705429813308;s...
ade.googlesyndication.com/ddm/activity/ Frame E8E2 42 B
107 B 126ms
48ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=2030129343137059&bg=!wMOlw4zNAAaumcC-jpk7ADQBe5WfOB_WrHusqAipd9DHsBVvPKcQM7-FN2Wz0ARQb05i58kSdAuUVAvez5rKs_NyN38SAgAAAZdSAAAAAmgBBwoAeppGyjMdTPFS1UtLZ2qVXSMTAqJc5qSaLduUWzJY1oUUc_44OSrCVuCyQ3ZhOX2X0TS_IiycIyDOghjHA8RRo0WRz2j09oLNnBULNz7jbAckMXXq82-5jDXU6VMoF7R07NOW7Fruh_MqChM_bX6b5RDY-hSEbgiSYpRnmQLOG1jYep5R6v75-vax-uWPqHya-1skL6Rx1np5PfgX89Cdq0JtMdB9MtJh5D0aXs5XlIpa75bHqijO058KMvgArgdd77kj1BD2GM1VwVbCS9WkUitzgs1HFYBfl25CqM-t3ioQcqI2c8sluk5Eb4qcYWAsqCnQo_-64mFru9U8CxwzroW2rPFfdIgxNBZzoDaAKa0I4QEOGf-sd1SamYFu4HzxSH0JpB518r-8ResaJPEK9V1iPJmof7zuWzVl0cCzwQyUIdAgsCmk1C6AcQgrwtPPLYi4N2QmOvGOXD0Q1bvwJTGzRUIdCluWxRETqmYInSez9JXOz7Ywjd3m-nkF1gAeghrdI3gUj7pigJkF38gUi9nqMiktzvByn9Obt5ia-XoNXexQHWGMvqKCBpQdb_6_Jgwd0HCDQcU7Tv-_15PdSaqMIBbP7CW3buhwxN1S2-ZeYhQx1__gQeijwB21I6HmVgi5O7bTsin-PF1jfbLm-vgN-_o7ZA9pGa_EDqK0gkQSGVHQtASh4V_9JfFreIGYc4XkN-HgYBZMOtpABO0xV20NfnJ-HJshkpTXJ5tEvD8ytzHdlaKADh0RgcyGabr68xGSsWiaE9zH1QCRUSSlb1uRiRwywADZcuXSoWHK5VUzpUMR4Df_CIKF4Q3eNRrycEldXZTGLzLcIuiMQYg378Sk5u8phs92QHYnMhy8qs2ITwimULO5LOcgGLqtktKdWYs_nA73kwvgId9P57mQhJx4Av4xreT0c56SmslSc1_-bM82p_5nmKKwYMGCES9cBbQYpGqGUqYVqodEPeW1scbMAXY5rhjbI8Im5SjXFfmWC_e6lSym9gDfemyrpIPrplAPgGdXKzOXom3Z0cBHvUK-3BinT5NzP_0AT05V7ccFdMGChGKwhcwc-odani69sB5hcvok-j0N11zpNAspLyaalWFuhiEgTM-ZOw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://sign.cococloud-signing.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E8E2 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVMqq3NrdwNglSDSnPiIX61XZvs2rk4I1sLEJKXbIK5_F-9tylOa8KkkZU4LJSlwmJtpmScnAAds6_Z16Uz4ND--XuyoZPUUWkVZyTeq5WvglaBUn429cgcsItM1vEanz5A2D0VpxNc8xabnRtfD6w9Wwr&sai=AMfl-YRjpYfGnyx5NdnPsUlSXxJJoNxS5QkuBdN_IQ5oTCAUfAGel5XWz55ZYOpyWtonoYFFUbwxHdCzgMea7Dma6vlTuF3wasY26O-5imonhRG20GUY5BtTKGYdCWpnJm1ClVNhMU_80n7CcsbbBLVK&sig=Cg0ArKJSzJy_EtVMC8QnEAE&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=330,854,1000,1000,1000&tos=330,524,146,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1705429812379&rpt=328&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F319 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7JDO2fldwMHZD5KZ290OB8D_3CCOK-sn3ZAasePT_cMI1Q0ISgh-v2J6PXjIkn1qGgbST5GB1-tbNu6tXUlZjQKTpu9mq3Li0gXZ6GjJyDq-R4CcaDvt3zLq-HVr5BnJaMunR29Db53cWbRbZFUURgukIe7qM8jAmOsA_lgwRnKt-_KX-p2Vi9hTaHCOPCMqqQ2RQoXeO7soWiD79_2l_9VuTWbWDaMvZi2i3J8uzgRE1Cz4iKyW_YKRwm_W-CmHTMni2G82vhuQb3Cy7Ew-Pl_JwjYz-nRqPzp3yHzJYWrnxDXzzfSiWERFj98ro7__Qv2DhjshlQUorbqtGtHDMjEYFtBep9lWpyer3L3HDav5cE_2MElUPOvVGX_gDr-avyYCjnxukc_Y0Z53iqzQjqaAQaDPcOBjRiB9KiN6fknmKidD5mzoqWYPY--rBLZpMuMFlvqbvENicPvHgVzGojhUCzK9WCyWAKKYdnbeXIzIacV-H4_nPL-5fAk4Bb4ccYNLlWciHA6ItCDHc73Kg4VzmX5UJKff0nb6lo_hsCMq9mHpKXBhYLJCFArECm55ee6x3z6ZmzSykNVqUAihwF9G-mmn0nSICPuwmhvks01L-0E2lHcWRubBAAB5Xjs99GWMyqGovQ05xzDKD0Ws64_x0dB-LMWKqRSGbSEJfd7dTf_m3bbwFTKBl1Hmb3rXrVSoEbMh-2UMXdwPFrfhg-EJYYogBjbadOFyzrBKc0yc-mv80SnlZ77gTmYrazP84s_BdGJ8-bY8jc5iSVbkxYXM2kM3rwbR7JFUaYZGkZ0-Px2PZTOM5ekIwuN1oT69AQPHeyojTrtVqDVc6M6qFekIlTmNoLzd69nFiSTsUDMKh-f2w8Rt11Ehe38ND3lg0e57KN4p0JorRnKVX_b19oi8w5g3lTGTKKx-v2AGGg3wv2aqWZuoIlahZFYoLm4lW_w5q0rPfpeoPpTjqyMH9sf3sRIihcLNU8QfRuFcBYttS9HefO5hUKWB8M6YQ9nbySIb_AB7kU_Wlpt_rI-idG4VnT4pPsa21ABhi9yRlsG6-VB635lVNpC4C7ZSQY87fbgI9XfblGCF0rPtj5iEw1Dt-vdivBri4dZzmIyH8Y7laukjFa2QnttgeqmZNZrXiqO_CckKG4WVQvUI8l8MVYvR1Jf9GCz8Z31ib-d4qQAQ6Zv7G9mRfh8heveyaVJSFcB8DiIMX_BiLcqKdU6Fqz2d5tdX1sjEr&sai=AMfl-YQubJKDI2yEmhREFD51Me7myOu8GIeDwI9zpciEegtfCDFDF4tYfoFaWipnSnjrcNnWDlCPb4EMwqjbux3L8eRgFKp2IG_KBmkafn3Ha2X76ChOUWza_euFfbIXBCDqF6CIi3JA7Y6h4mPvRB2Km3nwwF7PRdBSaWJ_8g&sig=Cg0ArKJSzCgeGU-b13nCEAE&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1705429812306&rpt=521&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE52 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvf2f5IAZP0JHOlrIZbuNA7MozQ7BO58FA8tKxlmDzYl3hDwAT0t5zhU90-2JzAK1oGOVyBPDAxlSg-cMr95rDomtSxClSYrBx3xtcWM6ossZPK6puiot4DK0Tg72Qn_addg-zBv67LK-EXObSPz9LIcxHqYSOdV5vo8ot3SCIVaXzjqM6KlhorpXWwC3t65dmlP9A6SOJ6xK2OxcStyRy-_wX55BanY4-cohwsydU3pNYB9qHnA2gwe7UsUhJ_rajFlgd0EjtqDLArBvCU340FtvLMD6mZVM8DhdgIkR9_z687wkTr_c1A43MDUkzaKCtFTQJUgsLt8P-S8llJIA9DgRfOvymoPBcYm0JjHTKKJ4YSzi07oin7izXbc3zQs1U0FsTCgkuXrp8QKJey6j4OAGxMGwueQIQckPZO2Wsacqout0WoJMe_5kT4jEnWML_cAPcPoARwEAjdMpefKsU-KnrfjPMGqeaDCLOXpjv-HlfAmS0IasvGLg0beTHRSTp_ws9K4YVxYzc-IVYCrjSHQN3ojBskWmbX-42ECOXG0tw_2vcDhrNp-yqrJ3WtLY0kdimGD408ASAdcLRL0Lur-Qy7vjRGkv8hbDpurct0ptTdIxYtdcO4dp3D1rIC3DwrwBw8pRis2xc5GDHMCR5f82d6EB_0cRHFrp4fdLq2f-69Z9ypxtfiNQRbHXscT638j0YPSO8CEyRg1yJ5Tbm8p664dVsYNeEbEElexEbJXiCecTvxpU4pFuzgmSMMKTunClGic9NW4QtSJsb7I4zkswa2Zj1AMK17laGrwFuJ2YiZHsbEoRGUTdqI2jey4ygTWW8B50kSOuyaXe-N7d6ZodJQ4JvA29cDx-3a9Lx1mb9CJTcl5Wd-m1jCE1Hvyih0o2BuvshbinxcIDh8hjgT6Po4hddjKl0MKshBD349Zwz_dVIWGN1zdQI4g4VY1v3PGDuY-dedD-G_7wRbFR2TqbSMNZNCizVXnnB0W7dnbmyVqK6ts-DwqG2Kq0Y6b94jiRN8AoPx4tCag4Wld4jii-IiKgxmPoOji19QdQ3TYzjknGRKhjCbKKUNwjtN-T76qv_ATxWH0_E2nqtfOPbfn_UuNDuyVNsemGz6H-D1sDTdfPKqh0lVl6gP5vwoQxlIKnFzAVFY3pFDaTKcnyWodnCh6kT2kLFiC-jpOv5cJ22wuGpKIYD9kW0F7PQ1mgzNOaEO6vYdw7l-UlH2zpMuZPVIqjq-u3rs&sai=AMfl-YTFRfb6PCeshiBc8cimw-29M0TLlR0ZGgcdrdB05llVQT7IX0A0RkfrhhTuwjXFaRre9kEpVhidI5uQId8QjRePRxpqX1e5L7sVSvX2PLkJ4TDEGJmlNInJxBdxKiHAjAWYudGT9ELmZdktVfo7pr3KXBSjX1YwXoSMjw&sig=Cg0ArKJSzF4mjtv5XELeEAE&cid=CAQSTgAvHhf_WHpdWDM6ZU3aEzP2V7sSm5wTYVPHEJANNq97M3_7GYt23VxfdknDhNItasMkgg4p0_ujhSk67C3IFXePMAo6WQMYNSOF5qz1yRgB&id=lidar2&mcvt=1002&p=0,0,600,200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1705429812309&rpt=537&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8E2 0
20 B 46ms
45ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1441002073285&version=m202309260101&ct=76&x=1&cor=9546580073329312000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Jan 2024 18:30:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sign.cococloud-signing.online/	1970-01-21 03:19:49	Name: X_CACHE_KEY Value: 2381d57d0814cb3aa566e5a2a661f73b
sign.cococloud-signing.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: s3c4c9t0mrpaqj05t1j9vfbtmn
.doubleclick.net/	1970-01-21 03:05:25	Name: IDE Value: AHWqTUkJkJe1ZI-XQSZaVH5H1_mLmOnO-N9uJblRrH8cbtb0n3W2vnQ9-qHUyOD-
.casalemedia.com/	1970-01-21 02:29:25	Name: CMID Value: ZabLNJcqBZt2lF4KgvlN9AAA
.casalemedia.com/	1970-01-20 19:53:25	Name: CMPS Value: 3342
.casalemedia.com/	1970-01-20 19:53:25	Name: CMPRO Value: 3342
.cococloud-signing.online/	1970-01-21 03:05:25	Name: __gads Value: ID=6c7b155bcd97c93f:T=1705429811:RT=1705429811:S=ALNI_MYIt4EaLgo9-fN25O_eO344GQQ30A
.cococloud-signing.online/	1970-01-21 03:05:25	Name: __gpi Value: UID=00000d42a8b68f43:T=1705429811:RT=1705429811:S=ALNI_Mb0UvZfFSTbkCAhb7ID5EEPF6JQBg
.adnxs.com/	1970-01-20 19:53:25	Name: uuid2 Value: 3100473059050553110
.adnxs.com/	1970-01-20 19:53:25	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il_h-lmA!]tbPl1M>e)ZlrFUfJ+tGXxoLZN5M2J1W+)@)ggNB0AD*>Oe6k_.z_B_j+OW3If)y3KL9D3I?+N1QfwG
.adnxs.com/	1970-01-21 03:19:49	Name: XANDR_PANID Value: nNXRzt8T9FnFCcLYeFl2GfmNWUoEN8GnGvbAohjWh5lg6lfCi8UDIUjzn0JHk9igyUmF7UOBarIllyB6L3-elgYnYauit2NsKacwLUuUWFs.
.doubleclick.net/	1970-01-20 22:03:01	Name: APC Value: AfxxVi6d_voTxGzEfhUeFdIrJmfs_dum-8vL0EK9jmPMFaDVFC0mJQ
.doubleclick.net/	1970-01-20 17:43:53	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 19:53:25	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
analytics.cocotweaks.com
api.cococloud-signing.online
cdn.jsdelivr.net
cm.g.doubleclick.net
coco-analytics.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ka-f.fontawesome.com
kit.fontawesome.com
pagead2.googlesyndication.com
s0.2mdn.net
sign.cococloud-signing.online
socialproof.cocotweaks.com
tpc.googlesyndication.com
tps-dn-ew1.doubleverify.com
tps.doubleverify.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
130.211.44.5
142.250.184.194
142.250.185.130
142.250.185.162
142.250.185.194
148.72.153.23
2606:4700:3034::6815:4a5f
2606:4700:4400::ac40:93bc
2606:4700::6810:5914
2606:4700:e4::ac40:a407
2a00:1450:4001:806::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a06:98c1:3120::3
2a06:98c1:3121::9
35.210.149.152
37.252.172.123
02be3ffa6ff1033481c1ebc9cbe9ca2f1d3de21e973ab2554f48db6e71c6c072
0666f40798e361d6cd6af5eaaed7a0d8f90606b6da95d5d0e38fc33a580b6842
08834595c0f8cde36751c96864f0883669822b6ea31e9228e60f6cea3824758c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
153b9c71df431376e7e82b2a07e232527d66b0bdd19660c177e19f78c77cf564
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30d3c4b9fc872ab161dbf116471f949cfd1d731ad434aad32d751c542c993a00
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5031c11dd77875afefe4eeddfaa320af07fdccea327f7416a5ee8980674c9c76
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c2afa5754464fe42af66e26eeb860faf498d8b5ebfa0a2fa843bf96ec68f6b
6530f32fa70a330cd76547497f20048ae081dcc897af26befc84600357ba06be
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68fd9ac0d461f81fa8b12f010fd31e279bfb343898b0fe44c5313d4a8325c215
6b821a49a63cd21285769175f3fa3505ab6c720e499dfa5def0be08b1afa29a0
70415e1a1d105a91799dcb375f07e0373f11f7bc67bb4e9edc92a6fb7717457b
70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
73c07654ad2b5ddcb0a5621a8bc5825adae3f385e69c5d4b4e9e634974ff8927
783c806f4f139353c95084071e370f5880f764aa636342344a95fdea5c76545c
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
81fd4d2bf3b6745c597351f6db2a0fcbd2fac82db440fd2a1638513f90ef7a1a
867dfaacd19aa6a6331ef5686a62830121237234ecc829f2b8a4048d01c86bda
88889ac60f915b7716ab3188edec5f44769a3a6c4704b4a45716d3f623bf17a4
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
97196c8e56651aa5a75bb5117068e9060bac7f1d8aebcdb8f6ec2c8b915e41f3
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
99bbdaaa696c78cb6af3968f27b784c396e68592b156e96444c1f99372592f31
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a93f7f459e0dabc5d86e6b6e3936c07d2dd02b52369f26bb7e8c0005a5d26368
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bfe99e2e78f71c88eb00c49e1392a15531fb6486d0d0c2ea71937dda34deab
b67667c7d667182ab0a010e6f180168eaefc4b0a6b6108b3ce02e98f7f66024a
b80a0436c21d06b65145815cfe0b995366bc08c6ddf369885fab7f5371f156e0
c0feb1540c6e3bafe15801717fe0ae478f0a6a1f75c45a61616f310365d4ca6f
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c64ca6069ef4a8c4879c89cb1170d66f7e29c8e37cb0118c0354bce2f4082f1e
cd8274399f560697ea81cb3af48a795fa401553f74f372511d4338cb2d3ad067
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed555a279183c054222c873e78d92c40b512498e49359b6abfda36048f141988
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29345703860e95b04c837766984c28f36d2e08091ed45dace9ebb4777f47b3c
f581083ac72ae169a698cd0cb7f02d8bb2e079844bfad68cc98df5b3c4692408
f7b60319d461e70442d64df9eb5301eb25086d281f172cb7995c99ef3b083794
feff9474770c269895eafb43b8115675e51be329baf7b3e8b918e3ce7ae0620a

sign.cococloud-signing.online Open in urlscan Pro 148.72.153.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

89 %HTTPS

63 %IPv6

16 Domains

25 Subdomains

24 IPs

4 Countries

9674 kBTransfer

12237 kBSize

14 Cookies

1 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sign.cococloud-signing.online Open in urlscan Pro
148.72.153.23 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

89 %
HTTPS

63 %
IPv6

16
Domains

25
Subdomains

24
IPs

4
Countries

9674 kB
Transfer

12237 kB
Size

14
Cookies

127 HTTP transactions
3 data transactions