www.nothing.net Open in urlscan Pro
66.96.149.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.nothing.net/
Submission: On December 31 via manual (December 31st 2021, 6:25:40 am UTC) from LK — Scanned from DE

Summary HTTP 59 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 59 HTTP transactions. The main IP is 66.96.149.32, located in United States and belongs to BIZLAND-SD, US. The main domain is www.nothing.net.

This is the only time www.nothing.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	66.96.149.32 66.96.149.32	29873 (BIZLAND-SD) (BIZLAND-SD)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4002:800::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
59	15

3 66.96.149.32 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 32.149.96.66.static.eigbox.net

www.nothing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4002:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	341 KB
7	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	69 KB
7	google.com 2 redirects www.google.com cse.google.com adservice.google.com	4 KB
3	gstatic.com csi.gstatic.com	398 B
3	nothing.net www.nothing.net	19 KB
2	facebook.com 1 redirects www.facebook.com	3 KB
2	google.de adservice.google.de	914 B
2	google-analytics.com www.google-analytics.com	7 KB
2	facebook.net connect.facebook.net	83 KB
1	2mdn.net s0.2mdn.net	39 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	googleadservices.com partner.googleadservices.com	645 B
59	12

	Domain	Requested by
20	tpc.googlesyndication.com	www.nothing.net googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	www.nothing.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.nothing.net googleads.g.doubleclick.net
4	www.google.com	2 redirects www.nothing.net tpc.googlesyndication.com
3	csi.gstatic.com	tpc.googlesyndication.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	www.nothing.net	www.nothing.net
2	www.facebook.com	1 redirects connect.facebook.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.nothing.net
2	connect.facebook.net	www.nothing.net connect.facebook.net
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cse.google.com	www.nothing.net
59	16

This site contains links to these domains. Also see Links.

Domain
xymyl.blogspot.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.nothing.net/
Frame ID: 125101DD55D7EA0DE50F4D145E7442F7
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&h=60&slotname=5152492862&adk=3421435569&adf=2924924831&pi=t.ma~as.5152492862&w=468&lmt=1299599672&url=http%3A%2F%2Fwww.nothing.net%2F&flash=0&wgl=1&dt=1640931936172&bpp=17&bdt=84&idt=107&shv=r20211207&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=8722502604468&rume=1&frm=20&pv=2&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZQIzVmSCxV&p=http%3A//www.nothing.net&dtd=121
Frame ID: 98CF8135140F078F6BC98B9AB26E1BA1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html
Frame ID: BA6414EA622F1CD66B9E22E2AEC53A86
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cb2sEYKLOYaCoE4qi7_UPjaKI-AHilP2gZ8Cxud_nDtnZHhABIPisrwxgleKQgqAHoAHF6pm5AsgBCakCwli4Ndz9sj6oAwHIA0iqBM0BT9A8w809TLbLS2I0xcAskiHx0kLv7Dgm7Fyc8-qG0vvPOb_Ed5eNF6kOQ6UIluk2W2BMb2M-0ACFQksxt4s0O73LIU4bArS4Z1haSSjpmAfcDOeHT-6tnecUBhtqjl0UV4hGchrsYCrIczxCSGmNql_kYusIwokRz5NQR2A03eeQsTr89HVAPwoXeHP1kEme1OgmfzS1tp45XKQ46emjP12HDy5esQ5uk0q6sDtl279bZQrYs5qeDBiXrkeTTQW_t-V9w1XQ5iJi0XixDcAE4aTs19wDkgUECAQYAZIFBAgFGASgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQrd6zAdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTM3NTc5MTYyNTUxMzk0GAA&sigh=udDwk672j6I&uach_m=[UACH]&template_id=419
Frame ID: 5A6FA91ED59DC58233539821751D2081
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EB48ABABD427E7A65B586DD00F1C48B0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f64107736bac%2526domain%253Dwww.nothing.net%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.nothing.net%25252Ff23e83fb41e652%2526relation%253Dparent.parent%26color_scheme%3Ddark%26container_width%3D0%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fnothing.net%26locale%3Den_US%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D292
Frame ID: 9C0405DC376429293DDA2D4F87F80C45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: B9FC907C4B7D818EA5BD8D926AD5C3F0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&adk=1812271804&adf=3025194257&lmt=1299599672&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.nothing.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1640931937218&bpp=2&bdt=1130&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da608e53c832d3f16-22c7be6a12cd0026%3AT%3D1640931936%3ART%3D1640931936%3AS%3DALNI_MaGDS8XDJDm9Maz1X9zoAkfVTlaEQ&prev_slotnames=5152492862&nras=1&correlator=8722502604468&rume=1&frm=20&pv=1&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&tmod=669&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=17
Frame ID: 5A9EEC6195CDF5D5BB0D7EF11893E1E9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3FEE3EA09E66846791902153EAC1B59
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 023625B4938F1D5AC9C9DC48E02A3A8B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NOTHING

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

59
Requests

83 %
HTTPS

79 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

598 kB
Transfer

1621 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://xymyl.blogspot.com/
Title: nothing blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://www.google.com/cse/api/branding.css HTTP 301
https://cse.google.com/cse/api/branding.css

Request Chain 5

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 8

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=958309592&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=NOTHING&utmhn=www.nothing.net&utmhid=1044974105&utmr=-&utmp=/&utmac=UA-660744-2&utmcc=__utma%3D129523475.958309592.1640931936.1640931936.1640931936.1%3B%2B__utmz%3D129523475.1640931936.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=958309592&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=NOTHING&utmhn=www.nothing.net&utmhid=1044974105&utmr=-&utmp=/&utmac=UA-660744-2&utmcc=__utma%3D129523475.958309592.1640931936.1640931936.1640931936.1%3B%2B__utmz%3D129523475.1640931936.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 41

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f64107736bac%26domain%3Dwww.nothing.net%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.nothing.net%252Ff23e83fb41e652%26relation%3Dparent.parent&color_scheme=dark&container_width=0&header=false&href=http%3A%2F%2Fwww.facebook.com%2Fnothing.net&locale=en_US&sdk=joey&show_faces=true&stream=false&width=292 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f64107736bac%2526domain%253Dwww.nothing.net%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.nothing.net%25252Ff23e83fb41e652%2526relation%253Dparent.parent%26color_scheme%3Ddark%26container_width%3D0%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fnothing.net%26locale%3Den_US%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D292

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.nothing.net/ 2 KB
3 KB 408ms
123ms Document
text/html 66.96.149.32
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: http://www.nothing.net/
Protocol: HTTP/1.1
Server: 66.96.149.32 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 32.149.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: c2c4bd0c2b616b221a7be759272ea18ae8811b0e85a11f78ba5af3900ad77306

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 31 Dec 2021 06:25:36 GMT
Content-Type: text/html
Content-Length: 2445
Connection: keep-alive
Server: Apache/2
Last-Modified: Tue, 08 Mar 2011 15:54:32 GMT
Accept-Ranges: bytes
Cache-Control: max-age=3600
Etag: "98d-49dfaa0ccbe00"
Expires: Fri, 31 Dec 2021 07:25:36 GMT
Age: 0

GET
H/1.1 200
OK nothingsmhigh.GIF
www.nothing.net/noimages/ 12 KB
13 KB 97ms
97ms Image
image/gif 66.96.149.32
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nothing.net/noimages/nothingsmhigh.GIF
Requested by: Host: www.nothing.net
URL: http://www.nothing.net/
Protocol: HTTP/1.1
Server: 66.96.149.32 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 32.149.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: e5cb466a494b3b422db47c227e2ca970373be714683580a123f236116533501d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 06:25:36 GMT
Last-Modified: Sat, 21 Nov 2009 07:04:51 GMT
Server: Apache/2
Age: 0
ETag: "310d-478dc35682ac0"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12557
Expires: Fri, 31 Dec 2021 10:25:36 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

30ms
7ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee0aebdab40c1345ca9b2b869dd5f6c1bf5dd97d8e8c43d94fd030830cd40548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Vnsv/pV2USoRQnuym0F/Sw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 31 Dec 2021 06:40:24 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: QnWTrdC+HTtg6VTHtFQt9Jsq5Bjk9IsiX1I9dfFDqAlGrRDQTkm/W7vXnljAbGtMTJ2KjXWx1AbtWeBw8TvFzQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 96f5bde1f92d4e874bb64f1da2242c9c
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 31 Dec 2021 06:25:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "99dad5c34ccaa89fa92613626b1133df"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK nosomething.gif
www.nothing.net/noimages/ 3 KB
3 KB 105ms
104ms Image
image/gif 66.96.149.32
BIZLAND-SD

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.nothing.net/noimages/nosomething.gif
Requested by: Host: www.nothing.net
URL: http://www.nothing.net/
Protocol: HTTP/1.1
Server: 66.96.149.32 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 32.149.96.66.static.eigbox.net
Software: Apache/2 /
Resource Hash: 04bebc72279b932db791a12c6f22e83c449b386f562d484d0eebea0b50b2112b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 06:25:36 GMT
Last-Modified: Sat, 21 Nov 2009 07:04:44 GMT
Server: Apache/2
Age: 0
Etag: "bb7-478dc34fd5b00"
Content-Type: image/gif
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2999
Expires: Fri, 31 Dec 2021 10:25:36 GMT

GET
H2

200

branding.css
cse.google.com/cse/api/
Redirect Chain

http://www.google.com/cse/api/branding.css
https://cse.google.com/cse/api/branding.css

1 KB
693 B

44ms
7ms

Stylesheet
text/css

2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/api/branding.css

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Nov 2007 23:34:50 GMT
server: pfe
age: 492
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 322
x-xss-protection: 0
expires: Fri, 31 Dec 2021 06:47:24 GMT

Redirect headers

Date: Fri, 31 Dec 2021 06:23:35 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 121
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/api/branding.css
Cache-Control: public, max-age=1800
Content-Length: 240
X-XSS-Protection: 0
Expires: Fri, 31 Dec 2021 06:53:35 GMT

GET
H/1.1 200
OK poweredby_000000.gif
www.google.com/images/poweredby_transparent/ 488 B
1 KB 21ms
14ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/poweredby_transparent/poweredby_000000.gif

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 06:25:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 488
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Fri, 31 Dec 2021 06:25:36 GMT

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

30ms
7ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 11:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 68786
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Thu, 13 Jan 2022 11:19:10 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 111 KB
40 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b862e027a863c38c1c5f5af0d23a2bf75f18e5caaa4543e64bc49dc29fde4b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 31 Dec 2021 06:25:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 293345629927465906
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40127
X-XSS-Protection: 0
Expires: Fri, 31 Dec 2021 06:25:36 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=10a2f05d903ea418ec695db04a872fa6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea00ae586c85d0cc76482889d560b7d866f2910dbc8677098fd61faeb9afaacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.nothing.net/
Origin: http://www.nothing.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ziYVNeQzqyEGbqMiZ/Ti/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 31 Dec 2022 04:28:41 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 81985
x-fb-rlafr: 0
x-fb-debug: Bn8ygEmLjb8NxEGcKVZIju1yvwiwB8HlyRaxFeDHGEBFs86B5OSJ+af3zzhzrdVrp8TNrF7/JdrtTrJW+eOlkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1263e2dca3619c146629fb4c48012d64
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 31 Dec 2021 06:25:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5f89dd0b612fd6c6c5fc6a96379672ed"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=958309592&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=NOTHING&utmhn=www.nothing.net&utmhid=104...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=958309592&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=NOTHING&utmhn=www.nothing.net&utmhid=10...

35 B
55 B

23ms
7ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=958309592&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=NOTHING&utmhn=www.nothing.net&utmhid=1044974105&utmr=-&utmp=/&utmac=UA-660744-2&utmcc=__utma%3D129523475.958309592.1640931936.1640931936.1640931936.1%3B%2B__utmz%3D129523475.1640931936.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Dec 2021 20:10:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36917
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=958309592&utmcs=windows-1252&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=NOTHING&utmhn=www.nothing.net&utmhid=1044974105&utmr=-&utmp=/&utmac=UA-660744-2&utmcc=__utma%3D129523475.958309592.1640931936.1640931936.1640931936.1%3B%2B__utmz%3D129523475.1640931936.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=pub-5537579162551394&plah=www.nothing.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 06:25:36 GMT

GET
H3 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/ 53 KB
20 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=pub-5537579162551394&plah=www.nothing.net

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4718f1514e6ec44a3b4d571412a560514081d5d77b8d3c85f5688094f8629be8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 11:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20962
x-xss-protection: 0
server: cafe
etag: 4208632251520948083
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 11:07:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
645 B 68ms
16ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.nothing.net&callback=_gfp_s_&client=ca-pub-5537579162551394

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

257f152370c25aa3bbbb4b6a2069fab28d91564c247dd4b4aa63e30490d30972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 66ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nothing.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 06:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nothing.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 06:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98CF 129 KB
41 KB 539ms
533ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&h=60&slotname=5152492862&adk=3421435569&adf=2924924831&pi=t.ma~as.5152492862&w=468&lmt=1299599672&url=http%3A%2F%2Fwww.nothing.net%2F&flash=0&wgl=1&dt=1640931936172&bpp=17&bdt=84&idt=107&shv=r20211207&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=8722502604468&rume=1&frm=20&pv=2&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZQIzVmSCxV&p=http%3A//www.nothing.net&dtd=121

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1d010784298409d8e4ffba61603da1013fe8350775c949ea1f46b2d1942f25f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKDYqOmzjfUCFQrRuwgdDRECHw&gqi=YKLOYaruEvKO9u8Ps6S4KA&layout=/sadbundle/%24csp%253Der3%24/13588370840429799713/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKDYqOmzjfUCFQrRuwgdDRECHw&gqi=YKLOYaruEvKO9u8Ps6S4KA&layout=/sadbundle/%24csp%253Der3%24/13588370840429799713/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 31 Dec 2021 06:25:36 GMT
server: cafe
content-length: 41447
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 06:25:36 GMT
cache-control: private

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/ Frame BA64 8 KB
4 KB 50ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15aaf01c00836f525d005b6c62f3026cb52a6468d32586220ebada304107c3ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 2307
date: Wed, 29 Dec 2021 05:32:03 GMT
expires: Thu, 29 Dec 2022 05:32:03 GMT
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 176013
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5A6F 0
0 37ms
36ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb2sEYKLOYaCoE4qi7_UPjaKI-AHilP2gZ8Cxud_nDtnZHhABIPisrwxgleKQgqAHoAHF6pm5AsgBCakCwli4Ndz9sj6oAwHIA0iqBM0BT9A8w809TLbLS2I0xcAskiHx0kLv7Dgm7Fyc8-qG0vvPOb_Ed5eNF6kOQ6UIluk2W2BMb2M-0ACFQksxt4s0O73LIU4bArS4Z1haSSjpmAfcDOeHT-6tnecUBhtqjl0UV4hGchrsYCrIczxCSGmNql_kYusIwokRz5NQR2A03eeQsTr89HVAPwoXeHP1kEme1OgmfzS1tp45XKQ46emjP12HDy5esQ5uk0q6sDtl279bZQrYs5qeDBiXrkeTTQW_t-V9w1XQ5iJi0XixDcAE4aTs19wDkgUECAQYAZIFBAgFGASgBi6AB6OV5sYBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQrd6zAdIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NTM3NTc5MTYyNTUxMzk0GAA&sigh=udDwk672j6I&uach_m=[UACH]&template_id=419

Requested by

Host: www.nothing.net
URL: http://www.nothing.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&h=60&slotname=5152492862&adk=3421435569&adf=2924924831&pi=t.ma~as.5152492862&w=468&lmt=1299599672&url=http%3A%2F%2Fwww.nothing.net%2F&flash=0&wgl=1&dt=1640931936172&bpp=17&bdt=84&idt=107&shv=r20211207&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=8722502604468&rume=1&frm=20&pv=2&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZQIzVmSCxV&p=http%3A//www.nothing.net&dtd=121
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 31 Dec 2021 06:25:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 31 Dec 2021 06:25:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 5A6F 19 KB
8 KB 45ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&h=60&slotname=5152492862&adk=3421435569&adf=2924924831&pi=t.ma~as.5152492862&w=468&lmt=1299599672&url=http%3A%2F%2Fwww.nothing.net%2F&flash=0&wgl=1&dt=1640931936172&bpp=17&bdt=84&idt=107&shv=r20211207&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=8722502604468&rume=1&frm=20&pv=2&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZQIzVmSCxV&p=http%3A//www.nothing.net&dtd=121

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 06:15:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5A6F 2 KB
1 KB 47ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 05:49:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 05:49:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A6F 119 KB
37 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:25:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 06:25:36 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 5A6F 15 KB
6 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 06:15:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB48 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&h=60&slotname=5152492862&adk=3421435569&adf=2924924831&pi=t.ma~as.5152492862&w=468&lmt=1299599672&url=http%3A%2F%2Fwww.nothing.net%2F&flash=0&wgl=1&dt=1640931936172&bpp=17&bdt=84&idt=107&shv=r20211207&mjsv=m202112060101&ptt=5&saldr=sa&abxe=1&correlator=8722502604468&rume=1&frm=20&pv=2&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=566&ady=729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=ZQIzVmSCxV&p=http%3A//www.nothing.net&dtd=121

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 31 Dec 2021 06:04:54 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5A6F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 034ebde965cacf4f088e53a79d785b59e5f2080287910d38123324772c5c69d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame BA64 9 KB
3 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51422
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 31 Dec 2021 16:08:34 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame BA64 26 KB
10 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51117
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 31 Dec 2021 16:13:39 GMT

GET
H3 200 img-bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 2 KB
2 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/img-bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cb9fc9f57ba11bd82ae6f2a87418f05cf3abe2fe4dbf25d5dc94600682a5fee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2112
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:26:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:26:00 GMT

GET
H3 200 img-motif-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/img-motif-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d34769a21d821d73318756a6dc171e7a4ee9d16a5eafcb4d42c0114bf66230

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 26396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2465
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Thu, 30 Dec 2021 23:05:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:05:41 GMT

GET
H3 200 img-motif-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/img-motif-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77726e476d6125c0e2bce2b2dadaa5636b78e8bcf201bf510928ffda782efa20

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 26336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4928
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Thu, 30 Dec 2021 23:06:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:06:41 GMT

GET
H3 200 img-motif-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 8 KB
8 KB 10ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/img-motif-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb7c190397a1f2fca8fdbc0d6de0c7cc142b8694272a568eb66b2e40b6303ab9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8140
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:26:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:26:00 GMT

GET
H3 200 tf-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 1 KB
1 KB 10ms
9ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/tf-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a039c0206ecea72700a00dcfef2745febcc4c53c837aab0c3193240dded074c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1424
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:26:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:26:00 GMT

GET
H3 200 tf-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/tf-1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7985c66d636f1d77965f65d6c40f54c47384674996ec0dc0e6719bbf10f8eb97

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2024
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:26:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:26:00 GMT

GET
H3 200 tf-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/tf-2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c89680dda713c21e64296d873ebccc210c37c6f0f65fc731dcb098b7291f659

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 26396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Thu, 30 Dec 2021 23:05:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:05:41 GMT

GET
H3 200 img-stoerer-0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 3 KB
3 KB 13ms
12ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/img-stoerer-0.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2009cf51f18426820ce78c637fc8a605ccd09c7862507e1b191f98ca1d3e5fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3464
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:26:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:26:00 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 2 KB
2 KB 12ms
12ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/img-logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cd890ab2a60dad758b400ffe1dba07f766721b535483b92c5d1a74d3b5e0b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 26396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2454
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Thu, 30 Dec 2021 23:05:41 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Dec 2022 23:05:41 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 95 B
123 B 13ms
13ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/gfx_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 176377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:26:00 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:26:00 GMT

GET
H2 200 tweenmax_2.0.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame BA64 113 KB
39 KB 66ms
15ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38915
x-xss-protection: 0
last-modified: Tue, 19 Jun 2018 18:02:41 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 31 Dec 2021 06:25:37 GMT

GET
H3 200 TKUT_v1.1.1.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/ Frame BA64 2 KB
1 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/assets/TKUT_v1.1.1.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13588370840429799713/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 176012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:36:56 GMT
server: sffe
date: Wed, 29 Dec 2021 05:32:05 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 05:32:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EB48
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

63ms
62ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 06:25:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 06:25:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 06:25:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rum.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame BA64 57 KB
22 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/rum.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24c11ee30699eb692260f80e31b87c841b1caf1736cc701004446f8efa9ad7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 18:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22234
x-xss-protection: 0
server: cafe
etag: 15485993355261459839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Jan 2022 18:49:30 GMT

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame BA64 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 00:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 00:37:40 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9a53e00bdea3fcdd2f4769806a91e261493f5c677d40be5f8c195412a673fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51751
x-xss-protection: 0
server: cafe
etag: 6503388075665824859
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 06:25:37 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 9C04
Redirect Chain

https://www.facebook.com/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f64107736bac%26domain%3Dwww.nothing.net%26is_...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253...

0
0

102ms
93ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f64107736bac%2526domain%253Dwww.nothing.net%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.nothing.net%25252Ff23e83fb41e652%2526relation%253Dparent.parent%26color_scheme%3Ddark%26container_width%3D0%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fnothing.net%26locale%3Den_US%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D292

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=10a2f05d903ea418ec695db04a872fa6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5mYAflZSEpX9P/gPZCMiL+fAH5chTe0jW2MUndf9LqR+MaT429auV9rwYl+Yr+rmeNpu8HXGJ5knFQpGLwTXxg==
date: Fri, 31 Dec 2021 06:25:37 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Flike_box.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3f64107736bac%2526domain%253Dwww.nothing.net%2526is_canvas%253Dfalse%2526origin%253Dhttp%25253A%25252F%25252Fwww.nothing.net%25252Ff23e83fb41e652%2526relation%253Dparent.parent%26color_scheme%3Ddark%26container_width%3D0%26header%3Dfalse%26href%3Dhttp%253A%252F%252Fwww.facebook.com%252Fnothing.net%26locale%3Den_US%26sdk%3Djoey%26show_faces%3Dtrue%26stream%3Dfalse%26width%3D292
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: pcYVWGHb+KDPtLtJ0F7zuQMLXa1wPxtJY+jakrTfhELTDU40o7ka05Oi4HeKA0XpY18F90BXwCtrkn/5A1QOXw==
content-length: 0
date: Fri, 31 Dec 2021 06:25:37 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 34ms
19ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99246540c6ebb5bc3cd59b2a273f510e5f56ce5dfc22a9df507462f9dbb573da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 06:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8648
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame BA64 0
327 B 95ms
32ms Ping
image/gif 2a00:1450:4002:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kxu0ia2y&ctx=3&gqid=YKLOYaruEvKO9u8Ps6S4KA&qqid=CKDYqOmzjfUCFQrRuwgdDRECHw&met.7=CB8QCBgBMDQ43wFAA0gPUA9YKGAWaClwMnivFIABgxKIAb49sAEBuAED~CBwQChgBIGUoZTB_OBpQZVh2YGVodnB9ePMbgAHHGYgBj0SwAQG4AQM~CBwQChgBIGUoZTB_OBtodnB-eLpTgAGOUYgBmdABsAEBuAED~CB8QBhgBIGUoZTCLATgnaIQBcIsBeOwSgAHAEIgBwBCwAQG4AQM~CB8QBhgBIGUoZTCPATgqaIUBcI0BeOwogAHAJogBwCawAQG4AQM~CB8QBhgBIGUoZTCPATgraIQBcI0BeM0VgAGhE4gBoROwAQG4AQM~CB8QBhgBIGUoZTCQATgraIUBcI4BeLwNgAGQC4gBkAuwAQG4AQM~CB8QBhgBIGUoZTCTATguaIUBcI4BePhBgAHMP4gBzD-wAQG4AQM~CB8QBhgBIGUoZTCTATguaIUBcJEBeJQSgAHoD4gB6A-wAQG4AQM~CB8QBhgBIGUoZTCTATguaIUBcJABeP4NgAHSC4gB0guwAQG4AQM~CB8QBhgBIGUoZTCTATguaIUBcJEBeMIVgAGWE4gBlhOwAQG4AQM~CB8QBhgBIGUoZTCUATguaIUBcJIBeLQdgAGIG4gBiBuwAQG4AQM~CB8QBhgBIGUoZTCUATgvaIUBcJIBeIsDgAFfiAFfsAEBuAED~CCkQChgBIGUoZTDKAThlQIABSJ0BUJ0BWLMBYKMBaLMBcMIBeK-yAoABg7ACiAHCiAewAQG4AQM~CB8QChgBIGUoZTCJATgkaIIBcIkBeK8KgAGDCIgBphKwAQG4AQM~CBgQChgBIOMBKOMBMO8BOAxo4wFw7QF4hrABgAHarQGIAebJA7ABAbgBAw~CCcQChgBIOQBKOQBMO0BOAo
Requested by: Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 06:25:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 5A6F 57 KB
22 KB 30ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

24c11ee30699eb692260f80e31b87c841b1caf1736cc701004446f8efa9ad7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:21:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22234
x-xss-protection: 0
server: cafe
etag: 15485993355261459839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:21:47 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame B9FC 11 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 30 Dec 2021 18:36:45 GMT
expires: Thu, 13 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 42532
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nothing.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 06:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
17ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nothing.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 06:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A9E 0
16 B 16ms
16ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5537579162551394&output=html&adk=1812271804&adf=3025194257&lmt=1299599672&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.nothing.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1640931937218&bpp=2&bdt=1130&idt=2&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da608e53c832d3f16-22c7be6a12cd0026%3AT%3D1640931936%3ART%3D1640931936%3AS%3DALNI_MaGDS8XDJDm9Maz1X9zoAkfVTlaEQ&prev_slotnames=5152492862&nras=1&correlator=8722502604468&rume=1&frm=20&pv=1&ga_vid=958309592.1640931936&ga_sid=1640931936&ga_hid=1044974105&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=189712377038454&pem=165&tmod=669&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 06:25:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 06:25:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 31 Dec 2021 06:25:37 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5A6F 0
54 B 102ms
101ms Ping
image/gif 2a00:1450:4002:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kxu0ia5d&chm=1&ctx=2&gqid=YKLOYaruEvKO9u8Ps6S4KA&qqid=CKDYqOmzjfUCFQrRuwgdDRECHw&met.4=fb.a~lb.3b~ol.8p~bdt.-la~bpp.-ih~idt.-fz~dtd.-fl~dt.-iy&met.3=734.5m~734.8i~113.b0_2~112.az_3&met.1=1.kxu0i9ue~14.4~15.0~16.4~17.4~18.4~19.4~20.4~21.4~22.r~23.r&met.7=CB8QBRgBIBUoFTBJODRAF0gkUCRYPGAqaD5wR3ivFIABgxKIAb49sAEBuAED~CCEQBBgBIBYoFjA7OCVoF3A7eKwCsAEBuAED~CAkQChgBIBcoFzBFOC9oPnBEePA_gAHEPYgBpZYBsAEBuAED~CB4QChgBIBcoFzBHODBoPnBGeOAMgAG0CogBnhOwAQG4AQM~CCoQChgBIBcoFzA8OCQ~CBwQChgBIBcoFzBGOC9oPnBFeOw0gAHAMogB0nWwAQG4AQM~CCgQBRgBIEsoSzBTOAhoTHBSeL0DgAGRAYgBjwGwAQG4AQM~CCgQChgBIMoCKMoCMOoCOCBAygJIywJQywJY4QJg0AJo4QJw5wJ4hrABgAHarQGIAebJA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4002:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 06:25:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D3FE 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Thu, 30 Dec 2021 23:03:49 GMT
expires: Fri, 30 Dec 2022 23:03:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 26508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0236 783 B
536 B 35ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

005e607897b56bfd0df9010e3f4195398aa27d6d10cb9e7449719cbf800cd97a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xr5X6IvSsHK7tfF5LFw8hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 31 Dec 2021 06:25:37 GMT
date: Fri, 31 Dec 2021 06:25:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Xr5X6IvSsHK7tfF5LFw8hA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js Show response
pagead2.googlesyndication.com/bg/ Frame D3FE 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/U_DPXy_vflqTjVU_YutWJm0axOJE633NQGMGFEhf2s0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 00:37:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 107277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13577
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Dec 2022 00:37:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0236 0
0 23ms
22ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=189712377038454&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=189712377038454&bg=!BwSlBEDNAAZKWFskSlg7ACkAdvg8WqgodL43_up8CIruLvuDWuSRMYZFPDT2W1GL3JYiIAHYgUcduQIAAABJUgAAAAtoAQeZAscnPwQSjy0McqmowJ_IJ637B1yqGYUkZFT4MQ_Pxl3B448s8L7GU5mYJ25OFV05xt_QPQ5HvO4G6xdyt_vh999LksPzfg1zciHegMLAD-TMKfysJGCyLFc01V-KfsDYCyY6HauQvsZRWfearWZFlQUzO9xIjzx6mC-tYZ3LtF9QFP7PRi2Wg8KIDARO7eGuLaT7zzGD0XVrKbAmkiD23Y4VhZGK3sLLo_UA_1j8x2ITLtmYoudeDf8lFFLoZINGCV7ZkZTgPemHifhvGRV6KMg1rsJSLPmzTgdxAYAEzADUdSDjBY3ZEWKxxcWP4Iwd1nZj221zJIfBsbiM6PmldZxXctkEm3mR4B5So5rR6Gc-KzMN-koLbdmvV5ky_JDTGQ-wcOMS9XCBjiF2pVnpgy3JQjwzj5hid8XKHvSXxzz7pVB2rGT4-1QWcAqO9le03hlE-dw_TjQenF-f4jwzunZtIw_UotblR9JYSCUbO7jJLk3JXuk5hBbGs_5YFeXge5LhlpkRcrupW26fPbeOPChartW77mMatpxQD_iagS2-Ptea1S6Yab3mWG1CA5LlgZxKFsNw9CEyFDIslP8zpoIh-MaV1RPwgt75Cn5YB4n8hKufxpcDRIOua2HwzlqOoVbzI-l2baGIE4wefdM_242d3wmXgZ5w7gm0f9-pRrrwAl8nIgxSdAiwNPfEDsDgtH90Mr697SvB5PgLZ1ciQLDmO_Xn6GecD8371mUANKTa2QND8f3tAF-pcJMDq32f52cU1dNV5v_TZPTINy1LiuYrEXZrJCxixhVXM0k1U_mr7X7XMkUpPlVdFZP7HvWWxpyzSvs5iAxdY9N67Gu5-pkpHkfS9LzTuRfNsOABUKfMI9YVnziG6g_p1BmHopoznUubg3RFRaRsX5Vspa6NSA9kwMtmbBrP4z060zOd8axTgMyaCONY2n8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.nothing.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 06:25:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A6F 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunvGW-HQRJ2TM9lGmvaC9TuNn9svtp4ydzLHl0h8MtfkLslsWDUOmge_FJhxHBaArN5o6pBDL5JxeO6EbVHLvl812s496Zx_A5h3lVLhqEqfHZ92Edvw&sai=AMfl-YR1A1lIU3S8RVOrqFSsYlJA7PUqQHB1pNC16BRi_WhdRvpbTeN-v4tzWPkACqVXzno5HIYne0U2zSut&sig=Cg0ArKJSzCAbH5TKmrLlEAE&id=lidar2&mcvt=1001&p=0,0,60,384&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3421435569&rs=2&la=0&cr=0&vs=4&r=v&rst=1640931936854&rpt=103&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 06:25:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 64ms
32ms Ping
image/gif 2a00:1450:4002:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~kxu0i9fd&c=189712377038454&e=31061691%2C31061693&ctx=1&met.3=158.dt_f~326.gs_2~216.gp_4~215.gp_5~843.gp_5~161.gu~779.gw~868.gx~889.h1~639.h6~914.h6~112.hn_2~629.iw_1~168.101~168.101~168.101~168.101~168.101~168.101~113.15v_1~326.16v~164.16u_1~165.16t_2~166.16o_i~161.175~779.176~868.176~889.179~639.17b~914.17b&met.7=CBsQCMABiu210gI~CBsQBiCtAzhjwAG-t4zPBg~CBsQBiCtAzhrwAGZ-NaTDg~CBsQBhgBIK0DKK0DMMMDOBfAAcSridoF~CAIQChgBIK0DKK0DMOYDODlArwNIvQNQvQNYwwNowwNw2gN467sCgAG_uQKIAbT6BrABAbgBA8AB0b6jjwk~CBsQCiCxAzgfwAHflp6eCA~CBsQCiCxAzgfwAHwyo_ICQ~CBsQAhgBILwDKLwDMOkDOC3AAZrQrcoI~CBsQCiDSAzghwAHszKaqDA~CAMQChgBIPoDKPoDMMsEOFBQ-wNYkgRggQRokgRwsgR4kp0GgAHmmgaIAcScEbABAbgBA8ABstafsA4~CBsQBiCBBDgYwAGWhP2GDg~CBwQChgBIN4EKN4EMPgEOBpQ3gRY7QRg3gRo7QRw9QR4jqYBgAHiowGIAbmmA7ABAbgBA8ABwYWx_ww~CC8QBxgBIOQEKOQEMI8FOCtA5ARI6gRQ6gRY_wRg8ARo_wRwjgV4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CC8QBxgBIOMEKOMEMKYFOENA5ARIgAVQgAVYlQVghgVolgVwpQV4kAOAAWSIAWuwAQG4AQPAAe21srAK~CBsQChgBIOIEKOIEMKcFOERA4wRIgAVQgAVYlgVghgVolgVwpgV49QOAAckBiAHXAbABAbgBA8AB5Krg8AI~CAUQBRgBIOkEKOkEMIoJOKAEaPAEcIUJeJPGAoAB58MCiAHjiAiwAQG4AQPAAZDHsvAI~CBsQCDjcC8ABiu210gI~CAEQChgBINILKNILMPgLOCdo0gtw8gt405YDgAGnlAOIAd2DCbABAbgBA8AB3o6_mwE~CCcQDRgBINwLKNwLMIAMOCRQ3AtY6wtg3Ato6wtw_gt49EWAAchDiAHvWLABAbgBA8AB8_LLrgs~CAwQBRgBIJEMKJEMMJkMOAhokgxwmQx4wCiAAZQmiAHVVbABAbgBA8ABvKb-wQQ~CAUQBRgBIJYMKJYMMKgMOBFomAxwqAx4rAKwAQG4AQPAAZDHsvAI~CCcQChgBIJgMKJgMMKsMOBPAAeLBm9oF~CC8QBxgBIJQMKJQMMLUMOCFQlQxYowxglQxopAxwtQx4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIJUMKJUMMLYMOCJQlQxYpAxglQxopQxwtQx4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CCcQBRgBILIMKLIMMLoMOAjAAZmVn6AL~CBsQBRgBILMMKLMMMNgMOCXAAc_G2uIB~CBsQBSDbCziqAcAB77Kjigs~CBwQBhgBIK0NKK0NMNgNOCtorQ1w1w14rAKwAQG4AQPAAZSE4rUO&met.1=1.kxu0i8xp~6.0~7.1~8.5e~9.5e~10.7x~12.7x~13.bc~14.bd~15.bf~16.e8~17.e8~18.e8~19.15d~20.15d~21.15o~22.c1~23.d8
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211207/r20110914/rum_fy2019.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4002:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.nothing.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 06:25:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nothing.net/	1970-01-20 17:20:03	Name: __utma Value: 129523475.958309592.1640931936.1640931936.1640931936.1
.nothing.net/	1970-01-19 23:48:53	Name: __utmb Value: 129523475
.nothing.net/	1969-12-31 23:59:59	Name: __utmc Value: 129523475
.nothing.net/	1970-01-20 04:11:39	Name: __utmz Value: 129523475.1640931936.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.nothing.net/	1970-01-20 09:10:27	Name: __gads Value: ID=a608e53c832d3f16-22c7be6a12cd0026:T=1640931936:RT=1640931936:S=ALNI_MaGDS8XDJDm9Maz1X9zoAkfVTlaEQ
.doubleclick.net/	1970-01-20 09:10:27	Name: IDE Value: AHWqTUniog16ehBQkt-xLwL2HNhB32GCdF1kCR8rKi8jBnU4UsZEUiTDHgp3GoFLv00
.doubleclick.net/	1970-01-19 23:48:55	Name: DSID Value: NO_DATA
.facebook.com/	1970-01-20 17:20:03	Name: sb Value: YaLOYaCrogVu8ghfnuspD_pi
.facebook.com/	1970-01-20 01:58:27	Name: fr Value: 0jgr2HtEVMDL5gSuG..BhzqJh.-G.AAA.0.0.BhzqJh.AWW7ILy5SBU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
cse.google.com
csi.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.nothing.net
142.250.185.66
142.250.186.162
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4002:800::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
66.96.149.32
005e607897b56bfd0df9010e3f4195398aa27d6d10cb9e7449719cbf800cd97a
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
034ebde965cacf4f088e53a79d785b59e5f2080287910d38123324772c5c69d1
04bebc72279b932db791a12c6f22e83c449b386f562d484d0eebea0b50b2112b
15aaf01c00836f525d005b6c62f3026cb52a6468d32586220ebada304107c3ab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
24c11ee30699eb692260f80e31b87c841b1caf1736cc701004446f8efa9ad7f3
257f152370c25aa3bbbb4b6a2069fab28d91564c247dd4b4aa63e30490d30972
2a039c0206ecea72700a00dcfef2745febcc4c53c837aab0c3193240dded074c
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3a0fb2b43c3b4273b37b381dde95ff67fafffc136f9a4a36c48188c30989df47
43d34769a21d821d73318756a6dc171e7a4ee9d16a5eafcb4d42c0114bf66230
4718f1514e6ec44a3b4d571412a560514081d5d77b8d3c85f5688094f8629be8
53f0cf5f2fef7e5a938d553f62eb56266d1ac4e244eb7dcd40630614485fdacd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
77726e476d6125c0e2bce2b2dadaa5636b78e8bcf201bf510928ffda782efa20
7985c66d636f1d77965f65d6c40f54c47384674996ec0dc0e6719bbf10f8eb97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8c89680dda713c21e64296d873ebccc210c37c6f0f65fc731dcb098b7291f659
8cb9fc9f57ba11bd82ae6f2a87418f05cf3abe2fe4dbf25d5dc94600682a5fee
91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3
99246540c6ebb5bc3cd59b2a273f510e5f56ce5dfc22a9df507462f9dbb573da
a2009cf51f18426820ce78c637fc8a605ccd09c7862507e1b191f98ca1d3e5fb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9a53e00bdea3fcdd2f4769806a91e261493f5c677d40be5f8c195412a673fe7
b862e027a863c38c1c5f5af0d23a2bf75f18e5caaa4543e64bc49dc29fde4b8f
bdb02d532d7bfd45b67a7b2cdec2f9022e4b53fcbc99e8dca2a4d8dbfafacd72
c2c4bd0c2b616b221a7be759272ea18ae8811b0e85a11f78ba5af3900ad77306
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
d9cd890ab2a60dad758b400ffe1dba07f766721b535483b92c5d1a74d3b5e0b3
e1d010784298409d8e4ffba61603da1013fe8350775c949ea1f46b2d1942f25f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5cb466a494b3b422db47c227e2ca970373be714683580a123f236116533501d
ea00ae586c85d0cc76482889d560b7d866f2910dbc8677098fd61faeb9afaacd
eb7c190397a1f2fca8fdbc0d6de0c7cc142b8694272a568eb66b2e40b6303ab9
ee0aebdab40c1345ca9b2b869dd5f6c1bf5dd97d8e8c43d94fd030830cd40548
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.nothing.net Open in urlscan Pro 66.96.149.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

83 %HTTPS

79 %IPv6

12 Domains

16 Subdomains

15 IPs

3 Countries

598 kBTransfer

1621 kBSize

9 Cookies

1 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nothing.net Open in urlscan Pro
66.96.149.32 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

83 %
HTTPS

79 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

598 kB
Transfer

1621 kB
Size

9
Cookies

59 HTTP transactions
0 data transactions