utilify.me Open in urlscan Pro
2606:4700:3033::ac43:a13f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://utilify.me/
Effective URL:
https://utilify.me/
Submission: On November 30 via manual (November 30th 2021, 7:04:39 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 10 domains to perform 57 HTTP transactions. The main IP is 2606:4700:3033::ac43:a13f, located in United States and belongs to CLOUDFLARENET, US. The main domain is utilify.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time utilify.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3033::ac43:a13f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:400a:804::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
57	15

20 2606:4700:3033::ac43:a13f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

utilify.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:804::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	utilify.me 1 redirects utilify.me	211 KB
17	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	280 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	92 KB
5	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	57 KB
2	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	634 B
57	10

	Domain	Requested by
20	utilify.me	1 redirects utilify.me
10	pagead2.googlesyndication.com	utilify.me pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	utilify.me fonts.googleapis.com
3	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.google-analytics.com	utilify.me www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
57	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://utilify.me/
Frame ID: 865CB9DD9EF9E9E8907EC23BEFAD0D64
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 9DDF84AF4AADFCD159CFEB18A3A65FDD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4206599661631001&output=html&adk=1812271804&adf=3025194257&lmt=1638299074&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A16777344%2C3%3A160%2C4%3A160%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Futilify.me%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638299074459&bpp=4&bdt=143&idt=97&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214978720276&rume=1&frm=20&pv=2&ga_vid=2136293512.1638299074&ga_sid=1638299075&ga_hid=711367965&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063696%2C31063797%2C31061691%2C31061693&oid=2&pvsid=524725374262792&pem=366&tmod=2020110505&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
Frame ID: 3ED529CD088B8F6689342B3912DA0CD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4206599661631001&output=html&h=280&slotname=9072497515&adk=1263561008&adf=1922617487&pi=t.ma~as.9072497515&w=1200&fwrn=4&fwrnh=100&lmt=1638299074&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Futilify.me%2F&region=page-0.8390140171714475&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638299074463&bpp=5&bdt=147&idt=119&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214978720276&rume=1&frm=20&pv=1&ga_vid=2136293512.1638299074&ga_sid=1638299075&ga_hid=711367965&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063696%2C31063797%2C31061691%2C31061693&oid=2&pvsid=524725374262792&pem=366&tmod=2020110505&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ivl9Jrq7ov&p=https%3A//utilify.me&dtd=125
Frame ID: F2D74DC06C4CD662A7B407F5AD070A1D
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js
Frame ID: 1D913D5357DA12D0C490BBD71DBFE933
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 939665D3C623C767BED3FF8674AC3F26
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1462F2929B4F4F8E0A51C8E4354701DE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Utilify Me

Page URL History Show full URLs

http://utilify.me/ HTTP 301
https://utilify.me/ Page URL

Page Statistics

57
Requests

100 %
HTTPS

93 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

701 kB
Transfer

1715 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://utilify.me/ HTTP 301
https://utilify.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
utilify.me/
Redirect Chain

http://utilify.me/
https://utilify.me/

44 KB
13 KB

181ms
158ms

Document
text/html

2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d23f16cc31e824051981baa3ef556194e0f1282f0bf72733f14800dc0ef874bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-type: text/html; charset=utf-8
link: </_nuxt/c991ed3.js>; rel=preload; as=script, </_nuxt/01e378f.js>; rel=preload; as=script, </_nuxt/b492d78.js>; rel=preload; as=script, </_nuxt/13286b7.js>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oAJ0FmMoT13SlCIh3iR0pbIiQuMfNrJUQoYGRd5zXaXRyT8jS4VqAccPbjQyB3Lc30gcW%2BPuc1%2F4vEcPlm0U0YBBg1CBYWolT3qzT1PVHU3%2BPgC%2BrZvnBI5vpqN7madWjZ6issJ0Qfa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b66579c9fd24e8b-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-h2-pushed: </_nuxt/c991ed3.js>,</_nuxt/01e378f.js>,</_nuxt/b492d78.js>,</_nuxt/13286b7.js>

Redirect headers

Date: Tue, 30 Nov 2021 19:04:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 30 Nov 2021 20:04:33 GMT
Location: https://utilify.me/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z83nAHCS%2B%2BDMFbBruyJ4lDE1%2BXM70S9D%2FwnFEkFPtwUG7mxC3wOKRGqMVM8JZYR3ZZpcwCnXO0nfaLA80sE1WhwxuPQ%2Ff3AHoIFXm31Oq8vHiNmIRSz%2BM6NwZyFQBvKMYqweD4guYLX%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b66579c4c6a5b2c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 c991ed3.js Show response
utilify.me/_nuxt/ 2 KB
2 KB 3ms
0ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e53f46553e944b566c54770794da64f44328d4fa34047da9d800f395ccfade6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
age: 2763402
etag: W/"9dc-17599c85b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L58AgTXz%2Bo4aBPwCPndDR01K7JxGLqsomAKaWdgYuvEUHYay4EPpEqvLMVenUNoWwcVk81ftMLHFdSAkPD7ZYUJcI7DyM52fxfR0moCLvz%2FFSqfGGr7BGhtf7MfyXV%2BOY2BUWKchYboE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579d8af54e8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 01e378f.js Show response
utilify.me/_nuxt/ 182 KB
63 KB 2ms
0ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/01e378f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d203d3b560262a4522c8e26316042f8d9ab3aa8e193e1986e8d0d8955b253184

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
age: 2806559
etag: W/"2d65e-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=urgkad5811xXZKNQZzGJhVpAIgHDFZ%2Br6iT66VzL2iR%2FW0bas8bMNdIVMl10tO5jGEs0HA9b%2BCyrlqfBFjtF4wSXWPpkqbwhfnPOUNKkB1UOLYaZeRcypcMDU%2Blvd7g3mkYdFyMW%2FkHC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579d8afa4e8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 b492d78.js Show response
utilify.me/_nuxt/ 110 KB
33 KB 2ms
0ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/b492d78.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8968a5baecb3645f4a3d50f571207dfd3454e180a42c833c14635f2607f66474

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
age: 6719892
etag: W/"1b970-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYYIFXRHea04VA%2BFiieHtcXOh%2FfemybbIllxcZGKophWcYlvO036acCRDl10TMvO36asOH35b0JDDCy9bp3OzAoO%2B4zGLnSkar3CyvoZL8WWEFZ5jRNVBq%2BExeCggT2JHHbtFPitW5qo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579d8afc4e8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 13286b7.js Show response
utilify.me/_nuxt/ 5 KB
2 KB 3ms
0ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/13286b7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b13eb1a2c58dcf06dd0ff4344df5195f5b4339b918664623a34e259bbc21fba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
age: 2319110
etag: W/"12be-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjaVNstDiODTHFosJWIxvMmkRpl3AzuXvSzv%2FT%2Ft0qysa6ArHBAHyhRk%2BqwIgogG3hblfKT4nMi0%2BlzMP2q%2BGwTShI3fFuv3nRLuYi0xcNHHIa8xmqeFkblUg8YeV7G7ubf5IpuTCs3H"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579d8afe4e8b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 80ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: utilify.me
URL: https://utilify.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10a0c71540edafc0ff0e9f16cd910a67dc198ed7da278e363b86aa9992ecf961

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51247
x-xss-protection: 0
server: cafe
etag: 5519207574692859486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 19:04:34 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v14/ 19 KB
19 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: utilify.me
URL: https://utilify.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utilify.me/
Origin: https://utilify.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 17:56:36 GMT
x-content-type-options: nosniff
age: 90478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 17:56:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: utilify.me
URL: https://utilify.me/_nuxt/b492d78.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 207
date: Tue, 30 Nov 2021 19:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 21:01:07 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=711367965&t=pageview&_s=1&dl=https%3A%2F%2Futilify.me%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Utilify%20Me&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=828647569&gjid=2004552408&cid=2136293512.1638299074&tid=UA-55672564-7&_gid=1535957241.1638299074&_r=1&_slc=1&z=532605740

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://utilify.me/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://utilify.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 272 KB
98 KB 53ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4206599661631001&plah=utilify.me&bust=31063797

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0b671a53e4bc70898cdf7f50bb4cb296698a1550b34625849e70f6ccb6893aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100174
x-xss-protection: 0
server: cafe
etag: 12792684914674209648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 19:04:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 9DDF 11 KB
5 KB 37ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 30 Nov 2021 09:43:00 GMT
expires: Tue, 14 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 33694
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v14/ 19 KB
19 KB 26ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: utilify.me
URL: https://utilify.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://utilify.me/
Origin: https://utilify.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 04:11:55 GMT
x-content-type-options: nosniff
age: 399159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 26 Nov 2022 04:11:55 GMT

GET
H3 200 f6ee2ee.js Show response
utilify.me/_nuxt/ 6 KB
3 KB 67ms
67ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/f6ee2ee.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22214ba9ae2d4321587a35cdbd135f8a75b44fe4c9a2850023cd831203c68826

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"1707-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pEnYYlI1w9MT0oFWVtUgby3jr8oMW%2BOI%2FwBZTg4uGma9N5%2BrUOWnQIQpl0IDnGO5R1nQpCxnRwXqoxd%2Fw%2BZFeuKXBf8nzhje14%2FPHUVl7Y44OgUWwwGjmtliP2o0ZQnRL%2B%2FlDsPdiuX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fbc404e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 964c2d0.js Show response
utilify.me/_nuxt/ 25 KB
8 KB 86ms
86ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/964c2d0.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0f5403cbba27d5d6465967a7a1263d8711f06391b92f0f0af73923607c0b42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"629f-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eC%2BTbFWLEfN4sRfIBDAc6Lqw9zWeXmQsF2Xz%2BvA2kyooCSaajIFrtZnaJby%2BhL6k7yVAOnutcdZ5Of9fEjbDve36xRX2N7h%2BlSJ4zZzjBnLDgUndLZy4WHwQbiy%2Fua5%2B2iAJQ3dUkmhF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecb54e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 c3242ae.js Show response
utilify.me/_nuxt/ 34 KB
12 KB 63ms
62ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/c3242ae.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd032e07ea6b5fec1a8d1838b7dfba63d82c8f5406f303a46d88f3db463a8f3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"89a0-17599c85b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDspj2Z1u1emRAxibgm%2FwuowBt1d0KyY5FzSu1WJhFweTeU%2BSoMa3kcA1aYebrZHeoJoKdmgMZsWyAZ2A82qxs2eyOGW10%2BaaqCOSkokYbFOwvi3rCwF10vhQVe0IwSCMoAty%2FL8ReCt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecb84e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 8b749e1.js Show response
utilify.me/_nuxt/ 8 KB
3 KB 49ms
47ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/8b749e1.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06cb053059b1f829b546fa9c04acb904742ed8a2219d996d7892827500c9c780

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"1e3a-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHpXVC5oqhxEarSp5MH%2FzA9wi2Pgah8V2QoRNLVyChQs4QFjlMKyimRF2EjnBxh8gsX1Lc1s%2B%2BxjkDdZ66dUX%2FIoKl%2ByGwqIHyOS7eMhEYFJ%2FCU4cYGx%2BEOxzFtJLuCHVHuYFzTRQf3l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecbc4e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 3b4d861.js Show response
utilify.me/_nuxt/ 118 KB
36 KB 89ms
88ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/3b4d861.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 992308eb72dedd5517e62b5a220a5e9720b130f1820bdb8538149a0e5a270897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"1d6f8-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crR7bo2yhUxXzerWzG6G3eXT30ZA8mAbAax4NPCeexvJd1CYxbV8IKdCMlQK6qmt2gluEN3rE7PwI5Fiobvd48CiIZWIAqGKPSW%2FUZf4JJRWwqA%2B83rbJWkxu%2FNAwAihfrgi%2BqBPATes"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecde4e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 8ef536a.js Show response
utilify.me/_nuxt/ 10 KB
5 KB 82ms
81ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/8ef536a.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2c86a8814242b25b8685d82b0c55ca36a63b655f4c9f89d45f51b25a1fe20dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"26cc-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1c8ZZ%2FYLMdDeXAloiIsfc%2BgHrfw5FWORKplf%2FzUxhrUdbb962HmIBqFyklSPTFB2AdHKPTIBUT%2BotCvLL%2FwQZTJXi5%2BsPyfbJx6rS23H6ARavmPuA1RRGGdDUxsK%2FBay9NXxU8CwRe6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fece04e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 cf297c8.js Show response
utilify.me/_nuxt/ 5 KB
3 KB 107ms
106ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/cf297c8.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46b88dc51560898199851af3cb0066b5ccc4a1d80b3e33afaf5dc69bf96a1c48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"144c-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMvbCy4opJIzjPOI7jtafufgcXWEcsjMTHBn9YxXMEj1cBU1oJSV78xK5IX7TzWMfdQKeNIUCiqtljs5tm9msuiZ3qfupVi3Qi%2FUafQtmEIgzFp1TjdQC0UNtg%2BRECLkvChw74XBwmxZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fece34e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 d1f00f8.js Show response
utilify.me/_nuxt/ 19 KB
7 KB 82ms
81ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/d1f00f8.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193c3d0bc79b0ee0b05bfb088f4c80e92c86bf2dfcf300aea13a8b175bbf50b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"4b84-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skp9clN5ZUVzPSXjYTXw2KuACSuSswEUg7NWbj9fX6UMkt6EaDdJEA5UBhoJArQRJNkC7qzOKICynesWZvXbPcHNTCnjfVLiGY00mxxr9XtgMaCEBXAl6iTLF4tUbt84Kn8NZBZlZuVV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fece64e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 3725bee.js Show response
utilify.me/_nuxt/ 5 KB
3 KB 90ms
88ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/3725bee.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a415f6e88b174924702960d55912dda67ae18f20e2f7d8839493ec75793db3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"141a-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkzo1hsBZVwlGqQxI95T8VPkfePWiChs96VODADsr1JfBwxPfvZHScbe5kNWpt63ZNkWmbRO%2BAmggJAsjIhXLOxL2J70sILW88ANdQetsydRs33gXrURr3%2BPvrLK%2B0J2tnjtu8nTPcEQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecea4e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 258c36b.js Show response
utilify.me/_nuxt/ 13 KB
5 KB 75ms
74ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/258c36b.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64f21b2e077ffe174bcc8167da802e7f7d988859301d5e5255ae5d52de9dee74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"3590-17599c85b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7b4C0betbGs%2BdUyzK2GqC9gZsVaD7HQmIvIwoDZEZEGSuOeogMeZ35M4FqClF1reJdY1UlvE9gQ87bqZINmGezjM5hsFQW%2BlIhRBeKZpq3ptRex5YAUZQN8u%2BX16OE8tu3HpSGlgKQ%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecee4e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 b0d7150.js Show response
utilify.me/_nuxt/ 10 KB
3 KB 87ms
86ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/b0d7150.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52cdc9cddeb1cc59287dbfe86e3dc5138458a9640b84d5e493547bd37989beef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"28da-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkRPisIw%2BGwG8zJ4%2F%2B8RqualnWucf7E0I3rM8rOsTu6CcHD6MMUQ9vgcWjB719nQb6%2BGFi4ijLv8CzCfAqXfRf9ZR2Wmx%2B6Xuckra5pk9bnFcqbBDCeHGIKuKeAGq3eYnic1cakMHfy7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecf04e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 102541c.js Show response
utilify.me/_nuxt/ 17 KB
6 KB 88ms
87ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/102541c.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76788cb51a0e5f51aa4fc7bd538014f0e628a1e90c84d7f18210f87b00de04cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"4270-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iyebrwhQ5heUJjP3yQm3Jv%2BQHm2a0GTB651cUKaOm%2BspTU73HGZ1e9tiZUYwdcsxLVD3h6DYpBz6V%2B8ba%2BkcYjP5fHAiPeoXhGdrZGjpEFL7%2B90C%2FaT8G9d%2Bq50H30emUpqQ%2BDUixQt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecf14e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 031a041.js Show response
utilify.me/_nuxt/ 1 KB
1 KB 80ms
79ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/031a041.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba78a7d994a04a2bbde32e13d8017882a5749b318e28259b05372a77e3bda926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"490-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lNf5DTe29Ho5JOQrwenSoXli%2BT1TbaKzlD6IPwYM8c9WAu1b7gvSm6xP4mdX%2FLpbIkNb1z2SjyUdtaAXJJKnTAgCqlhHSI74Auf1e3mwe6DHrQtTgY2uLS2XZgaLp0sLca0v1RvMrOc9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecf34e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 3a409f1.js Show response
utilify.me/_nuxt/ 2 KB
1 KB 81ms
80ms Script
application/javascript 2606:4700:3033::ac43:a13f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utilify.me/_nuxt/3a409f1.js
Requested by: Host: utilify.me
URL: https://utilify.me/_nuxt/c991ed3.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:a13f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b767f2bb80eff08c525bfed3ef3015eccfc84b65eb25b23bc80ce71f500d7e8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Nov 2020 19:00:46 GMT
server: cloudflare
etag: W/"847-17599c85b91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3OG%2B61byMEm3eqHDL0bULu0mBwaS5%2F5UOZjZGG2o2DKvONhUPkdmcgLaCTDMjktTkNkHKFBP8zy4eV9jbEnokkVYD%2Ft8aYgRDozH9IekT1gxWzzAi%2Fbxo7WgWoLGvlyACUQuq3yckC8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b66579fecf84e31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ 52 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4206599661631001&plah=utilify.me&bust=31063797

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb331636b16e9d14d1848d5109039837a3a58d984a1a9b124df2904d84a81a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 17:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20825
x-xss-protection: 0
server: cafe
etag: 13644742666736699536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 17:40:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
634 B 37ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=utilify.me&callback=_gfp_s_&client=ca-pub-4206599661631001

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

838f10ac01f68de3ed36c7fbbdde520f504031f33405dae0bd3a09b109b8e040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=utilify.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=utilify.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Futilify.me%2F&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: utilify.me
URL: https://utilify.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3ED5 0
19 B 87ms
72ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4206599661631001&output=html&adk=1812271804&adf=3025194257&lmt=1638299074&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A128%2C2%3A16777344%2C3%3A160%2C4%3A160%2C8%3A128%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32&format=0x0&url=https%3A%2F%2Futilify.me%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638299074459&bpp=4&bdt=143&idt=97&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214978720276&rume=1&frm=20&pv=2&ga_vid=2136293512.1638299074&ga_sid=1638299075&ga_hid=711367965&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063696%2C31063797%2C31061691%2C31061693&oid=2&pvsid=524725374262792&pem=366&tmod=2020110505&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 30 Nov 2021 19:04:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 19:04:34 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F2D7 89 KB
30 KB 512ms
508ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4206599661631001&output=html&h=280&slotname=9072497515&adk=1263561008&adf=1922617487&pi=t.ma~as.9072497515&w=1200&fwrn=4&fwrnh=100&lmt=1638299074&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Futilify.me%2F&region=page-0.8390140171714475&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638299074463&bpp=5&bdt=147&idt=119&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214978720276&rume=1&frm=20&pv=1&ga_vid=2136293512.1638299074&ga_sid=1638299075&ga_hid=711367965&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063696%2C31063797%2C31061691%2C31061693&oid=2&pvsid=524725374262792&pem=366&tmod=2020110505&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ivl9Jrq7ov&p=https%3A//utilify.me&dtd=125

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0109099883e6adada1cd95f1a2e402944bc2e39aa9ffaead2001481cba258b85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 30 Nov 2021 19:04:35 GMT
server: cafe
content-length: 30763
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 30 Nov 2021 19:04:35 GMT
cache-control: private

GET
H2 200 css
fonts.googleapis.com/ Frame F2D7 3 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4206599661631001&output=html&h=280&slotname=9072497515&adk=1263561008&adf=1922617487&pi=t.ma~as.9072497515&w=1200&fwrn=4&fwrnh=100&lmt=1638299074&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Futilify.me%2F&region=page-0.8390140171714475&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638299074463&bpp=5&bdt=147&idt=119&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214978720276&rume=1&frm=20&pv=1&ga_vid=2136293512.1638299074&ga_sid=1638299075&ga_hid=711367965&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063696%2C31063797%2C31061691%2C31061693&oid=2&pvsid=524725374262792&pem=366&tmod=2020110505&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ivl9Jrq7ov&p=https%3A//utilify.me&dtd=125

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 30 Nov 2021 17:48:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 30 Nov 2021 19:04:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Nov 2021 19:04:35 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F2D7 1 KB
959 B 43ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:04:15 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame F2D7 19 KB
8 KB 37ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:02:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F2D7 2 KB
1 KB 43ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:03:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:03:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2D7 119 KB
37 KB 337ms
306ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 19:04:35 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F2D7 15 KB
6 KB 38ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 19:01:21 GMT

GET
H2 200 163b3e9c260ab6fd774ac5b5c6fd1d76.js Show response
www.gstatic.com/mysidia/ Frame F2D7 27 KB
12 KB 53ms
9ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sat, 27 Nov 2021 16:21:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11360
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 04:29:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 16:21:31 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6104931335308976655/ Frame F2D7 47 KB
48 KB 42ms
12ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6104931335308976655/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

997ea2895edecfc2108062cef575e8be5a7cea6edeee40f595c47d52d2972317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:54:53 GMT
x-content-type-options: nosniff
age: 529782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48313
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 19:51:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:54:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F2D7 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CB6k6wnWmYYncJZHwtwfZ_KygCpaWnutmy6zPk88N7MirzaEcEAEg6NLVY2CV-vCBjAegAZq-46QCyAEJqAMByAPLBKoEwgFP0A4ctLtGxl4ZhFUaQhFQVahx5EJa-OEnUZ00Ft0NfhPIfTrEJFQqiL1dfDSs9MHVxhzUAxYLHfsKCOEucHZM8OEs9es9zVzjsFCcigL4r3bJjBCSjUMxOiCUtz2VolM1ETlZhsPYfPK58veNgS5fTcr64kmS_0tbDabLmrCRXE9myIJj-B6xJGqdHPPy2v_XcZ6o8F-Cy-qG3-L7URFsmVtDB_Ka6uQt6ByIEqeKEoOWe77jiVPpIh62G12bQmcgBMAEk8q_8NUDkgUECAQYAZIFBAgFGASgBi6AB87BnNsBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQ0LnhAdIICQiA4YAQEAEYX4AKAcgLAbgTiCfYEw2IFAPQFQGYFgGAFwGyFxwKGggAEhRwdWItNDIwNjU5OTY2MTYzMTAwMRgA&sigh=zmcF1OV3xE4&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4206599661631001&output=html&h=280&slotname=9072497515&adk=1263561008&adf=1922617487&pi=t.ma~as.9072497515&w=1200&fwrn=4&fwrnh=100&lmt=1638299074&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Futilify.me%2F&region=page-0.8390140171714475&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638299074463&bpp=5&bdt=147&idt=119&shv=r20211111&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2214978720276&rume=1&frm=20&pv=1&ga_vid=2136293512.1638299074&ga_sid=1638299075&ga_hid=711367965&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063696%2C31063797%2C31061691%2C31061693&oid=2&pvsid=524725374262792&pem=366&tmod=2020110505&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ivl9Jrq7ov&p=https%3A//utilify.me&dtd=125
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 30 Nov 2021 19:04:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 30 Nov 2021 19:04:35 GMT

GET
DATA 200
OK truncated
/ Frame F2D7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F2D7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b213f42a05cc632b733065e6d77f14aa73df92fa53a509aecfda61e4d12143f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F2D7 21 KB
21 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 16:54:46 GMT
x-content-type-options: nosniff
age: 7789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 16:54:46 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame F2D7 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 88989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 29 Nov 2022 18:21:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 39ms
23ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc1e1efa4fd5bcbff973a7781006d5e6b3a57150971ee5543387bc7fcbbada1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 19:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9406
x-xss-protection: 0

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D91 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame F2D7 57 KB
22 KB 33ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

977f35f75dfb224977b278c01ff5bd8fb73f53fcaec7480681eb779e34177f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 18:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2568
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22094
x-xss-protection: 0
server: cafe
etag: 9350601024229784641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Nov 2021 19:21:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 19:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 30 Nov 2021 19:04:35 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F2D7 0
327 B 803ms
272ms Ping
image/gif 2404:6800:400a:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kwmgyx4i&chm=1&ctx=2&gqid=wnWmYbelJbWBmwe425SQCQ&qqid=CInFg9PjwPQCFRH47QodWT4LpA&met.6=6.1_CgsY0AcgPyoECAgSAA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F2D7 0
54 B 810ms
278ms Ping
image/gif 2404:6800:400a:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~kwmgyx4m&chm=1&ctx=2&gqid=wnWmYbelJbWBmwe425SQCQ&qqid=CInFg9PjwPQCFRH47QodWT4LpA&met.4=fb.es~lb.pp~ol.qm~bdt.-7l~bpp.-3d~idt.-7~dtd.-1~dt.-3i&met.3=555.q3~556.q3_2~749.qj_3~736.qp~735.qu_1~734.sy~113.t2_3~112.t1_4~246.t4_1&met.1=1.kwmgywbh~6.2~7.2~8.2~9.2~10.2~12.7~13.eb~14.ef~15.ee~16.pp~17.pp~18.pp~19.q8~20.q8~21.qm~22.fk~23.fk&met.7=CAUQCBgBKAEwhgQ4vgdoB3CDBHjX8gGAAavwAYgByMkFsAEBuAED~CBIQBxgBIJMEKJMEMLsEOChAlARIlQRQlQRYqwRglwRoqwRwugR40waAAacEiAHzGKoBFQoTR29vZ2xlIFNhbnM6NDAwLDUwMLABAbgBAw~CBwQChgBIJgEKJgEMMQEOCtouARwwwR4gQmAAdUGiAHLC7ABAbgBAw~CAkQChgBIJkEKJkEML8EOCZAmQRImQRQmQRYtgRgogRouARwvgR4zD-AAaA9iAGDlQGwAQG4AQM~CB4QChgBIJkEKJkEMMQEOCtouARwxAR44AyAAbQKiAGeE7ABAbgBAw~CCoQChgBIJkEKJkEMPIGONkC~CBwQChgBIJkEKJkEMMMEOCpouARwvwR4uzSAAY8yiAGXdLABAbgBAw~CBsQChgBIJkEKJkEMM8EODY~CBcQAhgBIJoEKJoEMMkEOC9ouARwxAR45fsCgAG5-QKIAbn5ArABAbgBAw~CCEQBBgBIK4EKK4EMOMEODVorwRw4wR4rAKwAQG4AQM~CBMQAhgBIKEHKKEHMKoHOAloogdwqQd4yKsBgAGcqQGIAZypAaoBEAoKZ29vZ2xlc2FucxAkGAKwAQG4AQM~CBMQAhgBIKQHKKQHMK4HOApopAdwqwd43KkBgAGwpwGIAbCnAaoBEAoKZ29vZ2xlc2FucxAkGAKwAQG4AQM~CCgQChgBIMYHKMYHMO0HOCdAxwdIxwdQxwdY4AdgyQdo4Adw6Ad4-q4BgAHOrAGIAb3FA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9396 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 30 Nov 2021 18:24:09 GMT
expires: Wed, 30 Nov 2022 18:24:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1462 783 B
1 KB 44ms
22ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

70503925b05f452faddd257315e08191de414a015a93f1743ed2a85e816f9ed0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1n95zdp8RjWbROHKJPu0Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 30 Nov 2021 19:04:35 GMT
date: Tue, 30 Nov 2021 19:04:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1n95zdp8RjWbROHKJPu0Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9396 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 109218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1462 0
0 47ms
47ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=524725374262792&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=524725374262792&bg=!oaKloubNAAZQLpa_UC47ACkAdvg8WiQmxsWQRlhxhNcS53Pfyh_j44-WEsaVacLyOb5IliXZrYXSXgIAAABkUgAAAApoAQcKAN69jIlFMEGyzbZWHaM9kXOdW35Kd7X46Z09T4fRFJS_UFinwU_LSo_UhEQQAo9K-1HHyH8ox7XqoT4dNJ7thUwXPSDKJoPIVtXGcvbYI_e0Fyl_3wM7vaKX84iQswJaEFt2zkRnskwArDT3TlgOXiCWpZHsUtiM7Tl5n47odwFp5IDZpA-XdHynDW7Dbvs-wBwDwnuDsy-1tKi48N-fFIOLR5Hqj1kRGB7WV2jFgeLtsPjgPAMobhL-aYph31AhsmFYpn3eAc8V7jkpZkq8Tjweydz-yJzpPkNhh1EmPyKZAosLh05qSXBob_glbvhoPMAHjDgHksZPLQTYFhcIR0Z1jsa10AqVYbK2CsRJN0rEGugImOBU9W36ebM87KzVCaoG9gIqjDQVAgGXtvQ4wOV7VGE67qxjn9yfB7eUD5wF0vu1cnwRzUSfP6T1x_S7hY7BCSyyE0ys9WhTdT4izyFXL1rmoPnpJrPdTRBKM1jdfgp3QE5xzHAThsGXGmw10MRIdNdf8d5UdKeAso-OFnH4JhrQHJuwz7Az9LEoaymQ7fnnEEzlquDqRaW6sDY_i5U2x0_Tg6fR-zISk4Pz8JMWp7f39cgfqLQeHdM2Ahg-FBi3Q6eko4F-siuqxEdDjXGHYnjNaxZ3eVd-d34A_zIe_K8uwrB9NAZI12ySO9kaJcDWQnS5HWTVd_If7PYDZEhMu0n80v17hKIXudHl8Ejj6VeZLcyo__ko7qWtecF2yutQzhvOKRAQCgZai9nMU1GIv2q3PrrFST-A_dnazCRmC4-C2FTmshWox07fc2B3cRDdG5WJUJDDbmLRQTDuVjrYPMHcKSrUGYZSruBoZ0ARQzCCcl7y2QieNmoWFz39sY7LnyMN7y_UJCvvuQbBlmgJ5yImpGHastbTcjj4hLw6WnzMdc-aRr11pTHVyJTHg0Bb6DQlf9KOmahx_Z5lSzvuOlZifRySehCwQVinqJ0ZpIUCOmLmIwTUGGUymV2f-SGlvU1gyM9dp4ehOtZaRvkq7QgAKwN-v2nqjLW04Z3ZmUnadnD02obwcthdHdfcsHPFBaBPK9iJjoTvlEj8g3Cq5AFqP4C04z5mlKE4y-UDF_qcktXTG8Xpj4ekFKesKJ5qYg0T83PdTM5YrqABhfHOeERkJrJlU_VMDzI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://utilify.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2D7 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstloTX3nLgAfMXaw_dgezTTvwtmfzt62cdX4tCQItAEP39khHUZiijPmXmmC2_y2FojcrW1yOTzU3sA9YuVgeKwFSTfOmAeKZAv-j99ZkEgdtWO2QDqYw&sai=AMfl-YRboAYUcPN_CUfnphyvpt1v-0WKOMNEthIAmNyMyg9RhUhF30eWsG002olBOgjjA7xkw4UT4QeCRSmf&sig=Cg0ArKJSzAPWBOe7oufQEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1263561008&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638299074589&rpt=955&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 552ms
278ms Ping
image/gif 2404:6800:400a:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kwmgywbq&c=524725374262792&e=31062423%2C31063696%2C31063797%2C31061691%2C31061693&ctx=1&met.3=779.eb~164.eh_1~165.ee_5~247.em~248.en~164.eo~165.ej_5~166.e1_z~326.h5_2~216.h3_4~215.h3_4~843.h2_5~161.h7~868.h9~889.hl~639.hq~914.hq~326.hu~216.ht~215.ht~161.hu~868.hu~889.hw~639.i4~914.i4~112.i9_1~629.ie~168.182_1~168.182_1~168.183~168.183~168.183~168.183~168.183~168.183~113.18w_4&met.7=CBsQCMABrpOdkwY~CBsQByD4AjgEwAHW4t-JBQ~CBsQByD4AjgJwAGLh-rkBA~CBsQByD4AjgIwAHi2Za4Dw~CBsQByD4AjgGwAHZyuitCg~CAEQChgBIIgDKIgDMOMDOFpAiwNIjANQjANYqwNgjQNoqwNw2gN425IDgAGvkAOIAYj7CLABAbgBA8AB3o6_mwE~CBMQAhgBII4DKI4DMLkDOCtAjgNIjwNQjwNYqgNgjwNoqwNwtAN47JgBgAHAlgGIAcCWAaoBEAoKbW9udHNlcnJhdBAOGAKwAQG4AQPAAfKbpDA~CBsQCiC0AzgswAHZ67DzCg~CBsQDSDyAzgewAGAkfKHCA~CAMQChgBIIgEKIgEMM0EOEVQiQRYmwRgiQRomwRwvgR4-pAGgAHOjgaIAYP_ELABAbgBA8ABv-X7zgQ~CAwQBRgBIJwEKJwEMMUEOClAoQRIpQRQpQRYvARgqARovARwxQR4vyiAAZMmiAGzVbABAbgBA8ABo8OCzwc~CBMQAhgBIKQEKKQEMMEEOB1QpQRYtQRgpQRotQRwvwR4kJgBgAHklQGIAeSVAaoBEAoKbW9udHNlcnJhdBAOGAKwAQG4AQPAAd_RzLYD~CBsQCiC8BDhEwAGQtaV3~CBsQCiDZBDgywAG-ucbxDg~CBwQChgBIOsEKOsEMPMEOAlo6wRw8gR4haUBgAHZogGIAbiiA7ABAbgBA8ABvK2evQk~CBsQChgBIO8EKO8EMJQFOCZA7wRI8ARQ8ARYhQVg8QRohQVwlAV46gOAAb4BiAHIAbABAbgBA8AB5Krg8AI~CC8QBxgBIPMEKPMEMJkFOCZA9ARI9ARQ9ARYiQVg9QRoiQVwmQV4kAOAAWSIAWuwAQG4AQPAAe21srAK~CBwQBhgBIPQEKPQEMJsFOCho9ARwmwV4rAKwAQG4AQPAAZSE4rUO~CBsQCiDZBDhFwAGm3vTsAg~CC8QBxgBIPQEKPQEMJ4FOCtA9ARI9wRQ9wRYjQVg-ARojQVwngV4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQCiDbBDhQwAHGpeLzAg~CBsQCiDZBDhUwAGV48f8CA~CBsQCiDYBDhXwAH_pO29Aw~CBsQCiDaBDhXwAHywZHUAQ~CBsQCiDcBDhUwAH867uKDw~CBsQCiDcBDhVwAGsp86rDw~CBsQCiDbBDhcwAHyl6KBCQ~CBsQCiDbBDhewAGm35bUAQ~CBsQCiDbBDhcwAH7qL_rBg~CBsQCiDZBDhdwAGXha6EAw~CBsQCiDaBDhswAGr5IwW~CAUQBRgBIP0EKP0EMNgFOFtQgQVYjwVggQVokAVw1wV4rAKwAQG4AQPAAZDHsvAI~CAUQBRgBIIkFKIkFMI8JOIYEaJAFcIsJeNfyAYABq_ABiAHIyQWwAQG4AQPAAZDHsvAI~CBsQCDjIDMABrpOdkwY~CCcQDRgBIMgMKMgMMPAMOClQyQxY1wxgyQxo2Axw7wx46kuAAb5JiAHgYLABAbgBA8AB8_LLrgs~CCcQChgBIJoNKJoNMMgNOC7AAeLBm9oF~CCcQBRgBIM0NKM0NMNcNOArAAdT_u6UH~CBsQBRgBIM4NKM4NMPsNOC3AAc_G2uIB~CBwQBhgBIO0OKO0OMJgPOCto7Q5wlw94rAKwAQG4AQPAAZSE4rUO&met.1=1.kwmgyvth~6.1b~7.1c~8.1c~9.1c~10.1z~11.1d~12.1z~13.6d~14.6p~15.af~16.be~17.d5~18.d5~19.18n~20.18n~21.18n~22.bt~23.bt
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/rum_fy2019.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:804::2003 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://utilify.me/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 19:04:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.utilify.me/	1970-01-20 16:36:11	Name: _ga Value: GA1.2.2136293512.1638299074
.utilify.me/	1970-01-19 23:06:25	Name: _gid Value: GA1.2.1535957241.1638299074
.utilify.me/	1970-01-19 23:04:59	Name: _gat Value: 1
.utilify.me/	1970-01-20 08:26:35	Name: __gads Value: ID=0f2e2bb7757e239d-2269d1a006cc0057:T=1638299074:RT=1638299074:S=ALNI_MZvvPzTq07TW7i7ccv5SMu_rSwoLA
.doubleclick.net/	1970-01-20 08:26:35	Name: IDE Value: AHWqTUmgZOIkgeKIzt-zurWN0nRBPahN72fH7QTzB70M3iICeLYZ5Qh35Jjj0JzsvHg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
utilify.me
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
2404:6800:400a:804::2003
2606:4700:3033::ac43:a13f
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
0109099883e6adada1cd95f1a2e402944bc2e39aa9ffaead2001481cba258b85
06cb053059b1f829b546fa9c04acb904742ed8a2219d996d7892827500c9c780
10a0c71540edafc0ff0e9f16cd910a67dc198ed7da278e363b86aa9992ecf961
193c3d0bc79b0ee0b05bfb088f4c80e92c86bf2dfcf300aea13a8b175bbf50b0
1a0f5403cbba27d5d6465967a7a1263d8711f06391b92f0f0af73923607c0b42
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
22214ba9ae2d4321587a35cdbd135f8a75b44fe4c9a2850023cd831203c68826
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
46b88dc51560898199851af3cb0066b5ccc4a1d80b3e33afaf5dc69bf96a1c48
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52cdc9cddeb1cc59287dbfe86e3dc5138458a9640b84d5e493547bd37989beef
57a415f6e88b174924702960d55912dda67ae18f20e2f7d8839493ec75793db3
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
64f21b2e077ffe174bcc8167da802e7f7d988859301d5e5255ae5d52de9dee74
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6e53f46553e944b566c54770794da64f44328d4fa34047da9d800f395ccfade6
70503925b05f452faddd257315e08191de414a015a93f1743ed2a85e816f9ed0
76788cb51a0e5f51aa4fc7bd538014f0e628a1e90c84d7f18210f87b00de04cd
838f10ac01f68de3ed36c7fbbdde520f504031f33405dae0bd3a09b109b8e040
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8968a5baecb3645f4a3d50f571207dfd3454e180a42c833c14635f2607f66474
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b13eb1a2c58dcf06dd0ff4344df5195f5b4339b918664623a34e259bbc21fba
977f35f75dfb224977b278c01ff5bd8fb73f53fcaec7480681eb779e34177f23
992308eb72dedd5517e62b5a220a5e9720b130f1820bdb8538149a0e5a270897
997ea2895edecfc2108062cef575e8be5a7cea6edeee40f595c47d52d2972317
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b213f42a05cc632b733065e6d77f14aa73df92fa53a509aecfda61e4d12143f0
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b767f2bb80eff08c525bfed3ef3015eccfc84b65eb25b23bc80ce71f500d7e8c
ba78a7d994a04a2bbde32e13d8017882a5749b318e28259b05372a77e3bda926
bc1e1efa4fd5bcbff973a7781006d5e6b3a57150971ee5543387bc7fcbbada1d
bd032e07ea6b5fec1a8d1838b7dfba63d82c8f5406f303a46d88f3db463a8f3c
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cb331636b16e9d14d1848d5109039837a3a58d984a1a9b124df2904d84a81a79
d0b671a53e4bc70898cdf7f50bb4cb296698a1550b34625849e70f6ccb6893aa
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d203d3b560262a4522c8e26316042f8d9ab3aa8e193e1986e8d0d8955b253184
d23f16cc31e824051981baa3ef556194e0f1282f0bf72733f14800dc0ef874bb
d2c86a8814242b25b8685d82b0c55ca36a63b655f4c9f89d45f51b25a1fe20dd
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

utilify.me Open in urlscan Pro 2606:4700:3033::ac43:a13f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

57 Requests

100 %HTTPS

93 %IPv6

10 Domains

15 Subdomains

15 IPs

3 Countries

701 kBTransfer

1715 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

utilify.me Open in urlscan Pro
2606:4700:3033::ac43:a13f Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

93 %
IPv6

10
Domains

15
Subdomains

15
IPs

3
Countries

701 kB
Transfer

1715 kB
Size

5
Cookies

57 HTTP transactions
2 data transactions