6b.cz Open in urlscan Pro
46.28.105.70 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://6b.cz/P12X
Effective URL:
https://6b.cz/sh.php?P12X
Submission: On September 15 via manual (September 15th 2023, 7:35:41 pm UTC) from US — Scanned from DE

Summary HTTP 137 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 15 domains to perform 137 HTTP transactions. The main IP is 46.28.105.70, located in Czech Republic and belongs to WEDOS, CZ. The main domain is 6b.cz.
TLS certificate: Issued by R3 on August 17th 2023. Valid for: 3 months.

This is the only time 6b.cz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	46.28.105.70 46.28.105.70	197019 (WEDOS) (WEDOS)
19	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	88.86.101.2 88.86.101.2	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4 15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2 38	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
9	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4007:815::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:62::8	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
137	26

3 46.28.105.70 (Czech Republic) 1 redirects

ASN197019 (WEDOS, CZ)
PTR: hc1-wd223.wedos.net

6b.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.86.101.2 (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)
PTR: www2.toplist.cz

toplist.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4007:815::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:62::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nsk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com 2 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 152	714 KB
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 660 csm.eu.criteo.net — Cisco Umbrella Rank: 9485 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9832	269 KB
16	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 bid.g.doubleclick.net — Cisco Umbrella Rank: 949	198 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	128 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183 www.googleadservices.com — Cisco Umbrella Rank: 151	599 B
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 56 imasdk.googleapis.com — Cisco Umbrella Rank: 501	137 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	284 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1293 r3---sn-4g5e6nsk.c.2mdn.net — Cisco Umbrella Rank: 848366	2 MB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9400 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10535 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17123	52 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	21 KB
3	6b.cz 1 redirects 6b.cz	4 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	6 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	79 KB
1	toplist.cz toplist.cz — Cisco Umbrella Rank: 81976	414 B
137	15

	Domain	Requested by
38	tpc.googlesyndication.com	2 redirects googleads.g.doubleclick.net 6b.cz imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	6b.cz pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
12	imageproxy.eu.criteo.net
9	static.criteo.net	ads.eu.criteo.com
8	www.googleadservices.com	6b.cz
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	csi.gstatic.com	imasdk.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	6b.cz	1 redirects 6b.cz
2	r3---sn-4g5e6nsk.c.2mdn.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com 6b.cz
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	6b.cz www.google-analytics.com
1	rtb.fr3.eu.criteo.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.google-analytics.com
1	toplist.cz	6b.cz
137	27

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.toplist.cz

Subject Issuer	Validity	Valid
6b.cz R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
toplist.cz R3	`2023-07-22` - `2023-10-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2023-10-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-09-12` - `2023-11-21`	2 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://6b.cz/sh.php?P12X
Frame ID: 69A1AE2D5B8634E61F09F9F9718AF1EC
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: 08D7C7209DE3AB34F8FB238E8814D8ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268
Frame ID: 85239EBF67E457331CA0A7775A0D4098
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1996759695&adk=2034842585&adf=745599300&pi=t.ma~as.1996759695&w=500&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=500x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536747&bpp=1&bdt=199&idt=272&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7800272822193&frm=20&pv=1&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dGHK9LlsPd&p=https%3A//6b.cz&dtd=275
Frame ID: 23B0F072018D9C2F54049F2816F0796A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&adk=1812271804&adf=1573534164&lmt=1694799337&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536760&bpp=1&bdt=212&idt=264&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C500x280&nras=1&correlator=7800272822193&frm=20&pv=1&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=271
Frame ID: 5916E0EA426B03833EF121E7A1A47187
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB14236D8573084B7BC33437CF1D322B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: A72BBA8AD578268D160337B4D7ABC557
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: DB8BA8085444B63488EC106B66036CC4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1B017688201C762710AB62BF6C02CD59
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: 534B389227EACBB3483C05DE3784D762
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: A51F57AD30D3F116643ECE2ABADD4923
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1509050098F58F2B8CB8BC0F9D7DB0FC
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQSyCQACbE8GrQYSAAd2YyvwvxZSEtXku3kz_g&u=%7CaOqHK4vaI7PSAGVLX%2BoRoCE5Az7co0Jf084SG%2FPBlhI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKVUbnMev71fNAJD1VJtanNFC4M49_5xZIiCSLC2FPdfR9p47H9Qc61Nkwl0-bGjaQBGqIG8gtJFMfKhC6JFfyawo6-6svx9v0CV9OW29u0sdwGP-rvVZA932zWVZ3ah1D651_czNFNOcbW90curiaOVP49unYSAbw77fNCEbEKhxd6E6wYGofM9SapX0R13SuR0W70VRitoOju73GgxAMVJv38rJ8LTIRoETapVduqeUnmsZNExXDP44XPbI6J6zgRWu9_fh1Sro0HytACr7uZE1u4UHMUyadswwcaQjxrs7cAq9JWm6mZ1OTS891TJW-GNxYxhElb9jmR6QSF1ea259phmcRIh54bEpl5CUgkIckqYsMK4ThMBjGNiHjm0WlLTO84MGkEsCbzmtXr9ExMN2THk725dAYTobGj4gKkdUB95jyPRwPhljjpOavVXz4V9z087NaoUYSHhlCxgvGH7LrkrrRcbeY3eTCkxB0q3fTJAHaY-MmP9cCg8N70sTiEX5FhDRwMfps5FVz5YCY7ILa_gsRKx_QQIS1fnIkuE3DEUtoWfEGvI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBE9zCbIEZc_YCZKMtOUP4-ydqAPJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc1MDMxMzY5NTIwOTUxMTDIAQmpAjT2-VDP5LE-qAMByAMCqgS3AU_Q7kAz3xowTG05Ce-1i98nWOQrduJy0Br4gsi7Ma3N8GVR72UjU9DepAMs_dtP7PiaOYYrNJexGH6P_iaeXshD48saosE1T3yjAJDPzyuzZ73K3B2x05fzfh8VTlHoNC7rapzuXrdKyIEhVhCfwdAvmqaqlqz-CU17AAxFpAvurDFEKl1We6Xv5boQe69ugpdHT76ALEaT4Eu0UmhxX0RBlxv_hwhOGw0yKwiGD_5gT6POnalKW4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39SlthIndK8OkPRBBSuoGxTSeOXA%26client%3Dca-pub-7503136952095110%26adurl%3D
Frame ID: 0B87B32A96859AC116D343C91CD12CE7
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Frame ID: 9047089140018FC37A22D9595C80E9D4
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 8BA6EB19150DDDA9D0A8F4A6019D7230
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js
Frame ID: 72CAB1588829EA39AE3D2C0BD2BFA971
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7780C92864C244BCA523492E108C74A9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 105B7C7BC0FBACF36B7AF63FB4DA7FEF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8210B41E73C06037E3BDD8BC53D2189A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zkracovač URL adresy | URL shortener

Page URL History Show full URLs

http://6b.cz/P12X HTTP 302
https://6b.cz/sh.php?P12X Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

137
Requests

95 %
HTTPS

81 %
IPv6

15
Domains

27
Subdomains

26
IPs

4
Countries

4050 kB
Transfer

6729 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: http://www.toplist.cz/
Title: <img src="http://toplist.cz/dot.asp?id=1470309" border="0" alt="TOPlist" width="1" height="1" />

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://6b.cz/P12X HTTP 302
https://6b.cz/sh.php?P12X Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 38

https://googleads.g.doubleclick.net/pagead/adview?ai=C3JkCCbIEZfvoA4bK6wT03bYYn7uT-nLXu9K_8BGk5_LtlQIQASCc-LUjYJWCgICYB6ABh7_gyAPIAQGpAtVdRS_gn5E-qAMByAPLBKoEzQFP0N5n_m7ZrcvlAgvE-qKChT6iuvOkQ6xCYEFbIPl1IqywX1CFm2yjPW7x6PJVI8mj12WVrQW_78NVm0_MsdnVcnyvEJ4lFq9ivoLOsaAr9ZhIluizOwCZFhAhRIvdwxX4UpYFR4qqU_lrdY7jvaygYNYLipwbt0FGDL6HSALM-qqXsxrXyUH6hfURmL8q17V5WqnMKbjubXm5bjsEV51WwNWMvBhCl-WQEko1Kgzl46kbxxtbzfE60rMCSjSJ3UevrxnW3grkGAsderVkwAT5nufkvwSIBYbcxbVMkgUECAQYAZIFBAgFGASAB-HAnzeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCJ6wTSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgnJAmh0dHBzOi8vZGUuaWduYWx5LmNvbS9kc3I_cT0zNjAlMjByZXZpZXclMjB0b29scyZhc2lkPWl5X2NoNjM1JmRlPWMmc2NsaWQ9MC0yNDI4MyZnY2xpZD17Z2NsaWR9JnJhYz0zNjAlMjByZXZpZXclMjB0b29scyZ0ZXJtcz1lbmdhZ2VtZW50JTIwc3VydmV5JTIwcHJvdmlkZXJzLGVtcGxveWVlJTIwZW5nYWdlbWVudCUyMHN1cnZleSUyMHZlbmRvcnMsYmVzdCUyMGVtcGxveWVlJTIwZW5nYWdlbWVudCUyMHN1cnZleSUyMHRvb2xzLGJlc3QlMjBlbXBsb3llZSUyMGVuZ2FnZW1lbnQlMjBzdXJ2ZXklMjB2ZW5kb3JzLHRvcCUyMGVtcGxveWVlJTIwc3VydmV5JTIwY29tcGFuaWVzgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTc1MDMxMzY5NTIwOTUxMTAYAA&sigh=ZQ0hSuHcmuc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWeBkZEieljewMfw0voAHvEydLlbIYahgB&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212261608715007243384%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22957882247%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225898173224241231345%22}&andc=true

Request Chain 39

https://googleads.g.doubleclick.net/pagead/adview?ai=ClFDlCbIEZaKbA53B78EPqf2LyAO0lN_2cofcpeyTEfar8oz4NRABIJz4tSNglYKAgJgHoAHBstPbA8gBCakCNPb5UM_ksT6oAwHIA8sEqgTHAU_QVxHL2NBSBEq2MgQp0ZeQfjpCM_1keCTIWZ7GyrJj31GNGtMBwoGOofJnwsGn5gpZ6CsuN2sPDsrkiOfWW3fte8_vMTkZWheVMOa_KZgSWHZ_x4kAhBj-vqCVfI_cFzo2fwJqT4RnOm2-pihvnr5DAt5OBcxw3v306GRiNwb2R5w-U5kpOe_nDpnE-UVVYUHyp6oDg6ywG7WKQ2cFnmAzjk80qIHsE_Z6RPVbuDWVftzH4E54HTVcxA3RJ9iLBqLPGVIRqDfABKCgkK_eA4gF3evC1yuSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHgdjnoAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCfyQjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgkuaHR0cHM6Ly93d3cuam95bi5kZS9zZXJpZW4vZm9yc3RoYXVzLXJhbXBlbnNhdYAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTAzMTM2OTUyMDk1MTEwGAA&sigh=g4v5GQK7hBA&uach_m=%5BUACH%5D&ase=2&cid=CAQSGwBpAlJWXsDxQMkq1VQSwGzjPy2B1HLIhq2WjxgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212255398244504313567%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22997513537%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224844009476262760801%22}&andc=true

Request Chain 72

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L HTTP 301
https://tpc.googlesyndication.com/simgad/13693739128686457384

Request Chain 82

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L HTTP 301
https://tpc.googlesyndication.com/simgad/13693739128686457384

Request Chain 91

https://googleads.g.doubleclick.net/pagead/adview?ai=Cadt-CbIEZdHYCZKMtOUP4-ydqAPfjoaLcubKlf-jCWQQASCc-LUjYJWCgICYB6ABtdWO2QPIAQmpAjT2-VDP5LE-qAMByAPLBKoEyQFP0DCuB_8KdVRgzaguKE7ngMvoRfoV7bOETJ1o25wv2mTGHH7Wu1FNbCe766wX1Z5-5ero6XkWYjvpwXA6VeQdDjiWB52R0LB6-uqNcBLkhkT8nUaxXoxjpUPSnGatINhuX7tlDU7lmPpsaXj8Qk1OU7qxp-_TCp26WrSMbtMDwxWDERE6kWlmJlEt2HfRIqpl8baUSB7G46qhQtO6DsTmwsmUnv2xkq-1BA2fvjTOeFaMW4y4JsD1OZBCU7WpIfklA1SRka24Gp7ABLujuaWMAogFr_DUxAeSBQQIBBgBkgUECAUYBKAGLoAHipyxL6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD30AHSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgl_aHR0cHM6Ly91cmxhdWIuY2hlY2syNC5kZS92ZXJnbGVpY2gvMjAwNS02LTYtMC9UcmF1bWhhZnRlbiUyMFVybGF1YiUyMGJ1Y2hlbj93cHNldD1nb29nbGVfcmVpc2VuX2NvX2R5bmFfcmVtYSZnY2FtaWQ9MjAyMzA0NTE2N4AKAcgLAdgTC4gUBdAVAYAXAbIXHAoaCAASFHB1Yi03NTAzMTM2OTUyMDk1MTEwGAA&sigh=PfRqbwwzTKM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWQ0dBCjm5c-TpaPU-nqzCUU5kKvhifxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213410686928562117372%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22992193205%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226770867916431720129%22}&andc=true

Request Chain 92

https://googleads.g.doubleclick.net/pagead/adview?ai=CwwFxCbIEZdDYCZKMtOUP4-ydqAPfjoaLcubKlf-jCWQQASCc-LUjYJWCgICYB6ABtdWO2QPIAQmpAjT2-VDP5LE-qAMByAPLBKoEyAFP0CFMFlPxDV_30sKSnzdCV31rEELG5NEi_ZObpgL4AgdLY18LnCzHU7hqi9oiJ0yieBPJbpLj7ZWAsMXMpgRJXUMB-EJom9N_be9mZR-5PdS1SdeWrEdnDGUsabpJFQPnqx4moen2ak_tpq-LdL0aAj54S1SeGMfYXNvnyIBMMpKy7CQu3rPkRni37p8_1m4qtmq11t2yR_eJcSifLWyoDxQMDNy9Vz1jQ0W650kTA1eSEtcdDT8R2eXygZAKsvgsvnDfWEf4j8AEu6O5pYwCiAWv8NTEB5IFBAgEGAGSBQQIBRgEoAYugAeKnLEvqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEENjAAdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCX9odHRwczovL3VybGF1Yi5jaGVjazI0LmRlL3ZlcmdsZWljaC8yMDA1LTYtNi0wL1RyYXVtaGFmdGVuJTIwVXJsYXViJTIwYnVjaGVuP3dwc2V0PWdvb2dsZV9yZWlzZW5fY29fZHluYV9yZW1hJmdjYW1pZD0yMDIzMDQ1MTY3gAoByAsB2BMLiBQF0BUBgBcBshccChoIABIUcHViLTc1MDMxMzY5NTIwOTUxMTAYAA&sigh=F9DJjRt_uIM&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWQ0dBCjm5c-TpaPU-nqzCUU5kKvhifxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217072819375686381263%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22992193205%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218434616659967290321%22}&andc=true

Request Chain 107

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8EB27A64E769174FF6152382310D2E5976E9ECE0.4B535212CFDF07C87F639725C0989262061CB57E/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C12BDDA3029FC11C33B3190B0A028E020EF88F8.811522FF9B328F7E70FF99BA678C5F5D505CB895/key/cms1/cms_redirect/yes/mh/C5/mip/2001:1b60:1010:3:1011:c513:d6e2:2652/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1694804969/mv/u/mvi/3/pl/29/file/file.mp4

137 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sh.php Show response
6b.cz/
Redirect Chain

http://6b.cz/P12X
https://6b.cz/sh.php?P12X

3 KB
1 KB

91ms
30ms

Document
text/html

46.28.105.70
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL: https://6b.cz/sh.php?P12X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.28.105.70 , Czech Republic, ASN197019 (WEDOS, CZ),
Reverse DNS: hc1-wd223.wedos.net
Software: Apache /
Resource Hash: 55d9003b1db0eb8c5747d363f7d3b73ad704a78774c00524512da0602dd90b29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
content-encoding: gzip
content-length: 1262
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 19:35:36 GMT
expires: Fri, 15 Sep 2023 19:40:36 GMT
server: Apache
vary: Accept-Encoding

Redirect headers

Cache-Control: max-age=300
Connection: Keep-Alive
Content-Length: 209
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 15 Sep 2023 19:35:36 GMT
Expires: Fri, 15 Sep 2023 19:40:36 GMT
Keep-Alive: timeout=2, max=500
Location: https://6b.cz/sh.php?P12X
Server: Apache

GET
H2 200 cookieconsent.min.js Show response
6b.cz/js/ 4 KB
2 KB 30ms
29ms Script
application/javascript 46.28.105.70
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL: https://6b.cz/js/cookieconsent.min.js
Requested by: Host: 6b.cz
URL: https://6b.cz/sh.php?P12X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.28.105.70 , Czech Republic, ASN197019 (WEDOS, CZ),
Reverse DNS: hc1-wd223.wedos.net
Software: Apache /
Resource Hash: 190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/sh.php?P12X
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:36 GMT
content-encoding: gzip
last-modified: Fri, 23 Oct 2015 15:48:37 GMT
server: Apache
etag: "11d8-522c78b739f40-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=259200
accept-ranges: bytes
content-length: 1946
expires: Mon, 18 Sep 2023 19:35:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 129ms
78ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a8607d57ec337c318ca0fd16472721cea9f253a88276cc3a17121e8474d612b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50916
x-xss-protection: 0
server: cafe
etag: 11023495668891164302
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:36 GMT

GET
H2 200 dot.asp
toplist.cz/ 42 B
414 B 147ms
37ms Image
image/gif 88.86.101.2
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://toplist.cz/dot.asp?id=1470309&http=&t=Zkracova%u010D%20URL%20adresy%20%7C%20URL%20shortener&wi=1600&he=1200&cd=24

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.86.101.2 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

www2.toplist.cz

Software

Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w: 4
content-type: image/gif; charset=utf-8
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
expires: Thu, 02 Dec 2004 16:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 17:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6353
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 19:49:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
214 B 258ms
257ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=51297506&t=pageview&_s=1&dl=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&ul=en-us&de=UTF-8&dt=Zkracova%C4%8D%20URL%20adresy%20%7C%20URL%20shortener&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2100833550&gjid=494070470&cid=106695469.1694806537&tid=UA-73209661-1&_gid=1974896889.1694806537&_r=1&_slc=1&z=484446226

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b5b9ff92a08bd22847e931c4985aa53525797e63f5c54ebc8460c55272147b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://6b.cz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://6b.cz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 380 KB
129 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7503136952095110&plah=6b.cz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ed792fd649743d6701db53907944049f12392de37c2060ccb5ef52fd9ac67a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131914
x-xss-protection: 0
server: cafe
etag: 7852470265949804803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame 08D7 10 KB
5 KB 77ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80955
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 21:06:21 GMT
etag: 8554266389219770021
expires: Thu, 28 Sep 2023 21:06:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 86ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LM365SGN8R&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb9bf6d1f29ee05a31de95b8ec6c17f134affbbf5c1e5b336e317b6d5bd5650e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 19:35:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
599 B 89ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=6b.cz&callback=_gfp_s_&client=ca-pub-7503136952095110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7503136952095110&plah=6b.cz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

febc10c8b01f97a131201472c7e79ee4836921088dccba20d75f5314a9e838d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8523 116 KB
39 KB 620ms
619ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c449a63f1f48b37c6136fab4b567c23ee68dcc1fd9a297d0e2586be31454876f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39613
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:37 GMT
expires: Fri, 15 Sep 2023 19:35:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23B0 108 KB
38 KB 589ms
588ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1996759695&adk=2034842585&adf=745599300&pi=t.ma~as.1996759695&w=500&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=500x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536747&bpp=1&bdt=199&idt=272&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7800272822193&frm=20&pv=1&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dGHK9LlsPd&p=https%3A//6b.cz&dtd=275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f364e0a4e0c7c62eb7bd316156876c3b95b7886c9843222c6cd740185b88b8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:37 GMT
expires: Fri, 15 Sep 2023 19:35:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5916 468 KB
82 KB 775ms
775ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&adk=1812271804&adf=1573534164&lmt=1694799337&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536760&bpp=1&bdt=212&idt=264&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C500x280&nras=1&correlator=7800272822193&frm=20&pv=1&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=271

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4323b22681c98b4b824a43fafbac5d21c460382f628db2969711e73baa2de3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 83945
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:37 GMT
expires: Fri, 15 Sep 2023 19:35:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
247 B 73ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LM365SGN8R&gtm=45je39d0&_p=51297506&ul=en-us&sr=1600x1200&cid=106695469.1694806537&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&ngs=1&_s=1&dl=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&dt=Zkracova%C4%8D%20URL%20adresy%20%7C%20URL%20shortener&sid=1694806537&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LM365SGN8R&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://6b.cz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 23B0 14 KB
2 KB 75ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1996759695&adk=2034842585&adf=745599300&pi=t.ma~as.1996759695&w=500&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=500x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536747&bpp=1&bdt=199&idt=272&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7800272822193&frm=20&pv=1&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dGHK9LlsPd&p=https%3A//6b.cz&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 19:20:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 19:35:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 23B0 2 KB
946 B 92ms
42ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 23B0 23 KB
9 KB 89ms
43ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB14 143 B
166 B 20ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1996759695&adk=2034842585&adf=745599300&pi=t.ma~as.1996759695&w=500&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=500x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536747&bpp=1&bdt=199&idt=272&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=7800272822193&frm=20&pv=1&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=dGHK9LlsPd&p=https%3A//6b.cz&dtd=275
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 23B0 3 KB
1 KB 90ms
46ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 23B0 20 KB
8 KB 66ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23B0 182 KB
57 KB 102ms
39ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:37 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 23B0 36 KB
15 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:03:41 GMT

GET
DATA 200
OK truncated
/ Frame 23B0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css
fonts.googleapis.com/ Frame 8523 14 KB
1 KB 43ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:37:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 19:35:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8523 2 KB
927 B 87ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 8523 23 KB
9 KB 46ms
30ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8523 3 KB
1 KB 45ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8523 20 KB
8 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8523 182 KB
57 KB 118ms
70ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:37 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 8523 36 KB
15 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:03:41 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16219658952005295331/ Frame 8523 30 KB
30 KB 55ms
47ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16219658952005295331/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 00:15:03 GMT
x-content-type-options: nosniff
age: 588034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30455
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 14:55:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 00:15:03 GMT

GET
DATA 200
OK truncated
/ Frame 8523 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8523 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB14
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
35ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:37 GMT
expires: Fri, 15 Sep 2023 19:35:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8523 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13398e2357b0491ab226360624396a12962fe6ec1c5191e8e0bc1623b267e145

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23B0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a788dead584152c127fed09b17d6b60896eee92fa263a0343c6cf9e63ae57ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 23B0 33 KB
34 KB 64ms
20ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 570696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8523 33 KB
33 KB 75ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 570696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 05:04:01 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 154 KB
52 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bed8c08d647a03deaa2fd375a74407ed34a94de2b5a9e87f6bf8a326da0113f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53718
x-xss-protection: 0
server: cafe
etag: 4410607993778306248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:37 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 23B0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C3JkCCbIEZfvoA4bK6wT03bYYn7uT-nLXu9K_8BGk5_LtlQIQASCc-LUjYJWCgICYB6ABh7_gyAPIAQGpAtVdRS_gn5E-qAMByAPLBKoEzQFP0N5n_m7ZrcvlAgvE-qKChT6iuvOkQ6xCYEF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212261608715007243384%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%2...

0
0

95ms
53ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212261608715007243384%22,%22debug_reporting%22:true,%22destination%22:%22https://ignaly.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22957882247%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225898173224241231345%22}&andc=true

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12261608715007243384","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["957882247"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"5898173224241231345"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 19:35:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12261608715007243384","debug_reporting":true,"destination":"https://ignaly.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["957882247"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"5898173224241231345"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8523
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClFDlCbIEZaKbA53B78EPqf2LyAO0lN_2cofcpeyTEfar8oz4NRABIJz4tSNglYKAgJgHoAHBstPbA8gBCakCNPb5UM_ksT6oAwHIA8sEqgTHAU_QVxHL2NBSBEq2MgQp0ZeQfjpCM_1keCT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212255398244504313567%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%2225...

0
0

96ms
53ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212255398244504313567%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22997513537%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224844009476262760801%22}&andc=true

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12255398244504313567","debug_reporting":true,"destination":"https://joyn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["997513537"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"4844009476262760801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 19:35:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12255398244504313567","debug_reporting":true,"destination":"https://joyn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["997513537"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"4844009476262760801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame A72B 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H3 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame DB8B 37 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7503136952095110&output=html&h=280&slotname=1052052491&adk=2164744332&adf=3025194257&pi=t.ma~as.1052052491&w=1200&fwrn=4&fwrnh=100&lmt=1694799337&rafmt=1&format=1200x280&url=https%3A%2F%2F6b.cz%2Fsh.php%3FP12X&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694806536743&bpp=4&bdt=195&idt=254&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&correlator=7800272822193&frm=20&pv=2&ga_vid=106695469.1694806537&ga_sid=1694806537&ga_hid=51297506&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077328%2C42532402%2C44798934&oid=2&pvsid=2830383779564145&tmod=521851217&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMeplQBL4P&p=https%3A//6b.cz&dtd=268

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
53ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 19:35:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
54ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 19:35:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame 1B01 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:48:15 GMT
etag: 8554266389219770021
expires: Fri, 29 Sep 2023 02:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame 534B 10 KB
4 KB 19ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:48:15 GMT
etag: 8554266389219770021
expires: Fri, 29 Sep 2023 02:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame A51F 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:48:15 GMT
etag: 8554266389219770021
expires: Fri, 29 Sep 2023 02:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame 1509 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:48:15 GMT
etag: 8554266389219770021
expires: Fri, 29 Sep 2023 02:48:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1B01 4 KB
767 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:39:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 1B01 15 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 00:02:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 00:02:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 1B01 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 18:46:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 18:46:13 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0B87 154 KB
52 KB 185ms
99ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQSyCQACbE8GrQYSAAd2YyvwvxZSEtXku3kz_g&u=%7CaOqHK4vaI7PSAGVLX%2BoRoCE5Az7co0Jf084SG%2FPBlhI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKVUbnMev71fNAJD1VJtanNFC4M49_5xZIiCSLC2FPdfR9p47H9Qc61Nkwl0-bGjaQBGqIG8gtJFMfKhC6JFfyawo6-6svx9v0CV9OW29u0sdwGP-rvVZA932zWVZ3ah1D651_czNFNOcbW90curiaOVP49unYSAbw77fNCEbEKhxd6E6wYGofM9SapX0R13SuR0W70VRitoOju73GgxAMVJv38rJ8LTIRoETapVduqeUnmsZNExXDP44XPbI6J6zgRWu9_fh1Sro0HytACr7uZE1u4UHMUyadswwcaQjxrs7cAq9JWm6mZ1OTS891TJW-GNxYxhElb9jmR6QSF1ea259phmcRIh54bEpl5CUgkIckqYsMK4ThMBjGNiHjm0WlLTO84MGkEsCbzmtXr9ExMN2THk725dAYTobGj4gKkdUB95jyPRwPhljjpOavVXz4V9z087NaoUYSHhlCxgvGH7LrkrrRcbeY3eTCkxB0q3fTJAHaY-MmP9cCg8N70sTiEX5FhDRwMfps5FVz5YCY7ILa_gsRKx_QQIS1fnIkuE3DEUtoWfEGvI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBE9zCbIEZc_YCZKMtOUP4-ydqAPJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc1MDMxMzY5NTIwOTUxMTDIAQmpAjT2-VDP5LE-qAMByAMCqgS3AU_Q7kAz3xowTG05Ce-1i98nWOQrduJy0Br4gsi7Ma3N8GVR72UjU9DepAMs_dtP7PiaOYYrNJexGH6P_iaeXshD48saosE1T3yjAJDPzyuzZ73K3B2x05fzfh8VTlHoNC7rapzuXrdKyIEhVhCfwdAvmqaqlqz-CU17AAxFpAvurDFEKl1We6Xv5boQe69ugpdHT76ALEaT4Eu0UmhxX0RBlxv_hwhOGw0yKwiGD_5gT6POnalKW4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39SlthIndK8OkPRBBSuoGxTSeOXA%26client%3Dca-pub-7503136952095110%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

47b16e28344aba6edd95025149b73b660b939b74ad5b0743e39fb85e2fab2bf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:38 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oosg40AtkhLEo8jKjBuxMwSEMvg3CqnMDNjbH3DJMOhV2Md611YkYwh0jBeb_1MHlKxz2ycyCaHh5mFImDEyK18tR7phatBXoY1Y4aycp1xa369VcNasudM1ppvE-jtD8Xe_WbGSeLFLtPoayvOkCE4UphBRm8_oPjyxGBuQUg2CnIEGvlXk_f6oPhoQGvZEIxoA8U0OtbrQwjH79SOY0f2_O1QlSiEzmX-zmx_U00RCrBHhvo3wm_2QuyLCm6TFoGfsDQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51992357
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 534B 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 534B 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 534B 182 KB
57 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A51F 4 KB
705 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:37:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame A51F 2 KB
927 B 22ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame A51F 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame A51F 3 KB
1 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame A51F 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A51F 182 KB
57 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame A51F 36 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:03:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1509 4 KB
705 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:40:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 1509 2 KB
927 B 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 1509 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 1509 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 16:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 16:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 1509 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1509 182 KB
57 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 9041af033b7a690ba70e3134a2c135bf.js Show response
www.gstatic.com/mysidia/ Frame 1509 36 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 18:03:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 264717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15189
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 17:48:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 18:03:41 GMT

GET
H2 200 15444365370174983804
tpc.googlesyndication.com/gpa_images/simgad/ Frame 1509 8 KB
8 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/15444365370174983804?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73dc9e6d6fa8cb004c01a27b34263800a16774a6b8d553f8a504768e7e62630a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:29:04 GMT
x-content-type-options: nosniff
age: 291994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8373
x-xss-protection: 0
last-modified: Sun, 21 May 2023 01:53:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 10:29:04 GMT

GET
H2 200 4045879285539881949
tpc.googlesyndication.com/gpa_images/simgad/ Frame 1509 72 KB
73 KB 25ms
24ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/4045879285539881949?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed5838cd58dc8d45548e36ac753568474f247fe0fb8b5b6f6ac6a600c8a77068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 10:00:17 GMT
x-content-type-options: nosniff
age: 34521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74181
x-xss-protection: 0
last-modified: Sun, 21 May 2023 10:07:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Sep 2024 10:00:17 GMT

GET
H2 200 13110144746888129564
tpc.googlesyndication.com/gpa_images/simgad/ Frame 1509 8 KB
8 KB 28ms
28ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13110144746888129564?w=200&h=200

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7d55954bafa7ba7526d16bb209c457b3ca8ca0ae176ca6bc30974d84b61186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:00:37 GMT
x-content-type-options: nosniff
age: 293701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7785
x-xss-protection: 0
last-modified: Fri, 19 May 2023 16:52:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 10:00:37 GMT

GET
H3

200

13693739128686457384
tpc.googlesyndication.com/simgad/ Frame 1509
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L
https://tpc.googlesyndication.com/simgad/13693739128686457384

13 KB
13 KB

21ms
21ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13693739128686457384

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 16:18:28 GMT
x-content-type-options: nosniff
age: 530230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12978
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:26:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 16:18:28 GMT

Redirect headers

date: Fri, 15 Sep 2023 12:57:59 GMT
x-content-type-options: nosniff
server: cafe
age: 23859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13693739128686457384
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Oct 2023 12:57:59 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 9047 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 06:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Sep 2023 06:49:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9047 8 KB
750 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 18:38:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 9047 15 KB
3 KB 146ms
68ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/ Frame 9047 368 KB
128 KB 97ms
18ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 18:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130842
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 10:38:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 18:19:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 9047 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 19:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85729
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:46:49 GMT

GET
DATA 200
OK truncated
/ Frame 1509 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b267a688b7a992cf3ca32be0197dbd16b2c76576201eb8057967db7dab99c42

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4045879285539881949
tpc.googlesyndication.com/gpa_images/simgad/ Frame A51F 72 KB
72 KB 22ms
22ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/4045879285539881949?w=200&h=200

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed5838cd58dc8d45548e36ac753568474f247fe0fb8b5b6f6ac6a600c8a77068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 10:00:17 GMT
x-content-type-options: nosniff
age: 34521
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74181
x-xss-protection: 0
last-modified: Sun, 21 May 2023 10:07:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Sep 2024 10:00:17 GMT

GET
H3 200 14865742914267776704
tpc.googlesyndication.com/gpa_images/simgad/ Frame A51F 7 KB
7 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/14865742914267776704?w=200&h=200

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47755f9798dcc99979fe646a0243dde5119a187cfd4fc0ffb343945b702514a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:00:02 GMT
x-content-type-options: nosniff
age: 293736
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6770
x-xss-protection: 0
last-modified: Mon, 22 May 2023 12:09:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 10:00:02 GMT

GET
H3 200 13110144746888129564
tpc.googlesyndication.com/gpa_images/simgad/ Frame A51F 8 KB
8 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/13110144746888129564?w=200&h=200

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7d55954bafa7ba7526d16bb209c457b3ca8ca0ae176ca6bc30974d84b61186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 10:00:37 GMT
x-content-type-options: nosniff
age: 293701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7785
x-xss-protection: 0
last-modified: Fri, 19 May 2023 16:52:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Sep 2024 10:00:37 GMT

GET
H3

200

13693739128686457384
tpc.googlesyndication.com/simgad/ Frame A51F
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDP7NvoqwEQ4AMY4AMyCLnoeCyepQ3L
https://tpc.googlesyndication.com/simgad/13693739128686457384

13 KB
13 KB

21ms
21ms

Image
image/png

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13693739128686457384

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 16:18:28 GMT
x-content-type-options: nosniff
age: 530230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12978
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:26:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 16:18:28 GMT

Redirect headers

date: Fri, 15 Sep 2023 12:57:59 GMT
x-content-type-options: nosniff
server: cafe
age: 23859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13693739128686457384
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 15 Oct 2023 12:57:59 GMT

GET
DATA 200
OK truncated
/ Frame A51F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa4b69b9e02e3efa2fe8bb280b400a7558cd137452d083825b7ddc8fd74527eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0B87 2 KB
1 KB 99ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZQSyCQACbE8GrQYSAAd2YyvwvxZSEtXku3kz_g&u=%7CaOqHK4vaI7PSAGVLX%2BoRoCE5Az7co0Jf084SG%2FPBlhI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIg_Yv4RnZRq4P_PySyhhQairi-eDLwKj_TxsjMnoTLheSjnEjabYkkKVUbnMev71fNAJD1VJtanNFC4M49_5xZIiCSLC2FPdfR9p47H9Qc61Nkwl0-bGjaQBGqIG8gtJFMfKhC6JFfyawo6-6svx9v0CV9OW29u0sdwGP-rvVZA932zWVZ3ah1D651_czNFNOcbW90curiaOVP49unYSAbw77fNCEbEKhxd6E6wYGofM9SapX0R13SuR0W70VRitoOju73GgxAMVJv38rJ8LTIRoETapVduqeUnmsZNExXDP44XPbI6J6zgRWu9_fh1Sro0HytACr7uZE1u4UHMUyadswwcaQjxrs7cAq9JWm6mZ1OTS891TJW-GNxYxhElb9jmR6QSF1ea259phmcRIh54bEpl5CUgkIckqYsMK4ThMBjGNiHjm0WlLTO84MGkEsCbzmtXr9ExMN2THk725dAYTobGj4gKkdUB95jyPRwPhljjpOavVXz4V9z087NaoUYSHhlCxgvGH7LrkrrRcbeY3eTCkxB0q3fTJAHaY-MmP9cCg8N70sTiEX5FhDRwMfps5FVz5YCY7ILa_gsRKx_QQIS1fnIkuE3DEUtoWfEGvI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCBE9zCbIEZc_YCZKMtOUP4-ydqAPJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc1MDMxMzY5NTIwOTUxMTDIAQmpAjT2-VDP5LE-qAMByAMCqgS3AU_Q7kAz3xowTG05Ce-1i98nWOQrduJy0Br4gsi7Ma3N8GVR72UjU9DepAMs_dtP7PiaOYYrNJexGH6P_iaeXshD48saosE1T3yjAJDPzyuzZ73K3B2x05fzfh8VTlHoNC7rapzuXrdKyIEhVhCfwdAvmqaqlqz-CU17AAxFpAvurDFEKl1We6Xv5boQe69ugpdHT76ALEaT4Eu0UmhxX0RBlxv_hwhOGw0yKwiGD_5gT6POnalKW4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_39SlthIndK8OkPRBBSuoGxTSeOXA%26client%3Dca-pub-7503136952095110%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0B87 2 KB
1 KB 99ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0B87 308 B
636 B 94ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 09 Sep 2024 19:35:38 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0B87 293 B
621 B 94ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 09 Sep 2024 19:35:38 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0B87 43 B
348 B 100ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=k4oCJlpK7UNOzZVT8RZfYtdX4rBFZ7P8A1tMfRUhO3ljw5cp5fEzn8bTNTQaxKKi3995h50eSICrAh9-f8hki83t_Q802ictDfIBZisdC8tyPWjBjBhkh-kPtgyzynrZtlFfFgUqPNrYbQObrlB0oIQS12FXd2x48Flz7XPPYGTsTnx9t-zVuwyO1OgKcT0L5YeF7VOhiokmt4NreMNCj7pyo-45pvl5yEipTJ_P4oOnSlPStIVmsJQ2m-KamXuWsfMHShiROS0X8wYHiSjg47d54aW97J_EgkWwXl8X-O1PFVrUZCnB67kCWerib7WhUVPPKRMRPNc8LrokodmIsuioQwDS-OXauk_hyPI1x1zTUVLTJI7lDZZuvXwI-nA8ZlmrSOyM-wmznPiF8qj_TmanKyG5RB694OwROlk1FUdJ63RRLB-wiu7K6mTgNOTU6PHwKw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1665194
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 8BA6 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0B87 12 KB
5 KB 68ms
28ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 95599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za32dvtQX69ofDa%2Fnq6sJFMrT2MvkLzpCC%2BhK8j%2FxSCo2xQ8m3OECCnGBSm%2BAvSGG3RPT8ymDT0JKriHtEMbE4Qefo4A1G3MLWQKj7dZhlgRsHm2KCJTPocQx7A8TRhA6y1FZ6gvvL8NgddzxGGz7o14"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807350614b5a1e4b-FRA
expires: Wed, 04 Sep 2024 19:35:38 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1509
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cadt-CbIEZdHYCZKMtOUP4-ydqAPfjoaLcubKlf-jCWQQASCc-LUjYJWCgICYB6ABtdWO2QPIAQmpAjT2-VDP5LE-qAMByAPLBKoEyQFP0DCuB_8KdVRgzaguKE7ngMvoRfoV7bOETJ1o25w...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213410686928562117372%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%2...

0
0

54ms
53ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213410686928562117372%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22992193205%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226770867916431720129%22}&andc=true

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13410686928562117372","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["992193205"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"6770867916431720129"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 19:35:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13410686928562117372","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["992193205"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"6770867916431720129"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A51F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CwwFxCbIEZdDYCZKMtOUP4-ydqAPfjoaLcubKlf-jCWQQASCc-LUjYJWCgICYB6ABtdWO2QPIAQmpAjT2-VDP5LE-qAMByAPLBKoEyAFP0CFMFlPxDV_30sKSnzdCV31rEELG5NEi_ZObpgL...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217072819375686381263%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%2...

0
0

53ms
53ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217072819375686381263%22,%22debug_reporting%22:true,%22destination%22:%22https://check24.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22992193205%22],%224%22:[%2209-15%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218434616659967290321%22}&andc=true

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17072819375686381263","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["992193205"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"18434616659967290321"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 19:35:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17072819375686381263","debug_reporting":true,"destination":"https://check24.de","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["992193205"],"4":["09-15"],"6":["true"]},"priority":"500","source_event_id":"18434616659967290321"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 9047 0
234 B 562ms
195ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lml01ygp&c=3062831992161&slotId=1531415996080.5&qqid=CI6B8ayurYEDFRIGrQYdY3YHNQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9047 0
20 B 125ms
124ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C6Qm4CbIEZc7YCZKMtOUP4-ydqAO4vMWyce6BrIi6Ebnu8MiqARABIJz4tSNglYKAgJgHyAEFqQI09vlQz-SxPqgDAcgDmwSqBOEBT9DghlRD6N7F0aqQ7uGErqwkqpDGTEXMKwjjpA8Upik5rzZWdKobE1R4qc2XPlf1IeeqLrKx85Y2xyzKflsCKFa4sPFS6K5Oigq8-26ZVRYGYAJWjidVeOlcSYg7Qs1SjY4Dp_b1pPAPeK8Bv8WsOiLXLbdDR4kEATiGn95f0Q2vsZQcuxpVFJgN-L2uCuZyIRw6D_Dn6MV2jfAS-ASybKjPK7Qa8C81ohWA4k69ZGd15kv0y5chfBTRwG17ooEkUaENU3v7H4VQEPJMaROrzmD0HGX4ais2V5LJ8GmtAdpswATh95yIvATgBAOIBeeL79pLkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1694806538436&ai=C6Qm4CbIEZc7YCZKMtOUP4-ydqAO4vMWyce6BrIi6Ebnu8MiqARABIJz4tSNglYKAgJgHyAEFqQI09vlQz-SxPqgDAcgDmwSqBOEBT9DghlRD6N7F0aqQ7uGErqwkqpDGTEXMKwjjpA8Upik5rzZWdKobE1R4qc2XPlf1IeeqLrKx85Y2xyzKflsCKFa4sPFS6K5Oigq8-26ZVRYGYAJWjidVeOlcSYg7Qs1SjY4Dp_b1pPAPeK8Bv8WsOiLXLbdDR4kEATiGn95f0Q2vsZQcuxpVFJgN-L2uCuZyIRw6D_Dn6MV2jfAS-ASybKjPK7Qa8C81ohWA4k69ZGd15kv0y5chfBTRwG17ooEkUaENU3v7H4VQEPJMaROrzmD0HGX4ais2V5LJ8GmtAdpswATh95yIvATgBAOIBeeL79pLkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBqg0CREXIDQGwE7bD9hPIE-rlleMD0BMA2BMKiBQH2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9047 0
54 B 549ms
196ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lml01yh2&c=3062831992161&slotId=1531415996080.5&qqid=CI6B8ayurYEDFRIGrQYdY3YHNQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.13b&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9047 29 KB
17 KB 143ms
57ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D56BWAeiGd4cnDwOLMcdwfx31WsBNxGlK5pAqNFGA4o_Dth-joGZRgtVK50RFZx3GSlqHpD3C1uDc-YYLJ4pmJQc833Q&cry=1&dbm_d=AKAmf-BnR5YCb9CqEdHLLcwuU2FFO-dsO9L8LGIbUn350cfS1qu8ycaiuebQluA2li6fL_7MGXacQb-dvy4Hfh971X000tTVx8Z8Pn3a1OsqbOFWxnrUJ6AJUICBPoXMeva0NeB5dVnEttEW5CcVJwHsd8LsoORRNXKmMQhSnpXVTeTnQIwq7wgMoz9aD2Q73P7SqyEREyNVdy6f9XQcTEwvh-DXWbYMPo0H-ArY9VZcWjYbZYOrhMhBMcCeFhlcLoBCvs1r-zE0vUV8hLW4AfG9d1Lo5o-_7F9vKrunWahwtZrmzA8MXevIgqu040pYMPT1P6WQidFFroauLOKBCd2rgnKfwgfOWBzIBSHIp9hkPkDX6JjFX2pTQUc613imXJNdTjwuxBokO76lksDGBIKHlzCvfnx-waGvbD8yVPhxmDM_ltpYRV5S19sIn9mqXpLNjKFpTzjHoA7YIZUdW1Ej_8YokXVr8oivXWpC3VYGDNkVuVsmgp8MErJHe2D8srTBvQcDOO32wsQKX3QrCoMIg0WbwuIcj9f3YmKTSmiwA0PGNiUlkX_ebo2zRn7Lcef7KbnDvq1avRLhdGUXJttLT7tj9tj00vAiRIHzR1XoKKrYwMY9-XfGKAs1MRUkhUUz19CNRiOvirAfNkE7KDqAohkAV-eQOOTMUe13Bn4ilMCWwm6cdcBr3RoLxMOY9-tIyAUj8JNne57pBU6IfyxeP8VAv4T0jEuiDl2sVFwrQFzdDh3nsy646crtJeptBZNl6dThYsdx8b9SRv7zxMAlaaaXbfec-l9TD_PXfcy99meO3UkaVUapIFJVSAIViTvgez3SNgtzyt_1fiYQFlVxcoXkFq40wg_3zEx3w3j5Z6h68lpFZR4jC3boYr2GM6k5m1FTxeEER8HLlY89Of6uBCxU5jJGud-6rS5THtrxzpHw0lKtXoWZUp2t1to33Jedp_PFSi8CoUDYqXLK1t58mJqmjUcc3n_04zcwOK0jmOEw7n_ElupFPCIoiSLYVOmPd65k6BU8NsHcl4Q9XZlM9EFxggAsvYVgkzVDhWGj3172PPjVcCCphvVK5UaxWqRb_I7g6kPdt1bDgB_LFI9vYDTMGEPWUp0EFGHXw8j8Ol7cgsI8Zso4zdSToFXz9gsq7TUlNcZP-VwrpKv4IKdzEweLYgYPuj02Td_zcZay37dnwRSIxVUMGZbVgWDkLDnqWOTsoPpsQSks-K6ydlWTNN1Ak99qb8InORkaqgSdgK6V-To0uZSdgE0ihrMabx-gbVguOWvhiXjIFBp_xJnLb1VuQs7lPxpWt9bd9P3Rb0ehi4HTU61eK8E1NBYv1RT364pBrh8OwjmTSBaALtyrFFRn5VOWczH8zlcguDtb_gTkB6ytRTJITM6zD818lHw-iIMKgVVXzLEzdfvOYJlZgL-OjRhkoTAakfIQTCG8LqJ9rho0J4aSk1i3-H0Dm_fQWPNyIkE7Ca9GAyZIFnpyu-NAHibEI6FwHrtmoCPv-cwFQIGWCnYxJV6sXKlBuu_HZ3vKvV1a6TdYhf6wY-q99tBYVRJVjjjI0LX7Nr9OOy-IvXMWTrtULojhePJrsJkUf35Rzb5B6q40G2thdwrZq-AVo8YSxOWtt9zbp2AuKZoEbGZWT4AnIEnQIxc7Hs2kolP5SF0hSt58WAKB7qevnTw2m28N3Tmib9AFuWoDkoxv5vSrp4mfpSec3A55LgRS9yJ-eVukHgrLrDBxRoHQYTn5FQSaqgo6SB8zxG-AQ3TVz6_CjCxY5gmbDbY0LgssXfN2fnbINOUjj72H1x75Jk_K4UDdwDtZD_XIVM609aqT2cp5q6893OzBmyPS3U0Jzw4dDKbSdV-FZ5JWO4PzttYEyBYm0_tS5Y3tZz5ISAKL6huR82CSyYqtROjamP5g18jWx2TrP1T_TCBHLHsIGRSTRw1lJjZP9hc17woAJjCfNEjkQ_SycLDaOyID_rtD2ge4D9M2VSHGcZ3gtf--p8Xv7k4vhkGIBX2LJ0HbJewYH-fuEIn4-monKncJOwOHlxhv-ABKfosiwKxVu2FsLeAlXTu2UCFqvh2gwNsxtDjM-2ijwyN1LnW8wwKp5pjOkRou-ZOipqx09SU7xLAj8bbzCubwuwoxXkCY9SqtWSBGC-cyv9-tDEtmZR2GnJTNv7MPsOenWOtegDGs72QQWWEXTDtZhGERDW-2NNbYNLQkzDZGMtHOjxanfZAofSI5yT_jF_1UnH8csM6AWt4hIJb4VQeNd-We3W8jcec6X8wLMZR1dfbkydFWSUysZEDB4CzEWXUQ8Z5dHBLFyOMPyukxrvm2ivXadeFi6uX64dHwBh8wcTycbkvABKI0Fti_HR0gHcELl51hYWJGQqI53qvbR-r8_d32bqrk1dZ71hwAhYe3hsg5kqJv_u04b3yFux-ZRqjYxPQhqSlogIhVYtOSpaavwIn1vwrDMF1PzQimEz-GXhsnnwUuxlVNwnsVtrfGfsEpbUV6CN3oT_xLmFpTH7Vu1ngldqVR6VhV-EeA8rhHIRFujnv8oSGAILrBgts6vlzbY_h7X3c-Az1bZ2iIPYvin3S1fxG3xmyYlmKiGMsuGKtkJMihpxYxcgfyy5UvYy1exJX47HLJ1K5fgT4gLZ9sxGQCfllNc663uYKtJFiKz1S3aNzpFHZlrG7ZDsn18BKQs1Ih0_lJ8TQryOL7ljurMy0b8MtNeQvPngqsHKMSBDofdoHWSwBf8sCSulo0anYtzWutEYnF4CAzpB00c9tcUDo9dFc6AeSvhoAPwuugSCwIXTgEtG5E-N8eg8APLqlYQDUesSzb1l0_TUhH6_3Om3iy6niSO6ufL2Nufxo9Amj64T3JkXSFgPNHV3T--vCM2Cd036eRD1hDxjQXXYtW938uJGf3GF0Sr1_DqzpvuFL74s-S1AjZkyOH2uZzsgj0G66NXybB95IDNj-GuNudkHQHFMkehXrs6sh7tEiSr1Gk73D4H5HFligygpDj3rTM50FB84JflBRCuzl1bmmCADuxmQ5LThfrFSXNwNmu0wgQNl5_bfcbjDlgc09TlzwqSlSOgYMhOlC1g2eOruzPR9iFuMrFHBA9tE-OYcrqL8jBqBLri80AYPhmrpnpLbwQU3fA4otGBN_ydUWI0H6gGHuduj4bhehLlCLOILPqB6OS_bCkfWDsC7Q4QDUbWUOaKdD_S-7WuCiCRXOcv2R11JXAEfcqW-gTfJ4CG3qdB6AbLc4cCE1o1lM2xsA-pX44stL24qCM0t3D3iAfrCTgqWi_lePsJQz1rHU9NMMCzczocnDZzLVNjGk6C_7Pyw3Mj0MeOdUHgHo7BtUHaBziVT-_DCA0V1tqy47rQYeBr7V1_60Go2x1p7zsMLB9jUse52rj75SLwL1PhceYZxq1JgG_scUjp0mox8MBVo6CF1I2Av1xgddMPLZURLCYF9d7jInyeufHbvTLaGnAcXlzft7KAAkQkp6LB66nSAHKhq8crN-kjGR2jH8V98fpcxRKfTZxh36ZCfE9NrfcLEZUyh7RSAsP9DmdHD1yokXLHAQYiEWFqCPvC7ZHc11E02kj&cid=CAQSGwBpAlJWQ0dBCjm5c-TpaPU-nqzCUU5kKvhifxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

6b6668f32c688a4d7cabb6b7529bbbc8c66cdacdcb33367f08c98d509130768c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16576
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 72CA 37 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: 6b.cz
URL: https://6b.cz/sh.php?P12X

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0B87 12 KB
6 KB 36ms
36ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0B87 0
128 B 110ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=oosg40AtkhLEo8jKjBuxMwSEMvg3CqnMDNjbH3DJMOhV2Md611YkYwh0jBeb_1MHlKxz2ycyCaHh5mFImDEyK18tR7phatBXoY1Y4aycp1xa369VcNasudM1ppvE-jtD8Xe_WbGSeLFLtPoayvOkCE4UphBRm8_oPjyxGBuQUg2CnIEGvlXk_f6oPhoQGvZEIxoA8U0OtbrQwjH79SOY0f2_O1QlSiEzmX-zmx_U00RCrBHhvo3wm_2QuyLCm6TFoGfsDQ&sds=2&rev=88356&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Sep 2023 19:35:37 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0B87 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0B87 2 KB
1 KB 32ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 19:35:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 53ms
53ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 19:35:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 0B87 46 KB
46 KB 135ms
67ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 9047 0
54 B 393ms
196ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lml01yhg&c=3062831992161&slotId=1531415996080.5&qqid=CI6B8ayurYEDFRIGrQYdY3YHNQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9047 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9047
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

116ms
19ms

Fetch
video/mp4

2a00:1450:4001:62::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C12BDDA3029FC11C33B3190B0A028E020EF88F8.811522FF9B328F7E70FF99BA678C5F5D505CB895/key/cms1/cms_redirect/yes/mh/C5/mip/2001:1b60:1010:3:1011:c513:d6e2:2652/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1694804969/mv/u/mvi/3/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:62::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 19:35:38 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
Last-Modified: Wed, 05 Jul 2023 13:14:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Sep 2023 19:35:38 GMT

Redirect headers

date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7C12BDDA3029FC11C33B3190B0A028E020EF88F8.811522FF9B328F7E70FF99BA678C5F5D505CB895/key/cms1/cms_redirect/yes/mh/C5/mip/2001:1b60:1010:3:1011:c513:d6e2:2652/mm/42/mn/sn-4g5e6nsk/ms/onc/mt/1694804969/mv/u/mvi/3/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 7780 23 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 230593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 03:32:25 GMT
expires: Thu, 12 Sep 2024 03:32:25 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7780 38 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N29B_8HU1d7yuj02rOwpDpTVIS8J_c5S9MsHn32KQzw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 01:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 237872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14699
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 01:31:06 GMT

GET
DATA 200
OK truncated
/ Frame 534B 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc172a80e37b6287b05cc50684aefcd907fe98d78cd3a074acb67d9104ca617d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dark-bottom.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/ 3 KB
1 KB 28ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/1.0.9/dark-bottom.css

Requested by

Host: 6b.cz
URL: https://6b.cz/js/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0ffccca0958c2710d1eb8b56616436104e48271e70c3dddf1ba4eb0a9df065a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4165
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 700
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-c27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZWgeWi33AaiNPxAyMf7ufPVLJMSjheT0eL3M%2BctGDOyNRbFSOwkCZ%2FyK5JFGAM2oypYK4DBHExjJVHedcXyHx9lESsSUinKCYY8YpMRoX9Ihram9Om8YvzCuXyRWz8TyBHKApNrcI3Ik4NRmgAwcJLM"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 807350632e411e4b-FRA
expires: Wed, 04 Sep 2024 19:35:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 115ms
73ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f930d39362c9c22ddf2ba11d9db7adaece44b53fc21ad42f24add946ca29551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12139
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 534B 0
19 B 63ms
62ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJmhGCbIEZc_YCZKMtOUP4-ydqAPJntKxXPXalvdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTc1MDMxMzY5NTIwOTUxMTDIAQmpAjT2-VDP5LE-qAMByAMCqgS0AU_Q7kAz3xowTG05Ce-1i98nWOQrduJy0Br4gsi7Ma3N8GVR72UjU9DepAMs_dtP7PiaOYYrNJexGH6P_iaeXshD48saosE1T3yjAJDPzyuzZ73K3B2x05fzfh8VTlHoNC7rapzuXrdKyIEhVhCfwdAvmqaqlqz-CU17AAxFpAvurDFEKl1We6Xv5boQe68sgLbVzy1QEeBDx5E4coHVUWNLIRHRn4r60zCU2beYI-b4hTfudIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NTAzMTM2OTUyMDk1MTEwGAA&sigh=JyZuwxNeOXA&uach_m=[UACH]&cid=CAQSGwBpAlJWQ0dBCjm5c-TpaPU-nqzCUU5kKvhifxgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 534B 0
126 B 110ms
34ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EMz6RMgB2ASdg2ICAgAAAJ9SjOUxzQWPhrp8BhAIsgRl3a3x8IL0J7OF6AAAEgAACgpBUVVCRHdFQkR3&wp=ZQSyCQACbE8GrQYSAAd2YyvwvxZSEtXku3kz_g&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 164839
server: Kestrel
content-length: 0

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 0B87 38 KB
38 KB 42ms
41ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 09 Sep 2024 19:35:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 6 KB
6 KB 100ms
34ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=396&s=79HJ3OsGOF1uqBIhc-01OzJw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c075c84338157dc46cda1e385e3a09452ee95b59bd3c8d9ea7d1d97cf6c0f976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 5725
expires: Sun, 11 Aug 2024 06:41:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 29 KB
30 KB 173ms
106ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F4918258%2F91f17cbfe7544312b508814235232386_img_vertical_03.jpg&v=3&w=1200&s=FW_lv165yQTO5LQTFUZhcfq2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

083ff53000b7c5fe060f08f025a43951b92803be1c5a92c26692ef5cc15f1aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 30074
expires: Sat, 17 Aug 2024 14:36:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 22 KB
22 KB 132ms
66ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1628694032%2F21168378-2AHVA6G5.jpg&v=3&w=400&s=E_jl6-cqCYk04QSVYG712Gce&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3759540d86dae24724e5ad73f753bad360a84e99a4167159b4958dcbcd11b86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22146
expires: Fri, 22 Sep 2023 15:14:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 14 KB
14 KB 163ms
97ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F23123147-RfGS8OYu.jpg&v=3&w=400&s=uci66ZKC4hjL2GT_QcrBwQDz&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de5bef16f3955f5f06f7614f08a9167e2b02d2fe2f11273c1a58c626111fdd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13992
expires: Fri, 22 Sep 2023 06:53:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 1 KB
2 KB 138ms
72ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&s=LMbwVQqqZkIT_OqRJg0FwumN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Mon, 02 Sep 2024 05:46:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 13 KB
14 KB 149ms
83ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1655998345%2F22137899-DoumRNsS.jpg&v=3&w=400&s=1ncFHpiBqWbAmbrhP7WtTrTT&b=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

02f9d17962a31db874650c4a796d39f976ad488578c05b157977edccfddbb7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13698
expires: Wed, 20 Sep 2023 07:03:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7780 0
20 B 126ms
125ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BMrqTCrIEZafAIrWR9fgPvb2SkAMAAAAAOAHgBAI&bg=!qKulq-TNAAZQjyUVcI87ADQBe5WfOOf72qKTdByrKqaxYVb4_2Rzbwq4_KJ3QeOeiAntzIJrQ2csqdvqybPk7xAbWTPwAgAAAHxSAAAAB2gBB5kDO7ehW0mw7Ar_I5DicRywjIY2WdWEXNuh8nW4aYNMeCxpMe61yH8nJxfhs0xTO8xDOVN1SSishbpZoLaS7EZN2L72HBzxF9FP9DHGadoto_tjQpmbG6jwxnBDZy92qDZXMkaV0qXbgFBeCufYeSoyVbzjnOtxYTZDTq4cytJoMwIoE_st4KiEWIzMYSUzbfWnVN5Jd0YY-YvWFxwcUdYYqjlz2I-lQFJg60TxEdZ2F3g-Bk7IEGhHUgK__O9RYE6WlQsYRZsjVM8K3tDxYWkIHqWYrlF0QyRYX1ANynzh-Q7vSCAMfC4JmSuO5ophsjvdCYavJHy1jvtTZU_INLDQIDWLhe02C2grKzJBBomFfs4wq5zxnHEEIXMT-7xqtYui7g4S8B8aaIEcY8IRSin-okgOKvZ3X_sZsgBIaWuYWfvgCrPGW1omdvPCRMudM4-2Xk1u_YnpfZjp6xvBOUIsPWjLLe9l4YWl_EyogBZcyRVA3-rUcabq6fXGWh7Fgi0rYNtwUeyCg9kOcOhZIa4y1wfIh4RD6Q-Qvv7W1VSXZNTdSR-f-I9_90ozsOJlud9oemHKS5n2FNSONJJtXIjZiL_dIMSZI3WO4uwaJ-UPcVlr5eCIkQ6TRtnuFF0GmQXP2ALq0LqHkvLI0cxJJJCqod86IpfIM-_R4A_7k-CcqGyY8cf-iCeE0Vbu3x_4h8PMvQk1F5NMfQYC9lgCP6hWJvnYibD8fqPFjZOihSlOYLgDwMXjjKtrHZSzpIPQ7E1GBGJccpab9SNvsw7kIjQHRbLEgTIUs4-vlTCOYxfYiMIApydP4ZUA7mYoc4r---ZgHtd5WTGf7dCvqPP5PVyz1H4ygAkLoQ6H0J5d1CAvcfeHazv1W-BB_-JPxhNVWQ08KUK8WKHmrmft8FtPy4up1YuompivgKl6sfPVvyls_mkACFAQImWMW8jKM8rDl0Ox8BfGzYd_06ZqzmMbtzY0W3NQeK03q8xn-Y4DNFMvLmslAVVOD7i7sS1gW6vbQaGMK9658GagMh_95W1I3F_-pbRdu-jEDpqrFs3tC8cBKEGTnQeooDXfy5ZW-vLRenpRbSQ8J8f6O8HbuLmK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 19:35:38 GMT

GET
H3 206 file.mp4
r3---sn-4g5e6nsk.c.2mdn.net/videoplayback/id/958993bbd9e9fd2e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1726342538/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9047 2 MB
2 MB 40ms
19ms Media
video/mp4 2a00:1450:4001:62::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 15 Sep 2023 19:35:38 GMT
date: Fri, 15 Sep 2023 19:35:38 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2208367/2208368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2208368
last-modified: Wed, 05 Jul 2023 13:14:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 105B 13 KB
5 KB 23ms
19ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9079
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 17:04:19 GMT
expires: Sat, 14 Sep 2024 17:04:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8210 829 B
991 B 33ms
31ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

601381efddda5f1972a77495a1d351688c6b36dbca7722114a70cfd8474b6130

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yfHRlWSTKnN010ji7JKacg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://6b.cz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-yfHRlWSTKnN010ji7JKacg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 19:35:38 GMT
expires: Fri, 15 Sep 2023 19:35:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 6 KB
6 KB 78ms
76ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c075c84338157dc46cda1e385e3a09452ee95b59bd3c8d9ea7d1d97cf6c0f976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 5725
expires: Sun, 11 Aug 2024 06:41:41 GMT

GET
H3 200 lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 105B 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpPsQPhuNrCvbaydJTyaX7eGKZY1JWLsUtPa-zNjVhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 09:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14603
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Sep 2024 09:37:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 22 KB
22 KB 51ms
50ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3759540d86dae24724e5ad73f753bad360a84e99a4167159b4958dcbcd11b86d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 22146
expires: Fri, 22 Sep 2023 15:14:52 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 1 KB
2 KB 46ms
46ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 1366
expires: Mon, 02 Sep 2024 05:46:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8210 0
0 121ms
121ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=2830383779564145&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 13 KB
14 KB 46ms
45ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

02f9d17962a31db874650c4a796d39f976ad488578c05b157977edccfddbb7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13698
expires: Wed, 20 Sep 2023 07:03:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 14 KB
14 KB 34ms
33ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

de5bef16f3955f5f06f7614f08a9167e2b02d2fe2f11273c1a58c626111fdd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
content-length: 13992
expires: Fri, 22 Sep 2023 06:53:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0B87 29 KB
30 KB 36ms
35ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

083ff53000b7c5fe060f08f025a43951b92803be1c5a92c26692ef5cc15f1aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:38 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 30074
expires: Sat, 17 Aug 2024 14:36:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 23B0 42 B
64 B 127ms
126ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviJvzw9nS42Q2HaKJ9y8NwCA68i0ZXtBVV4Lc8rNc7rtOSjkkznWbX0bQnSfvPSh-QR4wN8ugCLn2V6ziYfc9l33kzrg1fcY4vAMnBtoJKZD1j55jPNG1ufhDV5KEZNKz8yUmIAFq8JXDJ&sai=AMfl-YSMB4AL_TNmE8xk-xsw9uhxTRMILHxQ0_aL26YK-dkG_VjOgzthXKNh7uRYRTm7mLPgb1dPRfDUTgvC&sig=Cg0ArKJSzHkoV70NaWI4EAE&cid=CAQSGwBpAlJWeBkZEieljewMfw0voAHvEydLlbIYahgB&id=lidar2&mcvt=1008&p=0,0,280,500&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2034842585&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694806537023&rpt=946&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8523 42 B
64 B 129ms
127ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKb1btU7nVjqRukbdDOhiwWFNE9Zlq7p4HhJidxXzJ9WRV3k4Co66g0K7gQ85n_yd5mNmMksenQR85dawAcA5SZtLNRxQ-k1QSEXg6bdmWK6I2Pgt22emH7ltFtE_P2l9WjDbMrDVc9ZMc&sai=AMfl-YRY7W87bdAdMQjO6-ouWngHU0WmiQpqJdrMkzECv78b2DraM3IpM0RQP0wJU8TWT0QL_TCjNMqLC0oV&sig=Cg0ArKJSzJLaqZinJd0QEAE&cid=CAQSGwBpAlJWXsDxQMkq1VQSwGzjPy2B1HLIhq2WjxgB&id=lidar2&mcvt=1011&p=0,0,280,1200&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2164744332&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694806537013&rpt=969&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 105B 0
11 B 21ms
19ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3jRAmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 19:35:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A51F 42 B
64 B 127ms
127ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgYZdvBb2uFAQLB5huXhr4eSSFG-IBuTb9P9z9hHF5lg119uYnd6UaBgnQHsat8aUItv9SxJejRPBciRKbq_T72pYiUuFaEQUIOre_8uFiQO_7MuHhZHBlLsosdWUeCWeoz_LHB0m3P2bh&sai=AMfl-YRRhnmveo7cYriP8Wbrqdo9HSBnHlyNVZS1rXze86OUtJELkdevRckGch6v6sHQhyWvTo3RxQglV_rd&sig=Cg0ArKJSzLDBCsokaUbiEAE&cid=CAQSGwBpAlJWQ0dBCjm5c-TpaPU-nqzCUU5kKvhifxgB&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694806538078&rpt=291&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1509 42 B
64 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1wd4Zy8qBFq1pmgHbbiVB5a3YwwH53NPvrEPSVZ-kgOxKYgxKqqZwQfPZ-o5ImubSfMBa319j63uSq4B9UqSobmn8ivJGP8BRZNIQhe26sFslZTm_Ks9OWpTUcc0tAbFmIfDNSQxSnNe_&sai=AMfl-YTtOSi8mlX1RA8GapoIevGggOjKx7WhQTCoSSFKCIBAq2g3JG4a1GxNNWEFpeXoEjbo8l5yV8tysI-N&sig=Cg0ArKJSzMMuvBis5PgKEAE&cid=CAQSGwBpAlJWQ0dBCjm5c-TpaPU-nqzCUU5kKvhifxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=153,832,1000,1131,1131&tos=153,679,168,131,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694806538080&rpt=328&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 126ms
126ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=2830383779564145&bg=!UVKlUh3NAAZQjyUVcI87ADQBe5WfOE6MtWzeRnHVNh3NV8K7xcu3eeuAwLJ-6Qt0IiGeUTeFbil27ZJtVySM2ceSVxy_AgAAAF1SAAAAFWgBB5kC9IVted11lxCXJmTYDJXzueBeiQG6XCbCXxlQUkWsvWKVIHs21Epg5vuLWc4-mrey5h0F80IUszkiXucIflo0K2FlRUpnCbtJFUZvVQTVfyp7xv3zr4RvKqEzIAbR7v7FA4ZTZa75xW_Sni_dY27WuzFPf5GzXxs0afylM3CAfvbeKXvUkOJyR6zhqXp1ufPmr7MKw_0DNn_pbXcGrjbQAnG6981O-UYj4lxAaY3ZWT47VWt5h1jwmc6jOYcY0WAbGtK5zMI2u4qgpHKMDc4MgcbiLuPeQNVHnQTHY9maug7Fjs35EQiOow47Zqvk2jRZg6jBg-81Cb_Ab_tdRXPCk_XM8F3Qh8FRQMUBBHir11-7st3CaN_wbyOaeyjokJDnZy7fL1jBZ3bA0HeoI1y7qY5edR-NSb3_UQ2Hs7zL-8ybxO7e1IIsZLUzbz8TQSvZd8WCKbT78CGK3HsXZ_nEa6GpkXG7-UxoTl5sYXa9VFX5SsBLAHQpjIPFz8Pgy8dEZHswlpdhO6W_DDFOugC0XyflZwwnLRsiVTaLva7c64CgvTl75UdBIhpBlDQC_qk2Hrvu7ha7j3t7Kl6uS2WwCeIHWxDsBH78nGyonQ3D3v8JR98JPWhK-aOjxArselZU00lvCEWGrkTrEv6T4-uve-9mQSUyKtxytYlJ9djVy1e2GBeNUD3SbnTHEuUZ85unkrygtj8CLPKt-9GhMB5noNq_MyAhKUXilyX9dLNAciiHPceh1txoDtIkOZEfDVxziXnLI-cUEp9oP_LE4WQDGXU-7YFk2fgd30ZgYLG-_1D-l6SHF_e6eHTXd5mjBvos8m-ZPrmWwh3PZjyxPDL6VOOpE6QwTA5WDTt8q8kPctTWcP0OoV6ZOf0749pWeNp50UgyR36o_s5lAeFrfUY9BbRHI1SO8WM4Ak6fWKoGZkbBgyGXx4c0jMvyTTFrio52YzDiZVbf7goVOtO9IwyunEpDD2B8ZU39UuPN2XIHNZAfdk9umA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6b.cz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 9047 0
54 B 196ms
195ms Ping
image/gif 2607:f8b0:4007:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lml01ylr&c=3062831992161&slotId=1531415996080.5&qqid=CI6B8ayurYEDFRIGrQYdY3YHNQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=976&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.17u~vil.1h5~vfl.1km&ua_e=1&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230802_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4007:815::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:39 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 534B 42 B
64 B 129ms
128ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUKp7qEacJEPxiynVDNYr9w3gL470FbACXr6XaND4OyvzWmMlEoZkkkkgr99Hv0JSNIsyLzvNPchXHdkqo9by6xyUJ7JTkRp28U1A&sig=Cg0ArKJSzOVanDH6OuSfEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694806538076&rpt=211&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 19:35:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0B87 0
127 B 36ms
36ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 15 Sep 2023 19:35:39 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.6b.cz/	1970-01-21 00:22:46	Name: _ga Value: GA1.2.106695469.1694806537
.6b.cz/	1970-01-20 14:48:12	Name: _gid Value: GA1.2.1974896889.1694806537
.6b.cz/	1970-01-20 14:46:46	Name: _gat Value: 1
.6b.cz/	1970-01-21 00:22:46	Name: _ga_LM365SGN8R Value: GS1.2.1694806537.1.0.1694806537.0.0.0
.6b.cz/	1970-01-21 00:08:22	Name: __gads Value: ID=3f5354b066ec70ba-225fef8ee5e300d0:T=1694806537:RT=1694806537:S=ALNI_MagGF6uEJX2IM3fQ6MtOe2h_YB2jw
.6b.cz/	1970-01-21 00:08:22	Name: __gpi Value: UID=00000c7628c420e5:T=1694806537:RT=1694806537:S=ALNI_MbJbJj5P1qSRavNW9sh4xA7iaEShg
.doubleclick.net/	1970-01-20 14:46:50	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:08:22	Name: IDE Value: AHWqTUnZpWPLz_22xBEbopQGrRok7zWA72OX4pH72mzh3hNdnZPswsLowhj6k2IB94Y
.googleadservices.com/	1970-01-20 16:56:22	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 19:05:58	Name: APC Value: AfxxVi4fyxjOGgAQUSunPkDf-DQ18QQrrKpxNMxNgozte3Dym6ceGA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://6b.cz/sh.php?P12X Message: Mixed Content: The page at 'https://6b.cz/sh.php?P12X' was loaded over HTTPS, but requested an insecure element 'http://toplist.cz/dot.asp?id=1470309&http=&t=Zkracova%u010D%20URL%20adresy%20%7C%20URL%20shortener&wi=1600&he=1200&cd=24'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1(Line 20) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6b.cz
ads.eu.criteo.com
bid.g.doubleclick.net
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csi.gstatic.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-4g5e6nsk.c.2mdn.net
region1.google-analytics.com
rtb.fr3.eu.criteo.com
static.criteo.net
toplist.cz
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
173.194.76.156
178.250.1.6
2001:4860:4802:32::36
2606:4700::6811:190e
2607:f8b0:4007:815::2003
2a00:1450:4001:62::8
2a00:1450:4001:806::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::c
46.28.105.70
88.86.101.2
02f9d17962a31db874650c4a796d39f976ad488578c05b157977edccfddbb7db
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
083ff53000b7c5fe060f08f025a43951b92803be1c5a92c26692ef5cc15f1aa6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a788dead584152c127fed09b17d6b60896eee92fa263a0343c6cf9e63ae57ff
0dc2dfbb8a7cfd95b7e26cd31635911739b4ee1fb41363e062a9673fdca156f6
0f930d39362c9c22ddf2ba11d9db7adaece44b53fc21ad42f24add946ca29551
13398e2357b0491ab226360624396a12962fe6ec1c5191e8e0bc1623b267e145
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
190fc02d8e8f1dd5acc40f48d0d6203e6115eb31e3f47f55db0c3f07797d68f0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a8607d57ec337c318ca0fd16472721cea9f253a88276cc3a17121e8474d612b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3759540d86dae24724e5ad73f753bad360a84e99a4167159b4958dcbcd11b86d
376f41ffc1d4d5def2ba3d36acec290e94d5212f09fdce52f4cb079f7d8a433c
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ed792fd649743d6701db53907944049f12392de37c2060ccb5ef52fd9ac67a8
4323b22681c98b4b824a43fafbac5d21c460382f628db2969711e73baa2de3d5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
47755f9798dcc99979fe646a0243dde5119a187cfd4fc0ffb343945b702514a8
47b16e28344aba6edd95025149b73b660b939b74ad5b0743e39fb85e2fab2bf6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d9003b1db0eb8c5747d363f7d3b73ad704a78774c00524512da0602dd90b29
5fd4bbea2602c84b40359b83d69eb7f838f205f824ab387ce389185437fbaf12
601381efddda5f1972a77495a1d351688c6b36dbca7722114a70cfd8474b6130
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f61fa9d435baf50e0593ccc3d93526f73bd7786191d4375a80a19c238edd1f
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6b5b9ff92a08bd22847e931c4985aa53525797e63f5c54ebc8460c55272147b9
6b6668f32c688a4d7cabb6b7529bbbc8c66cdacdcb33367f08c98d509130768c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73dc9e6d6fa8cb004c01a27b34263800a16774a6b8d553f8a504768e7e62630a
8b267a688b7a992cf3ca32be0197dbd16b2c76576201eb8057967db7dab99c42
8b7d55954bafa7ba7526d16bb209c457b3ca8ca0ae176ca6bc30974d84b61186
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
9693ec40f86e36b0af6dac9d253c9a5fb7862996352562ec52d3dafb33635611
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bed8c08d647a03deaa2fd375a74407ed34a94de2b5a9e87f6bf8a326da0113f
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa4b69b9e02e3efa2fe8bb280b400a7558cd137452d083825b7ddc8fd74527eb
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c075c84338157dc46cda1e385e3a09452ee95b59bd3c8d9ea7d1d97cf6c0f976
c0ffccca0958c2710d1eb8b56616436104e48271e70c3dddf1ba4eb0a9df065a
c449a63f1f48b37c6136fab4b567c23ee68dcc1fd9a297d0e2586be31454876f
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5bef16f3955f5f06f7614f08a9167e2b02d2fe2f11273c1a58c626111fdd72
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb9bf6d1f29ee05a31de95b8ec6c17f134affbbf5c1e5b336e317b6d5bd5650e
ed5838cd58dc8d45548e36ac753568474f247fe0fb8b5b6f6ac6a600c8a77068
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f364e0a4e0c7c62eb7bd316156876c3b95b7886c9843222c6cd740185b88b8bb
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f8c911058e8c282bc63fa4d56f94dec086ec285897ae30a004ee2530bb579723
fc172a80e37b6287b05cc50684aefcd907fe98d78cd3a074acb67d9104ca617d
febc10c8b01f97a131201472c7e79ee4836921088dccba20d75f5314a9e838d7

6b.cz Open in urlscan Pro 46.28.105.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

95 %HTTPS

81 %IPv6

15 Domains

27 Subdomains

26 IPs

4 Countries

4050 kBTransfer

6729 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

6b.cz Open in urlscan Pro
46.28.105.70 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

95 %
HTTPS

81 %
IPv6

15
Domains

27
Subdomains

26
IPs

4
Countries

4050 kB
Transfer

6729 kB
Size

10
Cookies

137 HTTP transactions
8 data transactions