Submitted URL: http://xy2.eu/nyup
Effective URL: http://xy2.eu/
Submission: On January 23 via manual from SG — Scanned from DE

Summary

This website contacted 28 IPs in 9 countries across 25 domains to perform 182 HTTP transactions. The main IP is 93.157.97.6, located in Poland and belongs to OGICOM, PL. The main domain is xy2.eu.
This is the only time xy2.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 12 93.157.97.6 34360 (OGICOM)
33 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.66.133 54113 (FASTLY)
16 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
2 37.157.2.234 198622 (ADFORM)
3 3 52.16.162.42 16509 (AMAZON-02)
16 142.250.186.98 15169 (GOOGLE)
2 2 104.111.215.191 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
2 35.227.252.103 15169 (GOOGLE)
3 3 69.173.144.138 26667 (RUBICONPR...)
1 2600:1f14:d24... 16509 (AMAZON-02)
2 2 217.182.200.20 16276 (OVH)
2 2620:116:800d... 16509 (AMAZON-02)
2 2 35.244.174.68 15169 (GOOGLE)
3 3 185.64.190.78 62713 (AS-PUBMATIC)
1 1 18.196.159.27 16509 (AMAZON-02)
182 28
Apex Domain
Subdomains
Transfer
67 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
565 KB
32 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 197
200 KB
22 gstatic.com
fonts.gstatic.com
www.gstatic.com
231 KB
19 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
92 KB
12 xy2.eu
xy2.eu
96 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 293
39 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
224 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 5557
adservice.google.de — Cisco Umbrella Rank: 8028
2 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 595
1 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 312
1 KB
3 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3397
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 738
883 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1255
674 B
2 gemius.pl
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 8640
502 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1548
415 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1902
1 KB
2 seadform.net
track.seadform.net — Cisco Umbrella Rank: 89382
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 529
762 B
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1541
297 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 890
324 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 255
14 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
640 B
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1385
432 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
182 25
Domain Requested by
34 tpc.googlesyndication.com xy2.eu
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
33 pagead2.googlesyndication.com xy2.eu
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
www.googletagservices.com
16 cm.g.doubleclick.net googleads.g.doubleclick.net
14 www.gstatic.com googleads.g.doubleclick.net
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 xy2.eu 2 redirects xy2.eu
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
7 fonts.googleapis.com xy2.eu
googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
5 www.google.com 1 redirects xy2.eu
tpc.googlesyndication.com
googleads.g.doubleclick.net
3 image6.pubmatic.com 3 redirects
3 pixel.rubiconproject.com 3 redirects
3 pixel.everesttech.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
2 id.rlcdn.com 2 redirects
2 cms.quantserve.com googleads.g.doubleclick.net
2 googlecm.hit.gemius.pl 2 redirects
2 rtb.openx.net googleads.g.doubleclick.net
2 e.dlx.addthis.com 2 redirects
2 track.seadform.net googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 d.agkn.com 1 redirects
1 ag.innovid.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 googleads4.g.doubleclick.net xy2.eu
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.de xy2.eu
1 stats.g.doubleclick.net www.google-analytics.com
1 www.paypalobjects.com xy2.eu
1 ajax.googleapis.com xy2.eu
1 www.googletagmanager.com xy2.eu
182 34

This site contains links to these domains. Also see Links.

Domain
hoo.gl
bitly.ws
tinyurl.mobi
fueltiktok.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-11-02 -
2022-03-15
4 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.seadform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-11-04
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-22 -
2022-03-25
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh

This page contains 22 frames:

Primary Page: http://xy2.eu/
Frame ID: FE440B48EB9B3C87DB271105D30B5397
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/zrt_lookup.html
Frame ID: 04E8887778013DF74E61D89353F25041
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1642963767&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxy2.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1642963767314&bpp=29&bdt=117&idt=96&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=378143225127&frm=20&pv=2&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: 6E54C425172FFAAD3FC2EE59B192AF8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Frame ID: A91CAF652576826DDEE08F5D5DA7AB3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCeghiGUF7g5aL2olAcjldtM8dT3P4opAq6K04Wrn0xPzPIdR7Ghr9uFCUpbVx_7zEzQMAjv6y5KDxwBsWv2rUB-c1v-j9s8RnNONQplix-P03EjpEHgEFSbbeSMFzRoevE0c-twI5lp9Jb9F1ZwC2JVCv3o_CmN8TBVulK3mxzLbAQqioGzO6uIYWwY4wEZllgPcWB_hyIgCeIxQ204DalNdkJBoci6dG7GjUOe_ujceFRhqyZJBlWfig9F9-DsBXjzqdVzLXUC4HR85167Mrwt_xBLYhUvtmlm73vQPBSQR5y2wpGnPQhM0qLap4Y4JEgUpt4Pkjpw0UhllmEQfEYoW9p-goLO1pj7Wa5BV9XCc0W9eIsqhPleKjrxW1ljoeW0stKfOIbZ5qQugs6AIs6rOy3WeNNaDjnkF8tYaDOntL4KZSgYC5qgtcZzrIQcLGSLVDBzfVjr-OmRRRFBvJMeW17v-SX65bvqa7E0gsLtQTrNkysw1RYZhTMMS0-z-62pnhzyLi4X5pWAooOXBRptI6I1F4kD7DOIIIm5xbxgkHZhaQOp2AC4L7AE9_z_eoyZkosPbfsP2tm9ZXQdRo4zFnZi4ENUWi6YbIp5JNbhrATzUeeaH5QoCPAmSZa-XU0znMF3mGNKiayYvI22dzK9Ffe4BxWunnWtQskFujtMdviWoicl34QMr-eBJKxJTTJbSDjW6NOWxkqQyYH7C3Vsa4MbrqRBHbf8jWUo8sac1chHeOM2BX5PxI18tuI-TlOoVdf9WO2Tx4ni9sXtzADz8WcB7LOmMfgwr5E1z02lLuEZudWn4hGtBFmJ3HsMiqwK0OAffT1OotHJYoB3sxc6FjC1JVYJ3SXC9TCRvrSL_kZyUGix0dhzvyzS4gonieICqH1upgt96DWRLjaM6lZq9-26NB&sai=AMfl-YSSJOOjNXx7-tZLswK8Is1t_UCuisX1NNNyhwZfO3jCcmckbFW4hOhaiA&sig=Cg0ArKJSzKfVj_MLN39sEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 44D6D1E4568E0AC818EA60B7C6A665EA
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6F51A11C8F5D09B48F4AE35960796354
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=1604629528&pi=t.aa~a.1977423791~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1642963768&rafmt=1&to=qs&pwprc=4261460615&psa=1&format=1200x280&url=http%3A%2F%2Fxy2.eu%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1642963768294&bpp=1&bdt=1097&idt=-M&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5073ae271b291303-222b16f027cd00db%3AT%3D1642963767%3ART%3D1642963767%3AS%3DALNI_MY1aIhJwex4Ojg9Ql4RVJJf-2s_2Q&prev_fmts=0x0%2C1200x200&nras=2&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IEdnyoP4MU&p=http%3A//xy2.eu&dtd=7
Frame ID: 3E31977887BDB8BD4EBA34F862BC4D6B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=768393861&pi=t.aa~a.1977423791~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1642963768&rafmt=1&to=qs&pwprc=4261460615&psa=1&format=1200x280&url=http%3A%2F%2Fxy2.eu%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1642963768294&bpp=1&bdt=1097&idt=-M&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5073ae271b291303-222b16f027cd00db%3AT%3D1642963767%3ART%3D1642963767%3AS%3DALNI_MY1aIhJwex4Ojg9Ql4RVJJf-2s_2Q&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2q0fj00F3v&p=http%3A//xy2.eu&dtd=10
Frame ID: 00AA6A62348123F0B59CE9DB090165BF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2167731293&pi=t.aa~a.1977424468~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1642963768&rafmt=1&to=qs&pwprc=4261460615&psa=1&format=1200x280&url=http%3A%2F%2Fxy2.eu%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1642963768294&bpp=1&bdt=1097&idt=0&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5073ae271b291303-222b16f027cd00db%3AT%3D1642963767%3ART%3D1642963767%3AS%3DALNI_MY1aIhJwex4Ojg9Ql4RVJJf-2s_2Q&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=HxQ9FtlpcN&p=http%3A//xy2.eu&dtd=14
Frame ID: C89FABC128A14305F1882A31969C6897
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Frame ID: 60F29DFEC876BDDD59B66044ED0F9C86
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Frame ID: 96B55ABB8D4F87A9EEDA66567BCFB16B
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6470B440F588FE15B0BCF4B85B4BDD59
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D69583FB8BC7CC3FE124D70E5F2F616
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019
Frame ID: E3A7B94BAA1680941F912A5EA81EC13D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F820C211BCD1728BA54A08E75131F81A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 4E45F62E062A9F6E5C89FB45CE78B37D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 15AA139AAE03919B2805E20EB9A25B50
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 1126A673BAD7B4C421A386401639EB6A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2EE7AE7FE2265ECB54DBCA2C8BCCFC7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 581118A22657621C89303376CA41C26D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 25C8A9B33508D997C371671E3AFD1A03
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: A4B837BCD6F353DAC1A87C7893AE124B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

XY2 | URL Shortener

Page URL History Show full URLs

  1. http://xy2.eu/nyup HTTP 301
    http://xy2.eu/?redirect=nyup HTTP 302
    http://xy2.eu/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

86 %
HTTPS

56 %
IPv6

25
Domains

34
Subdomains

28
IPs

9
Countries

1520 kB
Transfer

3749 kB
Size

29
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xy2.eu/nyup HTTP 301
    http://xy2.eu/?redirect=nyup HTTP 302
    http://xy2.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 122
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIjQzB7c8JzP0HoWia2lmz28SIfop0qQGVtH2ojHOMMRhQgVMOkmv-Nsp6o0Xu88lMhp4KRw1wCbl40iY_2K7_Aj1na2Ezw&google_gid=CAESEH2xVUzYMjREj2YS9S1zy0c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWUyak9RQUFCYm9CREhPaw&google_push=AYg5qPIjQzB7c8JzP0HoWia2lmz28SIfop0qQGVtH2ojHOMMRhQgVMOkmv-Nsp6o0Xu88lMhp4KRw1wCbl40iY_2K7_Aj1na2Ezw
Request Chain 123
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIbvYegbTyAZOmHOtj0_agWAboyK3gTYkPNvppl3QGLvukq040MN6lodAd8v-xl6Mqor_hwTPmiRDj63bhKqt6V98AeS6wU&google_gid=CAESEOe9DGWK6fQXRxynRPXdiBw&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIbvYegbTyAZOmHOtj0_agWAboyK3gTYkPNvppl3QGLvukq040MN6lodAd8v-xl6Mqor_hwTPmiRDj63bhKqt6V98AeS6wU&google_gid=CAESEOe9DGWK6fQXRxynRPXdiBw&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAxMjMxODQ5MjkwMDAxMDAzMTMyOTE1Mw%3D%3D&google_push=AYg5qPIbvYegbTyAZOmHOtj0_agWAboyK3gTYkPNvppl3QGLvukq040MN6lodAd8v-xl6Mqor_hwTPmiRDj63bhKqt6V98AeS6wU
Request Chain 126
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOw492XBHHkeLbA3_VoOXbA&google_cver=1&google_push=AYg5qPLzSgHwluCU5UyyiLQOdLtPtK_Lx-PW1KRwFP4Yyr1SVW6TPdj8bR40t4UmdqnnozByC6-bO7sR6TCuTHo8aj5B6rOlfGw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lSTTdITFItMVotRUhNVg==&google_push=AYg5qPLzSgHwluCU5UyyiLQOdLtPtK_Lx-PW1KRwFP4Yyr1SVW6TPdj8bR40t4UmdqnnozByC6-bO7sR6TCuTHo8aj5B6rOlfGw
Request Chain 128
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAHzf43gVVrIO1e_dyoTkhs&google_cver=1&google_push=AYg5qPLyWUWgZab91BGfU_5DUlgePhCHV9WPPLRhD7E2OKdcXuTJ1N5Qb2KKtzEu3txAURTFvS-yAt9WVGJ3E6giNFsNK1ud5b1T HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLyWUWgZab91BGfU_5DUlgePhCHV9WPPLRhD7E2OKdcXuTJ1N5Qb2KKtzEu3txAURTFvS-yAt9WVGJ3E6giNFsNK1ud5b1T&google_hm=
Request Chain 149
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ6q04JOVgUGZeWlOjcD0Fl7IGSqrhUml7t2vkeBnX-nW5OeHEV8iGJMiabbMZ95N3Ps_4lQEVSm697zg9lafZmdEOTEk0&google_gid=CAESEH2xVUzYMjREj2YS9S1zy0c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWUyak9RQUFCV2V4Y1dGbA&google_push=AYg5qPJ6q04JOVgUGZeWlOjcD0Fl7IGSqrhUml7t2vkeBnX-nW5OeHEV8iGJMiabbMZ95N3Ps_4lQEVSm697zg9lafZmdEOTEk0
Request Chain 150
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKDMlLrYh9lXokgME4hAK9AYoIDVSp-YjC19nUVREWZ0H0D3wb_U5NP4Z046IUwJ8rIAtdKu_ovfsCoaBNbxTZFGl4XnVo&google_gid=CAESECtbHhpBr37c30UK7bpbzpo&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLnGto8GEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBLRE1sTHJZaDlsWG9rZ01FNGhBSzlBWW9JRFZTcC1ZakMxOW5VVlJFV1owSDBEM3diX1U1TlA0WjA0NklVd0o4cklBdGRLdV9vdmZzQ29hQk5ieFRaRkdsNFhuVm8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwZGh2UENNS2tUUzlYMkh0ZXBpNWlpY3lpSnBNNl9aaktlOXUzamhlU2hZSQ==&google_push
Request Chain 152
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENToMnQ3U38RZhxIJLExC5U&google_cver=1&google_push=AYg5qPIKCb99gUMzPj-GlmZid_rv68Q-DBaMCVCjjY2sgsWqgM-aoTkSjrgJjWW84KEmj5F8VVqgvelEpAiemITWMRU43NGYaRw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENToMnQ3U38RZhxIJLExC5U&google_cver=1&google_push=AYg5qPIKCb99gUMzPj-GlmZid_rv68Q-DBaMCVCjjY2sgsWqgM-aoTkSjrgJjWW84KEmj5F8VVqgvelEpAiemITWMRU43NGYaRw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YmKLLe4HRPOZZrFDFLzVeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIKCb99gUMzPj-GlmZid_rv68Q-DBaMCVCjjY2sgsWqgM-aoTkSjrgJjWW84KEmj5F8VVqgvelEpAiemITWMRU43NGYaRw
Request Chain 153
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOw492XBHHkeLbA3_VoOXbA&google_cver=1&google_push=AYg5qPIrZH65fygl6cEsyfT2JNr0Fk8O4Jrdi-Ru8mGKpfsQQ249eMq_p-n3OHMHpN-d2CRQVjlgTzVYcr2B_rmb-LHJMXsI_Sk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lSTTdIUkQtVy1DWk5P&google_push=AYg5qPIrZH65fygl6cEsyfT2JNr0Fk8O4Jrdi-Ru8mGKpfsQQ249eMq_p-n3OHMHpN-d2CRQVjlgTzVYcr2B_rmb-LHJMXsI_Sk
Request Chain 154
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAHzf43gVVrIO1e_dyoTkhs&google_cver=1&google_push=AYg5qPL3VrBvjBtDb4ZDMGJpgY8KYe6higgdQzcz0vx2OJu88S7gPd91MJXL373lKS66cWwYRPF52gVPeJ9kgZsiJzIKW4LAXI9j HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL3VrBvjBtDb4ZDMGJpgY8KYe6higgdQzcz0vx2OJu88S7gPd91MJXL373lKS66cWwYRPF52gVPeJ9kgZsiJzIKW4LAXI9j&google_hm=
Request Chain 178
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPL1RtU24_s1ZRAszoqYWq_1_MeC9hqhZsQAlWu6CpKRKSJS-DS8P-LMoMco9IMQGl41l1Qri5Tah0zQJeH32hxXVQtrHJ8&google_gid=CAESEH2xVUzYMjREj2YS9S1zy0c&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWUyak9RQUFBVGVvaHhEOQ&google_push=AYg5qPL1RtU24_s1ZRAszoqYWq_1_MeC9hqhZsQAlWu6CpKRKSJS-DS8P-LMoMco9IMQGl41l1Qri5Tah0zQJeH32hxXVQtrHJ8
Request Chain 179
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEO83x9H60Hk9PNn7uuneaA8&google_cver=1&google_push=AYg5qPJMNoAAROaxaxKJZzteuMrZVad485GDIYSe3goYEU4Ju2QyLXXg-H3W3fBUfFQClE8usFVwEy-fQn26EhiqKZFmlBa06dA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJMNoAAROaxaxKJZzteuMrZVad485GDIYSe3goYEU4Ju2QyLXXg-H3W3fBUfFQClE8usFVwEy-fQn26EhiqKZFmlBa06dA&google_hm=Q0FFU0VPODN4OUg2MEhrOVBObjd1dW5lYUE4
Request Chain 180
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENToMnQ3U38RZhxIJLExC5U&google_cver=1&google_push=AYg5qPK55se2zpPsAPoaLy33bv5Ja9CQAK2qYLdVdUNtSUo-2L4MIyr1DFJZZ8O5YdHweQfYCC3I0UU2cMpURhUTSFGMAG4CIGY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YmKLLe4HRPOZZrFDFLzVeQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK55se2zpPsAPoaLy33bv5Ja9CQAK2qYLdVdUNtSUo-2L4MIyr1DFJZZ8O5YdHweQfYCC3I0UU2cMpURhUTSFGMAG4CIGY
Request Chain 181
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOw492XBHHkeLbA3_VoOXbA&google_cver=1&google_push=AYg5qPI9KkfJB9cS2YizCyOpkp5AHwoEN0btLi_DCPDaWPjDlknl3OrTYDGUmCT0AS0cGAjtq4hTSzPzO50pU86SIO6CmYAHh1E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1lSTTdIV0ctSS1IME4x&google_push=AYg5qPI9KkfJB9cS2YizCyOpkp5AHwoEN0btLi_DCPDaWPjDlknl3OrTYDGUmCT0AS0cGAjtq4hTSzPzO50pU86SIO6CmYAHh1E
Request Chain 182
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_cver=1&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Ye2jOVVNK0GuxhAKqUgU6wAABJYAAAIB&google_gid=CAESEELhGZU9eyKgRPA0Xs59Q5E&google_push=AYg5qPJN7C1e-7HaqAnhLa13gs-kSRFyeXKFHAvwmcT6zG13jIBC4ruJwLFS5vWyqVgROGykC7rENnTN_gZMidxrTh7MqchHag&google_cver=1

182 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xy2.eu/
Redirect Chain
  • http://xy2.eu/nyup
  • http://xy2.eu/?redirect=nyup
  • http://xy2.eu/
11 KB
5 KB
Document
General
Full URL
http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache / PHP/5.5.38
Resource Hash
9b847cdddd76afdf9f352b63b7e6510009052da6bbb93537327c1d1676e0c9d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 23 Jan 2022 18:49:26 GMT
server
Apache
x-powered-by
PHP/5.5.38
cache-control
max-age=0
expires
Sun, 23 Jan 2022 18:49:26 GMT
vary
Accept-Encoding
content-encoding
gzip
transfer-encoding
chunked
content-type
text/html

Redirect headers

date
Sun, 23 Jan 2022 18:49:26 GMT
server
Apache
x-powered-by
PHP/5.5.38
location
/
cache-control
max-age=0
expires
Sun, 23 Jan 2022 18:49:26 GMT
transfer-encoding
chunked
content-type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
146 KB
51 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7dbb31746b1800a34e527080a37d4ae55206e1653b29466a8d729473c596b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 23 Jan 2022 18:49:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14341733191942690454
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
51909
X-XSS-Protection
0
Expires
Sun, 23 Jan 2022 18:49:27 GMT
js
www.googletagmanager.com/gtag/
91 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36872558-7
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25a4182a3f61e4c410d09c4c33263bc6780ac2e263c7b54f42d1e363052772c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36459
x-xss-protection
0
last-modified
Sun, 23 Jan 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 23 Jan 2022 18:49:27 GMT
style.css
xy2.eu/css/
9 KB
3 KB
Stylesheet
General
Full URL
http://xy2.eu/css/style.css
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
3f28118203d7cf4351e9bc81564dc5920c88afd3d8e4c2521dcb1f6c837e5285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
last-modified
Mon, 15 Nov 2021 07:15:16 GMT
server
Apache
etag
"25ae-5d0ce921e3dea-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0
accept-ranges
bytes
content-length
2238
expires
Sun, 23 Jan 2022 18:49:27 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72a1e3adb05674f8ef530b95cb931574347142640996f0abc5b25687b8b3d28e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 23 Jan 2022 18:49:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 23 Jan 2022 18:49:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Jan 2022 18:49:27 GMT
flipcounter.js
xy2.eu/js/
7 KB
3 KB
Script
General
Full URL
http://xy2.eu/js/flipcounter.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
87ac385a225113ecdfaab236cf5d9dc07cb24e24cafc9167d5ca608adccbfa0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
last-modified
Sun, 31 Dec 2017 09:17:38 GMT
server
Apache
etag
"1cff-5619f56448393-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
2237
expires
Sun, 23 Jan 2022 18:49:27 GMT
modernizr.custom.21954.js
xy2.eu/js/
3 KB
2 KB
Script
General
Full URL
http://xy2.eu/js/modernizr.custom.21954.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
87ccd2fba3c5f48709c2492fdeaaa0168982577c14132df74a4d6016eb6abc0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
last-modified
Sun, 31 Dec 2017 09:17:43 GMT
server
Apache
etag
"ac7-5619f56924595-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
1394
expires
Sun, 23 Jan 2022 18:49:27 GMT
counter-style.css
xy2.eu/css/
14 KB
2 KB
Stylesheet
General
Full URL
http://xy2.eu/css/counter-style.css
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
cb019b3a5c0b97a5b0c8e4987703516ba24b76594c5f8c83efd7990aa3bc6a8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
last-modified
Sun, 31 Dec 2017 10:49:16 GMT
server
Apache
etag
"392c-561a09df98eba-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0
accept-ranges
bytes
content-length
1665
expires
Sun, 23 Jan 2022 18:49:27 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
447873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jan 2023 14:24:54 GMT
adframe.js
xy2.eu/js/
16 B
306 B
Script
General
Full URL
http://xy2.eu/js/adframe.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
0059cb4ff0a271382c38af8a7367aaf45cbeb31449637d3928d25317401e2828

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
last-modified
Sat, 30 Dec 2017 21:02:30 GMT
server
Apache
etag
"10-5619511402320"
content-type
application/javascript
cache-control
max-age=0
accept-ranges
bytes
content-length
16
expires
Sun, 23 Jan 2022 18:49:27 GMT
paypal.jpg
xy2.eu/gfx/
9 KB
9 KB
Image
General
Full URL
http://xy2.eu/gfx/paypal.jpg
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
1ae6619173f92af4f0201b7204322213c714b56df437aa7d6482a1c141d5337c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
last-modified
Tue, 02 Jan 2018 13:00:56 GMT
server
Apache
etag
"2204-561cab086d14b"
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
8708
expires
Mon, 23 Jan 2023 18:49:27 GMT
paypal.png
xy2.eu/gfx/
5 KB
6 KB
Image
General
Full URL
http://xy2.eu/gfx/paypal.png
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
675f6b6dc673aae01f8ef949697ee544c8df8574ca090a4dd690776ec6e442ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
last-modified
Tue, 02 Jan 2018 13:00:54 GMT
server
Apache
etag
"158c-561cab06562ce"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
5516
expires
Mon, 23 Jan 2023 18:49:27 GMT
pixel.gif
www.paypalobjects.com/pl_PL/i/scr/
42 B
432 B
Image
General
Full URL
https://www.paypalobjects.com/pl_PL/i/scr/pixel.gif
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-cache
HIT, HIT
fastly-io-info
ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id
b3943a91c0247
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
42
x-served-by
cache-sjc10022-SJC, cache-hhn4057-HHN
x-timer
S1642963767.405355,VS0,VE0
etag
"dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
strict-transport-security
max-age=31557600
content-type
image/gif
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
95, 9
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/
283 KB
103 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
640a4c1b6bddd75fc6ef874621c7394adc5c652c12aa2999d82dacd25744f7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104363
x-xss-protection
0
server
cafe
etag
5968426978786009319
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 18:49:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/ Frame 04E8
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220119/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Sun, 23 Jan 2022 16:20:20 GMT
expires
Sun, 06 Feb 2022 16:20:20 GMT
cache-control
public, max-age=1209600
age
8947
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v21/
12 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v21/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b5f3ec0fd27f3c1500b420b2ed4ff557f5ddb65fbc83c21eae5cadc97dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xy2.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:33:50 GMT
x-content-type-options
nosniff
age
429337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12648
x-xss-protection
0
last-modified
Tue, 11 Jan 2022 19:19:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 19:33:50 GMT
wEO_EBrAnc9BLjLQAUk1VvoK.woff2
fonts.gstatic.com/s/courgette/v8/
24 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/courgette/v8/wEO_EBrAnc9BLjLQAUk1VvoK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0fe2d79a2476314a0ee068faa535cb80c352b228df20f226a3f1cfc96b762d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xy2.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 20:03:27 GMT
x-content-type-options
nosniff
age
427560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24984
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 05:18:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 20:03:27 GMT
RrQfboBx-C5_XxrBbg.woff2
fonts.gstatic.com/s/acme/v11/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/acme/v11/RrQfboBx-C5_XxrBbg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Courgette%7CAcme%7CMontserrat&subset=latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77fb74c793e3bfa921d1cbfa6f781ac9a024c2b8aec71efd5495977f68bf5a9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://xy2.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 05:53:03 GMT
x-content-type-options
nosniff
age
392184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8240
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 18:55:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 05:53:03 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36872558-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4473
date
Sun, 23 Jan 2022 17:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 23 Jan 2022 19:34:54 GMT
collect
www.google-analytics.com/j/
2 B
200 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=663875634&t=pageview&_s=1&dl=http%3A%2F%2Fxy2.eu%2F&ul=en-us&de=UTF-8&dt=XY2%20%7C%20URL%20Shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=886744971&gjid=1925836226&cid=1656118956.1642963767&tid=UA-36872558-7&_gid=1546978889.1642963767&_r=1&gtm=2ou1j0&z=21841367
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://xy2.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Jan 2022 18:49:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://xy2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
435 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-36872558-7&cid=1656118956.1642963767&jid=886744971&gjid=1925836226&_gid=1546978889.1642963767&_u=YEBAAUAAAAAAAC~&z=452822202
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://xy2.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 23 Jan 2022 18:49:27 GMT
content-type
text/plain
access-control-allow-origin
http://xy2.eu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca-pub-2614556310778759
fundingchoicesmessages.google.com/i/
89 KB
32 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2614556310778759?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
951d0af206d113af5cb9f1025b92f62593cfc2cf2cd2ea682f589bd9cd04fa6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y9MvHvOPmrI4RiwrmjH4ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-Y9MvHvOPmrI4RiwrmjH4ag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
script-src 'report-sample' 'nonce-Y9MvHvOPmrI4RiwrmjH4ag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-Y9MvHvOPmrI4RiwrmjH4ag' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
date
Sun, 23 Jan 2022 18:49:27 GMT
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36872558-7&cid=1656118956.1642963767&jid=886744971&_u=YEBAAUAAAAAAAC~&z=1116932693
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jan 2022 18:49:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-36872558-7&cid=1656118956.1642963767&jid=886744971&_u=YEBAAUAAAAAAAC~&z=1116932693
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jan 2022 18:49:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVOmseQgcC1lC-w9ZIh0Tlm38y-3eH9ZTZga9EBYIxaarBVjAgL5nFW4vcbkJE2vZ2r_qAFLyjmnq4qEEDnuw0=
fundingchoicesmessages.google.com/f/
42 KB
16 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVOmseQgcC1lC-w9ZIh0Tlm38y-3eH9ZTZga9EBYIxaarBVjAgL5nFW4vcbkJE2vZ2r_qAFLyjmnq4qEEDnuw0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQyOTYzNzY3LDUzNDAwMDAwMF0sIjREODg3MDAzLUIyRUUtNDRGQS05RENDLTAwRjYzN0M2OUE3RiIsIjhFMjRFRjU1LUU4RUUtNDIzMi1BRDY3LTEwQTI1NTMwNzc5NyIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHA6Ly94eTIuZXUvIixudWxsLFtdXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Je69o0mtxD8.es5.O/d=1/rs=AJlcJMydvUjzwfiAPOM_kfGnu3NwwQbXmw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ec403c9fa4ea38442cd18725dc986fdf97a2770a7e6fcee66e7b7bd5a086091
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3Mi55bjDbMj+r4obTfd2zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3Mi55bjDbMj+r4obTfd2zA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3Mi55bjDbMj+r4obTfd2zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-3Mi55bjDbMj+r4obTfd2zA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
210 B
640 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xy2.eu&callback=_gfp_s_&client=ca-pub-2614556310778759
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e0e3ee9231b89c10719324053661bfcb48d553f618b865763ff9b7ea99ce625e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6E54
247 KB
57 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&adk=1812271804&adf=3025194257&lmt=1642963767&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fxy2.eu%2F&ea=0&flash=0&pra=5&wgl=1&dt=1642963767314&bpp=29&bdt=117&idt=96&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=378143225127&frm=20&pv=2&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2d293e85e0dee0f28486cf25641aa3f1c9991f521d997bec0204e4d9badb7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 23 Jan 2022 18:49:28 GMT
server
cafe
content-length
58335
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 23 Jan 2022 18:49:28 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame A91C
67 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db65d2c97f8b9d00bf686ab6e7ae3533ab3f959efd0aec7c23515e9794d378a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 23 Jan 2022 18:49:28 GMT
server
cafe
content-length
28374
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 23 Jan 2022 18:49:28 GMT
cache-control
private
AGSKWxVDd3pf7jAUJ2bhcOrHcV-VCi7HHVHMJ7efhOGhFJaKKcwiA6C61OOcC4os95mAoB5TF_5MLfS8b855o1hpX62P1ezQbumBPjCpgiVI5olvJIwvIuC6bUTl1UMTL4DKXi-ytJzvdWoBrbwns6GnP1iydCMuDovwUpvYnx_DcRF3TZiMu6y_uyWUaJ6s
fundingchoicesmessages.google.com/el/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVDd3pf7jAUJ2bhcOrHcV-VCi7HHVHMJ7efhOGhFJaKKcwiA6C61OOcC4os95mAoB5TF_5MLfS8b855o1hpX62P1ezQbumBPjCpgiVI5olvJIwvIuC6bUTl1UMTL4DKXi-ytJzvdWoBrbwns6GnP1iydCMuDovwUpvYnx_DcRF3TZiMu6y_uyWUaJ6s
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.gDrjrnPLQgI.es5.O/d=1/rs=AJlcJMzYLrppK0-JTz33Xs5bZ_FIhbJmpw/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j2tNSbfJxyJQ/9cTxiM0vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j2tNSbfJxyJQ/9cTxiM0vQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://xy2.eu/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
access-control-max-age
86400
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
http://xy2.eu
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-j2tNSbfJxyJQ/9cTxiM0vQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j2tNSbfJxyJQ/9cTxiM0vQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWE8VE2U4yO1ou2Pn2PC419M3MtT6P0OPMM2lT_zJI3bXS55N_LOzUrr8xOBCMV-_fIypyG2N2ybgqPK9TFT2UpzwocIXngR8_fqqgR70CIwft3EiiVv-PPM5ThMUM-o5Z35PCbONC5UrKxQP0b0NV82q1X_P_gVdjMs5kVoZtzEWeBFrfw4d6j0qMr
fundingchoicesmessages.google.com/f/
80 KB
28 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWE8VE2U4yO1ou2Pn2PC419M3MtT6P0OPMM2lT_zJI3bXS55N_LOzUrr8xOBCMV-_fIypyG2N2ybgqPK9TFT2UpzwocIXngR8_fqqgR70CIwft3EiiVv-PPM5ThMUM-o5Z35PCbONC5UrKxQP0b0NV82q1X_P_gVdjMs5kVoZtzEWeBFrfw4d6j0qMr?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQyOTYzNzY3LDU5NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwOi8veHkyLmV1LyIsbnVsbCxbXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.gDrjrnPLQgI.es5.O/d=1/rs=AJlcJMzYLrppK0-JTz33Xs5bZ_FIhbJmpw/m=iabccpawebsignalscript
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f98f03afc204a10fe3a098b2ef55eb0d6647b3c580bf25491ace3cede94e8c93
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N1/CXpGsnF8nMuZWjRgPow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N1/CXpGsnF8nMuZWjRgPow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jan 2022 18:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-N1/CXpGsnF8nMuZWjRgPow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N1/CXpGsnF8nMuZWjRgPow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
fueltiktok.png
xy2.eu/gfx/
67 KB
67 KB
Image
General
Full URL
http://xy2.eu/gfx/fueltiktok.png
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
8cd2ebc8fdaadba414e278a58130d76b431a8e39e469230d039024490087f95d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
last-modified
Tue, 04 Jan 2022 11:21:44 GMT
server
Apache
etag
"10a2c-5d4bfd79e60aa"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
68140
expires
Mon, 23 Jan 2023 18:49:27 GMT
xy2-chart.png
xy2.eu/gfx/
220 B
505 B
Image
General
Full URL
http://xy2.eu/gfx/xy2-chart.png
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
HTTP/1.1
Server
93.157.97.6 , Poland, ASN34360 (OGICOM, PL),
Reverse DNS
v2416.vps.ogicom.net
Software
Apache /
Resource Hash
87a8b9554a46930e118f1a2b6690f35026c2f510ed907a1881506cfd398d460b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:27 GMT
last-modified
Fri, 12 Jan 2018 08:19:15 GMT
server
Apache
etag
"dc-5628feb96c68e"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
220
expires
Mon, 23 Jan 2023 18:49:27 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 44D6
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCeghiGUF7g5aL2olAcjldtM8dT3P4opAq6K04Wrn0xPzPIdR7Ghr9uFCUpbVx_7zEzQMAjv6y5KDxwBsWv2rUB-c1v-j9s8RnNONQplix-P03EjpEHgEFSbbeSMFzRoevE0c-twI5lp9Jb9F1ZwC2JVCv3o_CmN8TBVulK3mxzLbAQqioGzO6uIYWwY4wEZllgPcWB_hyIgCeIxQ204DalNdkJBoci6dG7GjUOe_ujceFRhqyZJBlWfig9F9-DsBXjzqdVzLXUC4HR85167Mrwt_xBLYhUvtmlm73vQPBSQR5y2wpGnPQhM0qLap4Y4JEgUpt4Pkjpw0UhllmEQfEYoW9p-goLO1pj7Wa5BV9XCc0W9eIsqhPleKjrxW1ljoeW0stKfOIbZ5qQugs6AIs6rOy3WeNNaDjnkF8tYaDOntL4KZSgYC5qgtcZzrIQcLGSLVDBzfVjr-OmRRRFBvJMeW17v-SX65bvqa7E0gsLtQTrNkysw1RYZhTMMS0-z-62pnhzyLi4X5pWAooOXBRptI6I1F4kD7DOIIIm5xbxgkHZhaQOp2AC4L7AE9_z_eoyZkosPbfsP2tm9ZXQdRo4zFnZi4ENUWi6YbIp5JNbhrATzUeeaH5QoCPAmSZa-XU0znMF3mGNKiayYvI22dzK9Ffe4BxWunnWtQskFujtMdviWoicl34QMr-eBJKxJTTJbSDjW6NOWxkqQyYH7C3Vsa4MbrqRBHbf8jWUo8sac1chHeOM2BX5PxI18tuI-TlOoVdf9WO2Tx4ni9sXtzADz8WcB7LOmMfgwr5E1z02lLuEZudWn4hGtBFmJ3HsMiqwK0OAffT1OotHJYoB3sxc6FjC1JVYJ3SXC9TCRvrSL_kZyUGix0dhzvyzS4gonieICqH1upgt96DWRLjaM6lZq9-26NB&sai=AMfl-YSSJOOjNXx7-tZLswK8Is1t_UCuisX1NNNyhwZfO3jCcmckbFW4hOhaiA&sig=Cg0ArKJSzKfVj_MLN39sEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 23 Jan 2022 18:49:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Sun, 23 Jan 2022 18:49:28 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 44D6
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: xy2.eu
URL: http://xy2.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 15:54:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
356126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jan 2023 15:54:02 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 44D6
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
99f2d327c1ba974f26c36ae210f8e4b1a4711604670aa472f8e5ad4f86996879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13124
x-xss-protection
0
server
cafe
etag
8348368034461324533
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Feb 2022 18:40:17 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 44D6
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Feb 2022 18:44:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44D6
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
425f48a06ab0e9a4a4d792a6677189720f377ec09a073ecdae6232a89cc221f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38060
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1642595990432946"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Jan 2022 18:49:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/ Frame 44D6
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:37:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
736
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Feb 2022 18:37:12 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/ Frame 44D6
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Feb 2022 18:43:20 GMT
18156852081126330790
s0.2mdn.net/simgad/ Frame 44D6
13 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/18156852081126330790
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=200&slotname=1428154055&adk=624732521&adf=3788724914&pi=t.ma~as.1428154055&w=1200&fwrn=4&lmt=1642963767&rafmt=11&psa=0&format=1200x200&url=http%3A%2F%2Fxy2.eu%2F&flash=0&wgl=1&dt=1642963767314&bpp=9&bdt=117&idt=127&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=298&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=MSQYYPKwe0&p=http%3A//xy2.eu&dtd=233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53e374adda52950799fd53164eb030ecd429af493757f48b67ed8cd38cf29dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:23:12 GMT
x-content-type-options
nosniff
age
383176
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13415
x-xss-protection
0
last-modified
Fri, 30 Jul 2021 17:56:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 19 Jan 2023 08:23:12 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6F51
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 10:49:42 GMT
expires
Thu, 19 Jan 2023 10:49:42 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
374386
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 44D6
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1685e996494e2b3050a56cf95d523f7cfd924bbdb4d843c540032d69dbc635ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 6F51
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 22 Jan 2022 00:06:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
153767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 22 Jan 2023 00:06:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/
12 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220119&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9248f8fe1c422fd6e8398cdeebc1743f3948213566fb4639f22f778f9dfca9d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9107
x-xss-protection
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/
149 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/reactive_library_fy2019.js?bust=31064212
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a53b41f2603ae1b5245071c2e43a039b0be5eb018a8b204f32ea383421510127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54135
x-xss-protection
0
server
cafe
etag
12979660346658298962
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Jan 2022 18:49:28 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3E31
96 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3809598800&adf=1604629528&pi=t.aa~a.1977423791~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1642963768&rafmt=1&to=qs&pwprc=4261460615&psa=1&format=1200x280&url=http%3A%2F%2Fxy2.eu%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1642963768294&bpp=1&bdt=1097&idt=-M&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5073ae271b291303-222b16f027cd00db%3AT%3D1642963767%3ART%3D1642963767%3AS%3DALNI_MY1aIhJwex4Ojg9Ql4RVJJf-2s_2Q&prev_fmts=0x0%2C1200x200&nras=2&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=IEdnyoP4MU&p=http%3A//xy2.eu&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44c62714e1c0144bf40c7aec33f20b6566198027f6ecdb2a06fec3fd6d2e0efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 23 Jan 2022 18:49:28 GMT
server
cafe
content-length
33783
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame 00AA
98 KB
34 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=768393861&pi=t.aa~a.1977423791~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1642963768&rafmt=1&to=qs&pwprc=4261460615&psa=1&format=1200x280&url=http%3A%2F%2Fxy2.eu%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1642963768294&bpp=1&bdt=1097&idt=-M&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5073ae271b291303-222b16f027cd00db%3AT%3D1642963767%3ART%3D1642963767%3AS%3DALNI_MY1aIhJwex4Ojg9Ql4RVJJf-2s_2Q&prev_fmts=0x0%2C1200x200%2C1200x280&nras=3&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=2q0fj00F3v&p=http%3A//xy2.eu&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44f955b7403bb95c3b754ef5c646519cf4efc5e511eb305cb8bec012e511811f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 23 Jan 2022 18:49:29 GMT
server
cafe
content-length
34303
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
googleads.g.doubleclick.net/pagead/ Frame C89F
84 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2614556310778759&output=html&h=280&adk=3088186576&adf=2167731293&pi=t.aa~a.1977424468~rp.2&w=1200&fwrn=4&fwrnh=100&lmt=1642963768&rafmt=1&to=qs&pwprc=4261460615&psa=1&format=1200x280&url=http%3A%2F%2Fxy2.eu%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1642963768294&bpp=1&bdt=1097&idt=0&shv=r20220119&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5073ae271b291303-222b16f027cd00db%3AT%3D1642963767%3ART%3D1642963767%3AS%3DALNI_MY1aIhJwex4Ojg9Ql4RVJJf-2s_2Q&prev_fmts=0x0%2C1200x200%2C1200x280%2C1200x280&nras=4&correlator=378143225127&frm=20&pv=1&ga_vid=1656118956.1642963767&ga_sid=1642963768&ga_hid=663875634&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C44753738%2C31064071%2C31064212%2C31063247&oid=2&pvsid=2852954384784121&pem=501&tmod=1354905088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=HxQ9FtlpcN&p=http%3A//xy2.eu&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dd01591fdc71387330a3eb165c78cd43871554099c309427e9d4ed92ad65f49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 23 Jan 2022 18:49:29 GMT
server
cafe
content-length
31146
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Jan 2022 18:49:28 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xy2.eu
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 23 Jan 2022 18:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/ Frame 60F2
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Sun, 23 Jan 2022 16:02:39 GMT
expires
Sun, 06 Feb 2022 16:02:39 GMT
cache-control
public, max-age=1209600
age
10009
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/ Frame 96B5
11 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2614556310778759&plah=xy2.eu&bust=31064212
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Sun, 23 Jan 2022 16:02:39 GMT
expires
Sun, 06 Feb 2022 16:02:39 GMT
cache-control
public, max-age=1209600
age
10009
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 60F2
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 23 Jan 2022 18:29:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 23 Jan 2022 18:49:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Jan 2022 18:49:28 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60F2
205 B
743 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 15:07:25 GMT
x-content-type-options
nosniff
age
13323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 15:07:25 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60F2
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 01:59:01 GMT
x-content-type-options
nosniff
age
60627
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 23 Jan 2023 01:59:01 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/ Frame 60F2
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220119/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 18:45:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
server
cafe
etag
11153116566150069083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 06 Feb 2022 18:45:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6470
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 23 Jan 2022 18:05:55 GMT
expires
Mon, 23 Jan 2023 18:05:55 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
2613
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1D69
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
819555d19fa3270316322cd73ba056f8c1ef44bbdb845665c896bfb7b173c0a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u93Rk30gsuWCTBqLI+0Kqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://xy2.eu/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 23 Jan 2022 18:49:28 GMT
date
Sun, 23 Jan 2022 18:49:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-u93Rk30gsuWCTBqLI+0Kqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
4f0fd669188cad1c7ccc61140507409e.js
www.gstatic.com/mysidia/ Frame 96B5
8 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4f0fd669188cad1c7ccc61140507409e.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d6d254d04b4d7ed36b0cc3c11fbc46d4cf376428a1a110bb7e0617a3034ff64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3356
x-xss-protection
0
last-modified
Thu, 20 Jan 2022 13:53:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 20:41:01 GMT
6c2d6b1206f3d1fe21ef2c83ec0fd504.js
www.gstatic.com/mysidia/ Frame 96B5
8 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/6c2d6b1206f3d1fe21ef2c83ec0fd504.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f464b353ea31f3c703986ea74b4578e04b7d5c0ab28f46db9895890afeec2309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 20 Jan 2022 20:41:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 20 Apr 2022 20:41:01 GMT
8b63a7a81b6f18e94cb38611e7e405da.js
www.gstatic.com/mysidia/ Frame 96B5
13 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b63a7a81b6f18e94cb38611e7e405da.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220119/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7debeded2ce4396d68b238ac794f72190b46da88f73bc09110809da5ce42113c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 12:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
453562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5516
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:50:06 GMT
css
fonts.googleapis.com/ Frame 96B5