fx.ma-bank.net Open in urlscan Pro
153.120.52.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fx.ma-bank.net/
Submission: On October 07 via automatic, source certstream-suspicious (October 7th 2021, 11:44:50 am UTC) — Scanned from DE

Summary HTTP 78 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 13 domains to perform 78 HTTP transactions. The main IP is 153.120.52.141, located in Japan and belongs to SAKURA-A SAKURA Internet Inc., JP. The main domain is fx.ma-bank.net.
TLS certificate: Issued by R3 on October 7th 2021. Valid for: 3 months.

This is the only time fx.ma-bank.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	153.120.52.141 153.120.52.141	7684 (SAKURA-A ...) (SAKURA-A SAKURA Internet Inc.)
1 2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	180.42.51.137 180.42.51.137	4713 (OCN NTT C...) (OCN NTT Communications Corporation)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9c	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
78	20

20 153.120.52.141 (Japan)

ASN7684 (SAKURA-A SAKURA Internet Inc., JP)
PTR: 141.52.120.153.static.www6213m.sakura.ne.jp

fx.ma-bank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.42.51.137 (Tokorozawa, Japan)

ASN4713 (OCN NTT Communications Corporation, JP)

img.tcs-asp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	439 KB
20	ma-bank.net fx.ma-bank.net	137 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net	82 KB
6	google.com 2 redirects www.google.com adservice.google.com	4 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	86 KB
2	2mdn.net s0.2mdn.net	126 KB
2	googletagservices.com www.googletagservices.com	75 KB
2	google.de adservice.google.de www.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	32 KB
1	googleadservices.com partner.googleadservices.com	656 B
1	tcs-asp.net img.tcs-asp.net	37 KB
1	google.co.jp 1 redirects www.google.co.jp	346 B
78	13

	Domain	Requested by
20	fx.ma-bank.net	fx.ma-bank.net
19	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com fx.ma-bank.net pagead2.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	fx.ma-bank.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
5	www.google.com	2 redirects fx.ma-bank.net tpc.googlesyndication.com
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	s0.2mdn.net	tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	fx.ma-bank.net www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	www.google.de	fx.ma-bank.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	img.tcs-asp.net	fx.ma-bank.net
1	www.gstatic.com	fx.ma-bank.net
1	www.google.co.jp	1 redirects
78	20

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
b.hatena.ne.jp
social-plugins.line.me
getpocket.com
www.tcs-asp.net
fx.dmm.com
www.gaitamejapan.com
www.fxbroadnet.com
www.jfx.co.jp
hirose-fx.co.jp
www.okasan-online.co.jp
www.click365.jp
www.click-sec.com
www.invast.jp
www.rakuten-sec.co.jp
min-fx.jp
lightfx.jp
www.central-tanshifx.com
www.gaitameonline.com
www.moneypartners.co.jp
www.fxprime.com
line-fx.com
www.sbifxt.co.jp
www.sbineomobile.co.jp
www.monexfx.co.jp
www.yjfx.jp
profile.ma-bank.net
ma-bank.net
bit.tisoku.net
ediunet.jp
yuho.biz
payer.tisoku.net
home.legare-club.com

Subject Issuer	Validity	Valid
fx.ma-bank.net R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
img.tcs-asp.net Sectigo RSA Domain Validation Secure Server CA	`2021-07-30` - `2022-08-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://fx.ma-bank.net/
Frame ID: 613F6E1FEFFC82C641AEA16A6C8992DF
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html
Frame ID: EADAC467A55F504C98AC6E2F6CC4C66F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85
Frame ID: B464FCFF3C045F49883A0C3F69A48B34
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103
Frame ID: 0A3DFD474F83CB7E7265CF892E306EA3
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&adk=1812271804&adf=3025194257&lmt=1633607076&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Ffx.ma-bank.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076079&bpp=1&bdt=437&idt=85&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&nras=1&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=91
Frame ID: 85DD1256B106B113CF3E3A6C39D0A619
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html
Frame ID: ABF41B0FFC049F9743D1EED708F5FF0D
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8221592041F4E3B82F9452DFBB603F17
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html
Frame ID: 47DD0CED6CB5BC24CC6255CC409E1826
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BBC096277CFA94E28AA4A9E2AB049DEA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 113E10C465D2E1BC6A169DF2DFF6CF80
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4EBF473ED2C70C7099B988AEBB8155E0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

最速FXサヤ取り法 | 【FP1級運営】FX両建てスワップでローリスク&ミドルリターン

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1038 kB
Transfer

2634 kB
Size

9
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffx.ma-bank.net%2F
Title: FB

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ffx.ma-bank.net%2F&text=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95&tw_p=tweetbutton&url=https%3A%2F%2Ffx.ma-bank.net%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://b.hatena.ne.jp/entry/fx.ma-bank.net/
Title: 2

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https%3A%2F%2Ffx.ma-bank.net%2F
Title: LINE

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://fx.ma-bank.net/&title=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95
Title: pocket

Search URL Search Domain Scan URL

URL: https://www.tcs-asp.net/alink?AC=C93108&LC=FXTS1&SQ=1&isq=547

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?original_referer=https%3A%2F%2Ffx.ma-bank.net%2F&text=&tw_p=tweetbutton&url=https%3A%2F%2Ffx.ma-bank.net%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://fx.ma-bank.net/&title=
Title: pocket

Search URL Search Domain Scan URL

URL: https://fx.dmm.com/fx/service/spread/
Title: DMM FX

Search URL Search Domain Scan URL

URL: https://www.gaitamejapan.com/fx/rate.html
Title: 外為ジャパン

Search URL Search Domain Scan URL

URL: https://www.fxbroadnet.com/outline_spread.jsp
Title: FXブロードネット

Search URL Search Domain Scan URL

URL: https://www.jfx.co.jp/category/service/currency_spread.html
Title: マトリックストレーダー

Search URL Search Domain Scan URL

URL: https://hirose-fx.co.jp/spread/index.html
Title: LION FX

Search URL Search Domain Scan URL

URL: https://www.okasan-online.co.jp/fx_otc/spread.html
Title: 岡三アクティブFX（店頭FX）

Search URL Search Domain Scan URL

URL: https://www.click365.jp/market.html
Title: 岡三オンラインFX（取引所FX）

Search URL Search Domain Scan URL

URL: https://www.click-sec.com/corp/guide/fx/commission_list/
Title: FXネオ

Search URL Search Domain Scan URL

URL: https://www.invast.jp/triauto/service/summary/fee.html
Title: トライオートFX

Search URL Search Domain Scan URL

URL: https://www.rakuten-sec.co.jp/web/fx/charm/commission.html
Title: 楽天FX

Search URL Search Domain Scan URL

URL: https://min-fx.jp/market/rate/
Title: みんなのFX

Search URL Search Domain Scan URL

URL: https://lightfx.jp/market/rate/
Title: LIGHT FX

Search URL Search Domain Scan URL

URL: https://www.central-tanshifx.com/market/rate/
Title: ＦＸダイレクトプラス

Search URL Search Domain Scan URL

URL: https://www.gaitameonline.com/dealings.jsp
Title: 外為オンライン

Search URL Search Domain Scan URL

URL: https://www.moneypartners.co.jp/market/
Title: パートナーズFx nano

Search URL Search Domain Scan URL

URL: https://www.fxprime.com/service/exchange/outline/index.html
Title: FXプライムbyGMO

Search URL Search Domain Scan URL

URL: https://line-fx.com/market/spread/ex/summaryList
Title: LINE FX

Search URL Search Domain Scan URL

URL: https://www.sbifxt.co.jp/service/detailedspread.html
Title: SBI FXトレード

Search URL Search Domain Scan URL

URL: https://www.sbineomobile.co.jp/support/fx_guide/fx_service/02_rule/spread/
Title: ネオモバFX

Search URL Search Domain Scan URL

URL: https://www.monexfx.co.jp/market/rate/
Title: マネックスFX

Search URL Search Domain Scan URL

URL: https://www.yjfx.jp/gaikaex/spread/
Title: 外貨ex（YJFX!）

Search URL Search Domain Scan URL

URL: https://profile.ma-bank.net/
Title: https://profile.ma-bank.net/

Search URL Search Domain Scan URL

URL: https://ma-bank.net/
Title: 最速資産運用

Search URL Search Domain Scan URL

URL: https://bit.tisoku.net/
Title: 競売物件研究所

Search URL Search Domain Scan URL

URL: https://ediunet.jp/
Title: EDIUNET

Search URL Search Domain Scan URL

URL: https://yuho.biz/
Title: Yuho!業界ランキング

Search URL Search Domain Scan URL

URL: https://payer.tisoku.net/
Title: 税金と社会保険の推移β

Search URL Search Domain Scan URL

URL: https://home.legare-club.com/
Title: 中古住宅売買リフォーム情報

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://www.google.co.jp/coop/cse/brand?form=cse-search-box&lang=ja HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 53

https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CM_umcycuPMCFdFo4Aodwp4FNw;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 63

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

78 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fx.ma-bank.net/ 38 KB
10 KB 2800ms
2000ms Document
text/html 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 3d28a23b4a29c54a8e0517555a2f9411abaa5679f933b776b6ba762ba728e8c9

Request headers

:method: GET
:authority: fx.ma-bank.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Thu, 07 Oct 2021 11:44:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 main.css
fx.ma-bank.net/skin/ 28 KB
7 KB 252ms
251ms Stylesheet
text/css 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/main.css?1619162816
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: dd2e45abacd4eefe130af57b2b86f59d12517553ffb804e1a262d09d96ca494c

Request headers

:path: /skin/main.css?1619162816
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:35 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:26 GMT
server: nginx
etag: "19d3-5c09eba44f380"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 6611
expires: Thu, 14 Oct 2021 11:44:35 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.co.jp/coop/cse/brand?form=cse-search-box&lang=ja
https://www.gstatic.com/prose/brandjs.js

14 KB
14 KB

45ms
8ms

Script
text/javascript

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:31:56 GMT
x-content-type-options: nosniff
age: 759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13880
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 08 Oct 2021 11:31:56 GMT

Redirect headers

date: Thu, 07 Oct 2021 11:36:23 GMT
x-content-type-options: nosniff
server: sffe
age: 492
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Thu, 07 Oct 2021 12:06:23 GMT

GET
H2 200 load.gif
fx.ma-bank.net/img/ 2 KB
2 KB 251ms
251ms Image
image/gif 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/load.gif
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b

Request headers

:path: /img/load.gif
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Wed, 30 Jun 2010 00:17:32 GMT
server: nginx
etag: "606-48a3447a87f00"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1542
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H/1.1 200
OK imagesender
img.tcs-asp.net/ 36 KB
37 KB 1654ms
282ms Image
image/jpeg 180.42.51.137
OCN NTT Communica...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tcs-asp.net/imagesender?ac=C93108&lc=FXTS1&isq=547&psq=1
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 180.42.51.137 Tokorozawa, Japan, ASN4713 (OCN NTT Communications Corporation, JP),
Reverse DNS
Software: Apache /
Resource Hash: 01d9c7f1e25d06ce219b7d30cbfc16ed3532fb8515992f291131c88e7552ba4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 11:44:37 GMT
Last-Modified: Fri, 18 Oct 2019 01:39:51 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 37110
Content-Type: image/jpeg

GET
H2 200 loading.gif
fx.ma-bank.net/img/ 20 KB
20 KB 253ms
252ms Image
image/gif 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/loading.gif
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 81881de88e27be72434a9ce035cff3b0c4f7e877cc2da8fa507a3589c7b707a2

Request headers

:path: /img/loading.gif
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Thu, 25 Dec 2014 01:26:48 GMT
server: nginx
etag: "4e8d-50b004d47a600"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20109
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 74ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c393154fd4168bdd1706d13dc825068682e6b2bfaf77267e22713c81d9f94ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51258
x-xss-protection: 0
server: cafe
etag: 515734837251071871
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 11:44:35 GMT

GET
H2 200 echo.js Show response
fx.ma-bank.net/skin/ 2 KB
1021 B 251ms
251ms Script
application/x-javascript 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/echo.js
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: df91b67367b0443682d3a36f915455636dca3372974b70e3cece18de21eb9ae9

Request headers

:path: /skin/echo.js
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:35 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:27 GMT
server: nginx
etag: "30d-5c09eba5435c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 781
expires: Thu, 14 Oct 2021 11:44:35 GMT

GET
H2 200 main.js Show response
fx.ma-bank.net/skin/ 29 KB
10 KB 495ms
495ms Script
application/x-javascript 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/main.js?1619162847
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: f1de7900d2c4ad33da626ded6919ee0a070264df0f7b6c0adcfa7f3d06a668bb

Request headers

:path: /skin/main.js?1619162847
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:27 GMT
server: nginx
etag: "25c7-5c09eba5435c0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9671
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3458
date: Thu, 07 Oct 2021 10:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 07 Oct 2021 12:46:57 GMT

GET
H2 200 img10.jpg
fx.ma-bank.net/img/ 20 KB
20 KB 492ms
491ms Image
image/jpeg 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/img10.jpg
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 4e140402ebe2341a804e64b51182ab4d4f57c9a94c35832db80ec5e3bdfca974

Request headers

:path: /img/img10.jpg
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Mon, 23 Jan 2017 12:27:39 GMT
server: nginx
etag: "4e44-546c2200ee4c0"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 20036
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ja/ 1 KB
2 KB 51ms
15ms Image
image/png 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ja/branding.png

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 08:46:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Jul 2021 17:30:00 GMT
server: sffe
age: 183506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1283
x-xss-protection: 0
expires: Wed, 05 Oct 2022 08:46:09 GMT

GET
H2 200 _cat_img.png
fx.ma-bank.net/img/ 26 KB
26 KB 730ms
730ms Image
image/png 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_cat_img.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 1e109a1a9a604b335bb2235cb547eb0747f2fc61d97db8408d72ca094a9ff67a

Request headers

:path: /img/_cat_img.png
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Thu, 25 Jul 2019 03:41:35 GMT
server: nginx
etag: "660f-58e7933cfd9c0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 26127
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 bk_h2_alpha.jpg
fx.ma-bank.net/img/ 7 KB
8 KB 731ms
731ms Image
image/jpeg 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/bk_h2_alpha.jpg
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 7a273e01de63664ee1a99ec41fb52f7054dfbc5be27d85c97c2e8027a6e42d35

Request headers

:path: /img/bk_h2_alpha.jpg
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Tue, 13 Oct 2015 02:23:01 GMT
server: nginx
etag: "1d48-521f31ffd0b40"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7496
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 _icons.png
fx.ma-bank.net/img/ 5 KB
5 KB 736ms
736ms Image
image/png 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_icons.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: ff20220a9af9152e3e7b83c1fba65da0c97f0ff09ba696388307bd10de381218

Request headers

:path: /img/_icons.png
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Thu, 18 Jul 2019 02:41:44 GMT
server: nginx
etag: "14d6-58deb8ce1ea00"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5334
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 _logo_fx.png
fx.ma-bank.net/img/ 10 KB
10 KB 971ms
971ms Image
image/png 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_logo_fx.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: fdf79e576ef6f3f44844af4fb099f19293c1ce6455b48d9743c3198573e54ee1

Request headers

:path: /img/_logo_fx.png
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Fri, 23 Apr 2021 07:19:01 GMT
server: nginx
etag: "284c-5c09e9c2b4340"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10316
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 _logo_flag.jpg
fx.ma-bank.net/img/ 4 KB
4 KB 972ms
972ms Image
image/jpeg 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/_logo_flag.jpg
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 081455f242ac50315467bb6771dcc5edbe0d8c6ffab419977041c9c48ea7fa6e

Request headers

:path: /img/_logo_flag.jpg
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Mon, 17 Dec 2018 06:27:16 GMT
server: nginx
etag: "10ff-57d31df40f900"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4351
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 ya.png
fx.ma-bank.net/img/ 141 B
335 B 970ms
970ms Image
image/png 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/ya.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: c71c6b91b7eb5caf287bc01f1bb38b55e3ed5f0ad5cda4c39c2bbef04a2dfa31

Request headers

:path: /img/ya.png
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Wed, 30 Jun 2010 00:17:32 GMT
server: nginx
etag: "8d-48a3447a87f00"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 141
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 out.gif
fx.ma-bank.net/img/ 70 B
263 B 969ms
969ms Image
image/gif 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/out.gif
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 1b30ea937dc4f10b9dfefddaef9d97eab4fc377021413f3154ae65c63f742fc9

Request headers

:path: /img/out.gif
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Wed, 30 Jun 2010 00:17:32 GMT
server: nginx
etag: "46-48a3447a87f00"
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 70
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 oh.png
fx.ma-bank.net/img/ 113 B
307 B 971ms
971ms Image
image/png 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/oh.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 64b7caeb9aced89a3d434e2d4a12ee24ac7709a4a2385f70d53bd2c21596ff8c

Request headers

:path: /img/oh.png
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Thu, 23 Oct 2014 00:24:07 GMT
server: nginx
etag: "71-5060c151ab7c0"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 113
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 rss.png
fx.ma-bank.net/img/ 930 B
1 KB 890ms
890ms Image
image/png 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fx.ma-bank.net/img/rss.png
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.css?1619162816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 784edbe880ac26cb5afad76aa67112b1a7a17e1e4de0858661188f470003a7c9

Request headers

:path: /img/rss.png
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/skin/main.css?1619162816
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/skin/main.css?1619162816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
last-modified: Tue, 20 Jan 2009 22:02:14 GMT
server: nginx
etag: "3a2-460f13119c580"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 930
expires: Thu, 14 Oct 2021 11:44:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 16ms
15ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1369902790&t=pageview&_s=1&dl=https%3A%2F%2Ffx.ma-bank.net%2F&ul=en-us&de=UTF-8&dt=%E6%9C%80%E9%80%9FFX%E3%82%B5%E3%83%A4%E5%8F%96%E3%82%8A%E6%B3%95%20%7C%20%E3%80%90FP1%E7%B4%9A%E9%81%8B%E5%96%B6%E3%80%91FX%E4%B8%A1%E5%BB%BA%E3%81%A6%E3%82%B9%E3%83%AF%E3%83%83%E3%83%97%E3%81%A7%E3%83%AD%E3%83%BC%E3%83%AA%E3%82%B9%E3%82%AF%26amp%3B%E3%83%9F%E3%83%89%E3%83%AB%E3%83%AA%E3%82%BF%E3%83%BC%E3%83%B3&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1268402338&gjid=136293412&cid=1976851804.1633607076&tid=UA-17348529-20&_gid=1192694147.1633607076&_r=1&_slc=1&z=871354419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fx.ma-bank.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fx.ma-bank.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 257 KB
95 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597452072997565&plah=fx.ma-bank.net&bust=31063019

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33ab834e22bc5d5f8b5831f340c054334f5418ff66922dec0fe3f9ccb8443fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97187
x-xss-protection: 0
server: cafe
etag: 9922904937206383910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Oct 2021 11:44:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/ Frame EADA 10 KB
5 KB 53ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211005/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211005/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fx.ma-bank.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 06 Oct 2021 20:10:53 GMT
expires: Wed, 20 Oct 2021 20:10:53 GMT
content-type: text/html; charset=UTF-8
etag: 10398570473303663775
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4601
x-xss-protection: 0
age: 56023
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
462 B 68ms
22ms XHR
text/plain 2a00:1450:400c:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-17348529-20&cid=1976851804.1633607076&jid=1268402338&gjid=136293412&_gid=1192694147.1633607076&_u=IEBAAEAAAAAAAC~&z=1501677875

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fx.ma-bank.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 07 Oct 2021 11:44:36 GMT
content-type: text/plain
access-control-allow-origin: https://fx.ma-bank.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 print_top.css
fx.ma-bank.net/skin/ 78 B
324 B 820ms
819ms Stylesheet
text/css 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/skin/print_top.css?1416388238
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 3912bdc1e6b317f2ba94cedff8ec333ddf68839fdbac35eaa515f1d2e978e031

Request headers

:path: /skin/print_top.css?1416388238
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c; _ga=GA1.2.1976851804.1633607076; _gid=GA1.2.1192694147.1633607076; _gat=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
last-modified: Fri, 23 Apr 2021 07:27:26 GMT
server: nginx
etag: "61-5c09eba44f380"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 97
expires: Thu, 14 Oct 2021 11:44:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
656 B 82ms
16ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fx.ma-bank.net&callback=_gfp_s_&client=ca-pub-9597452072997565

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9597452072997565&plah=fx.ma-bank.net&bust=31063019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ee3734dd3a363e66e6f70277f4eb53d3c10f692faf964de1b946e94c77c33294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 62ms
23ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fx.ma-bank.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 64ms
25ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fx.ma-bank.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B464 110 KB
38 KB 738ms
737ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a07a04009ab0778e8d18004548916684e007c87f5d9acd01920094891d292fb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKan6MucuPMCFc4IiwodkwMEQA&gqi=pN1eYbzFCcKgrATt1pjgCQ&layout=/sadbundle/%24csp%253Der3%24/3493951766955993671/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fx.ma-bank.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKan6MucuPMCFc4IiwodkwMEQA&gqi=pN1eYbzFCcKgrATt1pjgCQ&layout=/sadbundle/%24csp%253Der3%24/3493951766955993671/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 11:44:36 GMT
server: cafe
content-length: 38109
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 11:59:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 11:44:36 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0A3D 103 KB
37 KB 528ms
527ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fc42dd52c9431a0f5b726e498af4c6e277aa926071d32604d776390e74fc6d1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuI6sucuPMCFbGBgwcd4vAPIw&gqi=pN1eYYfjCozm3wOK1qnwDg&layout=/sadbundle/%24csp%253Der3%24/2538086564861449336/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fx.ma-bank.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIuI6sucuPMCFbGBgwcd4vAPIw&gqi=pN1eYYfjCozm3wOK1qnwDg&layout=/sadbundle/%24csp%253Der3%24/2538086564861449336/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 07 Oct 2021 11:44:36 GMT
server: cafe
content-length: 36785
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 11:59:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 11:44:36 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 28ms
27ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-17348529-20&cid=1976851804.1633607076&jid=1268402338&_u=IEBAAEAAAAAAAC~&z=402656659

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 76ms
39ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-17348529-20&cid=1976851804.1633607076&jid=1268402338&_u=IEBAAEAAAAAAAC~&z=402656659

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85DD 0
180 B 24ms
24ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&adk=1812271804&adf=3025194257&lmt=1633607076&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Ffx.ma-bank.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076079&bpp=1&bdt=437&idt=85&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&nras=1&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=91

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9597452072997565&output=html&adk=1812271804&adf=3025194257&lmt=1633607076&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32&format=0x0&url=https%3A%2F%2Ffx.ma-bank.net%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076079&bpp=1&bdt=437&idt=85&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C300x600&nras=1&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fx.ma-bank.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 07 Oct 2021 11:44:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 07-Oct-2021 11:59:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 11:44:36 GMT
cache-control: private

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame 0A3D 18 KB
8 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:43:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame 0A3D 3 KB
1 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A3D 122 KB
38 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Oct 2021 11:44:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame 0A3D 14 KB
6 KB 48ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:42:56 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/ Frame ABF4 5 KB
4 KB 46ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71049df40641318f79ed350ce1c9d3f4c99fd474a68686fb2b12d44a029e8df5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/2538086564861449336/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 2111
date: Fri, 01 Oct 2021 09:50:15 GMT
expires: Sat, 01 Oct 2022 09:50:15 GMT
last-modified: Thu, 15 Apr 2021 13:41:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 525261
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0A3D 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CECShpN1eYYumC7GDjuwP4uG_mAL804rCY-6qlcvNDc6--JZxEAEg7pf8E2CV4pCCoAegAf-Ere0DyAEJqAMByANIqgTFAU_Qo6sCFDRm0YWFnR2izUB5s-QdHOxF0FsrS_99evtr9a3kiXvCZRjRyOlmYeUugM5Q08x4eIa-5pZqXv8BNgpTuTAhtgL09rp6MJZEzMdUez9r3tMTNtWoukNiqWuhlX_pQWNkeIrmN6r5eJdsP9J1Vs53-aMc6Pfm1EmCJHGCRJjWKEu0UvLtheC_27whnfF1AaG4VaGZQXgwQ9E8essrPfoIell7PVQyO6ER4QedCD0RbfAvef_BvcVf-rDF6gGfFHTHwATc_8bC-AKSBQQIBBgBkgUECAUYBKAGLoAHkvuaHagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwDyBwQQu4Qi0ggJCIDhgBAQARhfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTk1OTc0NTIwNzI5OTc1NjUYAA&sigh=6De9YCPe0Qs&template_id=419

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Oct 2021 11:44:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Oct 2021 11:44:36 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8221 143 B
226 B 14ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=236026797&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076058&bpp=1&bdt=416&idt=99&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=1768672156073&frm=20&pv=1&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=2047&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=JdBSJax2MW&p=https%3A//fx.ma-bank.net&dtd=103

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 07 Oct 2021 11:35:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 518
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame ABF4 9 KB
3 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Oct 2021 01:24:38 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame ABF4 26 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44046
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Oct 2021 23:30:30 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame ABF4 236 KB
63 KB 101ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Oct 2021 11:44:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame ABF4 84 KB
84 KB 50ms
9ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 09:02:22 GMT
x-content-type-options: nosniff
age: 9734
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85578
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 07 Oct 2022 09:02:22 GMT

GET
H2 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/ Frame ABF4 93 KB
22 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e39d67906bbe13090f51b9d0782b34bf8ec28c368ac23dc8100f45fd85b8d99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 264197
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22643
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 13:41:02 GMT
server: sffe
date: Mon, 04 Oct 2021 10:21:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Oct 2022 10:21:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame ABF4 2 KB
1 KB 73ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900i

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2538086564861449336/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67c96695d39b1545bd821e53ff4d91d78cd81d673cb1d4c5aa65f04a414d2fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 11:44:36 GMT
server: ESF
date: Thu, 07 Oct 2021 11:44:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 07 Oct 2021 11:44:36 GMT

GET
DATA 200
OK truncated
/ Frame 0A3D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eff665c995cfb24e1e0fc76dc4ecd7cec1ba939fe2c8fb501faf424d400df3a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8221
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
144 B

47ms
47ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUn7Ipz7gBbD6EAvPjzt4-Q70QBkq_ft3iCZ9LHHa4ghBh_Smek0G2Ioqv3tSlM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 07 Oct 2021 11:44:36 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 07-Oct-2021 12:44:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 11:44:36 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 07 Oct 2021 11:44:36 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/ Frame B464 18 KB
7 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7605
x-xss-protection: 0
server: cafe
etag: 4152153861754824712
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:43:45 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame B464 3 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:33:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 656
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B464 122 KB
37 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37846
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1632957210746890"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Oct 2021 11:44:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/ Frame B464 14 KB
6 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211005/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6206
x-xss-protection: 0
server: cafe
etag: 15755272758842173338
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Oct 2021 11:42:56 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/ Frame 47DD 3 KB
2 KB 10ms
10ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

761133f3e1dbe1ba8ceb9dea8b83c3a5cbeed006cb563936d2c445a94ea1afa7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/3493951766955993671/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 1494
date: Tue, 05 Oct 2021 13:23:43 GMT
expires: Wed, 05 Oct 2022 13:23:43 GMT
last-modified: Tue, 28 Sep 2021 17:36:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 166853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

B26136620.308725970;dc_pre=CM_umcycuPMCFdFo4Aodwp4FNw;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/ Frame B464
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CM_umcycuPMCFdFo4Aodwp4FNw;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;...

42 B
118 B

37ms
36ms

Fetch
image/gif

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CM_umcycuPMCFdFo4Aodwp4FNw;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N393201.3392460GDNPROGRAMMATIC/B26136620.308725970;dc_pre=CM_umcycuPMCFdFo4Aodwp4FNw;dc_trk_aid=501600486;dc_trk_cid=123773641;ord=29748642;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame B464 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CylnzpN1eYabFCc6RrASTh5CABIvCrs1lzKHn2MEOv-EeEAEg7pf8E2CV4pCCoAegAb_nu8QDyAEJqQJwjBXHk2ezPqgDAcgDSKoEwgFP0MhEh09AX5TekGaNFEzm2ff0DZFGlSYG0waca_hRiKpOiAPmksNdQOp9D3uf6D4epxvyfnaXrE_JkYQjghDV_J972mhf09CMLkjPrbMidsiWakvc9d1MlO5qS1imn-1oGImpB9tMRjJXSYsjb90gvwxiE9wEPbeQqeCV5TMbUZMUYJUq5QioIv-eS0jwvdJKCVzF89zDrlfMboiP2-W5DevEQu-QgCL5QMgkAHLzgYpX6Wmp6P0kCH_5zdq2yf5E_cAEvbPvprADkgUECAQYAZIFBAgFGASgBi6AB8CJlR-oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEELOJMdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi05NTk3NDUyMDcyOTk3NTY1GAA&sigh=I1aUm4An8r0&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 07 Oct 2021 11:44:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBC0 143 B
202 B 16ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUn7Ipz7gBbD6EAvPjzt4-Q70QBkq_ft3iCZ9LHHa4ghBh_Smek0G2Ioqv3tSlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 07 Oct 2021 11:35:58 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2
fonts.gstatic.com/s/roboto/v29/ Frame ABF4 17 KB
18 KB 58ms
19ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOjCnqEu92Fr1Mu51TLBCc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 16:37:36 GMT
x-content-type-options: nosniff
age: 68821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17540
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Oct 2022 16:37:36 GMT

GET
DATA 200
OK truncated
/ Frame B464 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5bea6cd3d6bd5ab76282d4bdbcf539afd6bccba543caf54891048f4d6c33ce6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js Show response
pagead2.googlesyndication.com/bg/ Frame ABF4 35 KB
13 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 20:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 04 Oct 2022 20:10:28 GMT

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 47DD 9 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 01:24:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Oct 2021 01:24:38 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 47DD 26 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 23:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44047
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Oct 2021 23:30:30 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 47DD 236 KB
63 KB 323ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Oct 2021 11:44:37 GMT

GET
H2 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/ Frame 47DD 385 KB
88 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71a04207426d48f81398caada75aaf4194d674001a2d3388d450c1656747438a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 115500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90193
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 17:36:12 GMT
server: sffe
date: Wed, 06 Oct 2021 03:39:37 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Oct 2022 03:39:37 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBC0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
167 B

32ms
31ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUn7Ipz7gBbD6EAvPjzt4-Q70QBkq_ft3iCZ9LHHa4ghBh_Smek0G2Ioqv3tSlM; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 07 Oct 2021 11:44:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 07-Oct-2021 12:44:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 07 Oct 2021 11:44:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 07 Oct 2021 11:44:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 auto.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/ Frame 47DD 11 KB
11 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/auto.png?1632238323330

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597452072997565&output=html&h=600&slotname=3667372079&adk=4248768080&adf=2324195497&pi=t.ma~as.3667372079&w=300&lmt=1633607076&psa=0&format=300x600&url=https%3A%2F%2Ffx.ma-bank.net%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633607076055&bpp=3&bdt=414&idt=73&shv=r20211005&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=1768672156073&frm=20&pv=2&ga_vid=1976851804.1633607076&ga_sid=1633607076&ga_hid=1369902790&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=230&ady=704&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062938%2C31062944%2C31063019&oid=2&pvsid=2914788422955961&pem=147&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=wiczTWm3vy&p=https%3A//fx.ma-bank.net&dtd=85

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395413a5d6b724796d7a1673c2361f5908e34ceec3610ddfd79ee3eaba4bad7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10933
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 17:36:12 GMT
server: sffe
date: Tue, 05 Oct 2021 13:16:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Oct 2022 13:16:40 GMT

GET
H2 200 btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js Show response
pagead2.googlesyndication.com/bg/ Frame 47DD 35 KB
13 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 20:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 04 Oct 2022 20:10:28 GMT

GET
H2 200 p0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/ Frame 47DD 23 KB
23 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/p0.png?1632238323330

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a883bb22852b25a2394b3facbf78462bfbde516dfb8374c9fde040a91c59476

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23105
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 17:36:12 GMT
server: sffe
date: Tue, 05 Oct 2021 13:16:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Oct 2022 13:16:40 GMT

GET
H2 200 p1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/ Frame 47DD 27 KB
27 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3493951766955993671/p1.png?1632238323330

Requested by

Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3377d210b9246100b5d0a8bf0cc13b2aba956aab6a10da5eeb837455ac737cb3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 167277
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27166
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 17:36:12 GMT
server: sffe
date: Tue, 05 Oct 2021 13:16:40 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 05 Oct 2022 13:16:40 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B464 42 B
518 B 62ms
26ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrQc0GuwtreJBHO1QcsDrfMLhtCluPD3HJeRCeWfKk5brdF6cQrjH2m0wT3WBmvPnVuB56akCXgDi8L3B_x3qsln7TPpJy1lCrjO83BxVKzHpWnZXICw&sai=AMfl-YTX75Zlivvahcsjp7Qi51mzDlrK6ORD4rgBjfIyLEB5JgltznnknVIZWO77_cj-6HM4FbM4me5a5YXD&sig=Cg0ArKJSzNjHo8nTWNOZEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&app=0&itpl=2&adk=4248768080&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633607076141&rpt=896

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
fx.ma-bank.net/json/ 66 KB
13 KB 541ms
541ms XHR
application/json 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/json/?id=json_list&ymd=NaN
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.js?1619162847
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 1256eac03f33c70ed77410c1c87bc44b3535ab4d41bc9a7a5e6c0851d3fe72d5

Request headers

:path: /json/?id=json_list&ymd=NaN
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c; _ga=GA1.2.1976851804.1633607076; _gid=GA1.2.1192694147.1633607076; _gat=1; __gads=ID=3e0dcaa14d6faad2-22f26f36e8ca0099:T=1633607076:RT=1633607076:S=ALNI_MYsiUNwgGSVqJXdDjuulzMmd7Iz9Q
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:38 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 44ms
44ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211005&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740c4d0ca1791e57dc9eb00aa310a64c666042305d7552f7abdf43968b51b334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Oct 2021 11:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8499
x-xss-protection: 0

GET
H2 200 / Show response
fx.ma-bank.net/json/ 6 B
161 B 436ms
435ms XHR
application/json 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/json/?id=facebook&url=https://fx.ma-bank.net/
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.js?1619162847
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 117768321b3bc0928c2712054d6f312c0e560861382c8b9bc0f5f7294199d87f

Request headers

:path: /json/?id=facebook&url=https://fx.ma-bank.net/
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c; _ga=GA1.2.1976851804.1633607076; _gid=GA1.2.1192694147.1633607076; _gat=1; __gads=ID=3e0dcaa14d6faad2-22f26f36e8ca0099:T=1633607076:RT=1633607076:S=ALNI_MYsiUNwgGSVqJXdDjuulzMmd7Iz9Q
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:38 GMT
content-encoding: gzip
server: nginx
content-length: 26
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 / Show response
fx.ma-bank.net/json/ 5 B
160 B 536ms
535ms XHR
application/json 153.120.52.141
SAKURA-A SAKURA I...

General

Check archive.org

Show headers Download Go to

Full URL: https://fx.ma-bank.net/json/?id=hatena&url=https://fx.ma-bank.net/
Requested by: Host: fx.ma-bank.net
URL: https://fx.ma-bank.net/skin/main.js?1619162847
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 153.120.52.141 , Japan, ASN7684 (SAKURA-A SAKURA Internet Inc., JP),
Reverse DNS: 141.52.120.153.static.www6213m.sakura.ne.jp
Software: nginx /
Resource Hash: 68a90152c04505f5f2f397b31c13447056085e8176be9daa43b182b9d731b2e4

Request headers

:path: /json/?id=hatena&url=https://fx.ma-bank.net/
pragma: no-cache
cookie: PHPSESSID=bd5e032dd091210f94cf11c298ed8c0c; _ga=GA1.2.1976851804.1633607076; _gid=GA1.2.1192694147.1633607076; _gat=1; __gads=ID=3e0dcaa14d6faad2-22f26f36e8ca0099:T=1633607076:RT=1633607076:S=ALNI_MYsiUNwgGSVqJXdDjuulzMmd7Iz9Q
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: fx.ma-bank.net
referer: https://fx.ma-bank.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 11:44:38 GMT
content-encoding: gzip
server: nginx
content-length: 25
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1159ms
1159ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 11:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 07 Oct 2021 11:44:39 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 113E 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fx.ma-bank.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 07 Oct 2021 11:21:09 GMT
expires: Fri, 07 Oct 2022 11:21:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4EBF 783 B
993 B 27ms
27ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

34a2d959015df191a1cfcffd93408cbd76aab150ca1b063a9deae84c324c5f59

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w7lYpeW4BQfhe2pDm/dajw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fx.ma-bank.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 07 Oct 2021 11:44:39 GMT
date: Thu, 07 Oct 2021 11:44:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-w7lYpeW4BQfhe2pDm/dajw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js Show response
pagead2.googlesyndication.com/bg/ Frame 113E 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/btcV14rhSE4JjX-dU8qis16W-S4SvK8Z_HSOK5YN0GI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 20:10:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 228851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13394
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 04 Oct 2022 20:10:28 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4EBF 0
0 30ms
29ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211005&jk=2914788422955961&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
89ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20211005&jk=2914788422955961&bg=!1dal1pLNAAYiB-bNIgc7ACkAdvg8WneqyxLG4TeL0ZtRm2_9efFfne86Db6HXFqJbblSbDKjbw7w4AIAAABqUgAAAAZoAQcKAF9SB7faqaMt2RADBSs3BjVp8PAJminmVz_98Zr3CHSzOmlHUyttzxTyVk-8KAH6bZZMmyFqzlEvyQW8fwLS6IJlFqtU9zwgLDrrtnufYrZ-6KnH0HOmsUo4HwXobYTA_pkCv-ehVAGpHjhpvwL_B21sc3ZFoWbJnOJ0jMoWDm36pCl4qGM5FIs8TebHQnoQWBm-liVQ2Iqbltwz0kyMGoVLJ62GRmeORtYB4F8x6qxkclWkEgdm1NBcPxBDwIo1wJFU5H4HQED9kS2d-rKMdTQlg2miJoJtLpwVv-oNZ4QrWppIsvPwSeU36JVNZtB-K_KXFD9p8wQ_yESfqVAGHhg2CXprpredrKzpDnSUnO3aK-8OLmX_G5oKupaq3yVJ2YdSa2sl1h9Gh2JGJHQvIgzPqKFTLbLKh49ISZcZ4GWKTI4Vsydzhiig4_0Z8SlorkbU3e9PT7N6vQqqTjbzJB4dDBpx_yHslIBRf77npGAah700l3yqDAi0CPSkFyeiuzELZEXpb4mWeKBSEmt6tWrEdOjsxEF0MyrYk_0utcnXk9SDykbGioHp7ObnPu87LpcDTSLHKlwockbe0vKOWwQZyYWz3k2v5IOmOv2l6wVTNZL1w4mqPOzevQBTzaIhOGziOi2CsLbtj1HWGnAuq68h4sAUqz8nQ1zHrtxPvh5MYN8D7fgvPvzPzyhQF5SIwh8sHRR1pMSQKM8iGC2aT2qMgXG05cu9K7rzybQxZr-TruscORk8wsNM0g57GCjXcCTOhr498hfzERYAlCtKZGvMJIk5S-UBjBUujc51Rv_ffCW8fg0Ws_C2qvhqfvQsHvJnwZBElzZEhXkXCUq7Kxcc8dOfBCCiNhcKL6aaNPZ9VIFJq9JnWpqzUnvtA9bi_d6Y2E6gifZWH-D5LiPpwFHg5ZJp34FNjBo4eDyNUVUfe8xWP_H4FxgO0g4PIM4PGTEgsnd4FlJAfHj0qyLhUR4V-jqZDAVi-HCQjxhg_W9sS1nd4h_hQ46Nu3ofcbSZNHLX24bjdlMqLjPYTxkUFC4KKhQVa4if6UI3ZoZaNUy4tmk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fx.ma-bank.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fx.ma-bank.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: bd5e032dd091210f94cf11c298ed8c0c
.ma-bank.net/	1970-01-20 15:17:59	Name: _ga Value: GA1.2.1976851804.1633607076
.ma-bank.net/	1970-01-19 21:48:13	Name: _gid Value: GA1.2.1192694147.1633607076
.ma-bank.net/	1970-01-19 21:46:47	Name: _gat Value: 1
.ma-bank.net/	1970-01-20 07:08:23	Name: __gads Value: ID=3e0dcaa14d6faad2-22f26f36e8ca0099:T=1633607076:RT=1633607076:S=ALNI_MYsiUNwgGSVqJXdDjuulzMmd7Iz9Q
.doubleclick.net/	1970-01-20 07:08:23	Name: IDE Value: AHWqTUn7Ipz7gBbD6EAvPjzt4-Q70QBkq_ft3iCZ9LHHa4ghBh_Smek0G2Ioqv3tSlM
.doubleclick.net/	1970-01-19 21:46:47	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:46:50	Name: DSID Value: NO_DATA
img.tcs-asp.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: A9DCB54CBB7E95B724A0846B7167D99D.mten

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
fx.ma-bank.net
googleads.g.doubleclick.net
img.tcs-asp.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
142.250.184.230
153.120.52.141
172.217.16.130
180.42.51.137
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c02::9c
01d9c7f1e25d06ce219b7d30cbfc16ed3532fb8515992f291131c88e7552ba4d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
081455f242ac50315467bb6771dcc5edbe0d8c6ffab419977041c9c48ea7fa6e
0e39d67906bbe13090f51b9d0782b34bf8ec28c368ac23dc8100f45fd85b8d99
117768321b3bc0928c2712054d6f312c0e560861382c8b9bc0f5f7294199d87f
1256eac03f33c70ed77410c1c87bc44b3535ab4d41bc9a7a5e6c0851d3fe72d5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a07a04009ab0778e8d18004548916684e007c87f5d9acd01920094891d292fb
1b30ea937dc4f10b9dfefddaef9d97eab4fc377021413f3154ae65c63f742fc9
1e109a1a9a604b335bb2235cb547eb0747f2fc61d97db8408d72ca094a9ff67a
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
3377d210b9246100b5d0a8bf0cc13b2aba956aab6a10da5eeb837455ac737cb3
33ab834e22bc5d5f8b5831f340c054334f5418ff66922dec0fe3f9ccb8443fab
34a2d959015df191a1cfcffd93408cbd76aab150ca1b063a9deae84c324c5f59
3912bdc1e6b317f2ba94cedff8ec333ddf68839fdbac35eaa515f1d2e978e031
3d28a23b4a29c54a8e0517555a2f9411abaa5679f933b776b6ba762ba728e8c9
4e140402ebe2341a804e64b51182ab4d4f57c9a94c35832db80ec5e3bdfca974
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5f2778667ce7da721e201618eac589ac1a32af6b43c246675826a8d728eb902b
5fc42dd52c9431a0f5b726e498af4c6e277aa926071d32604d776390e74fc6d1
6395413a5d6b724796d7a1673c2361f5908e34ceec3610ddfd79ee3eaba4bad7
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
64b7caeb9aced89a3d434e2d4a12ee24ac7709a4a2385f70d53bd2c21596ff8c
6546570d77534cf5fdf2b983c4b5c4b82aee432543271aeb64be42b9eb928180
67c96695d39b1545bd821e53ff4d91d78cd81d673cb1d4c5aa65f04a414d2fd6
68a90152c04505f5f2f397b31c13447056085e8176be9daa43b182b9d731b2e4
6a883bb22852b25a2394b3facbf78462bfbde516dfb8374c9fde040a91c59476
6ed715d78ae1484e098d7f9d53caa2b35e96f92e12bcaf19fc748e2b960dd062
71049df40641318f79ed350ce1c9d3f4c99fd474a68686fb2b12d44a029e8df5
71a04207426d48f81398caada75aaf4194d674001a2d3388d450c1656747438a
740c4d0ca1791e57dc9eb00aa310a64c666042305d7552f7abdf43968b51b334
761133f3e1dbe1ba8ceb9dea8b83c3a5cbeed006cb563936d2c445a94ea1afa7
784edbe880ac26cb5afad76aa67112b1a7a17e1e4de0858661188f470003a7c9
7a273e01de63664ee1a99ec41fb52f7054dfbc5be27d85c97c2e8027a6e42d35
81881de88e27be72434a9ce035cff3b0c4f7e877cc2da8fa507a3589c7b707a2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c393154fd4168bdd1706d13dc825068682e6b2bfaf77267e22713c81d9f94ad3
c5bea6cd3d6bd5ab76282d4bdbcf539afd6bccba543caf54891048f4d6c33ce6
c71c6b91b7eb5caf287bc01f1bb38b55e3ed5f0ad5cda4c39c2bbef04a2dfa31
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
dd2e45abacd4eefe130af57b2b86f59d12517553ffb804e1a262d09d96ca494c
df91b67367b0443682d3a36f915455636dca3372974b70e3cece18de21eb9ae9
e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ee3734dd3a363e66e6f70277f4eb53d3c10f692faf964de1b946e94c77c33294
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff665c995cfb24e1e0fc76dc4ecd7cec1ba939fe2c8fb501faf424d400df3a0
f1de7900d2c4ad33da626ded6919ee0a070264df0f7b6c0adcfa7f3d06a668bb
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fdf79e576ef6f3f44844af4fb099f19293c1ce6455b48d9743c3198573e54ee1
ff20220a9af9152e3e7b83c1fba65da0c97f0ff09ba696388307bd10de381218

fx.ma-bank.net Open in urlscan Pro 153.120.52.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

79 %IPv6

13 Domains

20 Subdomains

20 IPs

4 Countries

1038 kBTransfer

2634 kBSize

9 Cookies

36 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fx.ma-bank.net Open in urlscan Pro
153.120.52.141 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

20
Subdomains

20
IPs

4
Countries

1038 kB
Transfer

2634 kB
Size

9
Cookies

78 HTTP transactions
2 data transactions