www.423down.com Open in urlscan Pro
45.151.132.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.423down.com/8125.html
Submission: On March 01 via api (March 1st 2023, 12:16:40 pm UTC) from CN — Scanned from DE

Summary HTTP 111 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 16 IPs in 8 countries across 17 domains to perform 111 HTTP transactions. The main IP is 45.151.132.50, located in Seattle, United States and belongs to SPARTANHOST, GB. The main domain is www.423down.com.
TLS certificate: Issued by TrustAsia RSA DV TLS CA G2 on August 28th 2022. Valid for: a year.

This is the only time www.423down.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	45.151.132.50 45.151.132.50	201106 (SPARTANHOST) (SPARTANHOST)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
28	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	240e:96c:1100... 240e:96c:1100:5a01:3::3fd	4812 (CHINANET-...) (CHINANET-SH-AP China Telecom Group)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 25	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.180.195 142.250.180.195	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:3a35:c032:6d7e:7081	16509 (AMAZON-02) (AMAZON-02)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	3.70.39.209 3.70.39.209	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
111	16

19 45.151.132.50 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)

www.423down.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:96c:1100:5a01:3::3fd (China)

ASN4812 (CHINANET-SH-AP China Telecom Group, CN)

dn-qiniu-avatar.qbox.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:400d:80a::2001 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.195 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f3.1e100.net

p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:3a35:c032:6d7e:7081 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.70.39.209 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-39-209.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	523 KB
21	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	175 KB
19	423down.com www.423down.com	267 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com	127 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	242 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	894 B
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	3 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8947	818 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2292	790 B
2	qbox.me dn-qiniu-avatar.qbox.me	6 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8406 hmcdn.baidu.com Failed	12 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 712	338 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313	461 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 730	718 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2856	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	603 B
111	17

	Domain	Requested by
25	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net www.423down.com
19	www.423down.com	www.423down.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.423down.com
13	pagead2.googlesyndication.com	www.423down.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ups.analytics.yahoo.com	2 redirects
2	match.360yield.com	2 redirects
2	p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com
2	www.google.com	1 redirects googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	dn-qiniu-avatar.qbox.me	www.423down.com
2	hm.baidu.com	www.423down.com
1	onetag-sys.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	hmcdn.baidu.com Failed	hm.baidu.com
111	24

This site contains links to these domains. Also see Links.

Domain
www.wetab.link
www.51jike.top
www.123pan.com
beian.miit.gov.cn

Subject Issuer	Validity	Valid
www.423down.com TrustAsia RSA DV TLS CA G2	`2022-08-28` - `2023-08-28`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.qbox.me GeoTrust RSA CN CA G2	`2022-07-07` - `2023-08-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.423down.com/8125.html
Frame ID: C04B8A0B175D16A2F54790A6FA85AF53
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html
Frame ID: 525091D8FF176EF8D6234253DFF7755B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&adk=2710647471&adf=2336291663&lmt=1677672994&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.423down.com%2F8125.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994064&bpp=5&bdt=858&idt=291&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5561462839509&frm=20&pv=2&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=310
Frame ID: 762EDBFDB66A14C615EEDFF27E5AC950
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=6446571284&adk=1638010549&adf=72148518&pi=t.ma~as.6446571284&w=858&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&format=858x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994069&bpp=2&bdt=863&idt=312&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=181&ady=2997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=krKHPRDT6c&p=https%3A//www.423down.com&dtd=321
Frame ID: 1853B1B70C8E446D2C7866BEF05E0020
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=2673002829&adk=3611007012&adf=3975080438&pi=t.ma~as.2673002829&w=380&lmt=1677672994&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994071&bpp=1&bdt=864&idt=324&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FdsJZjWsGu&p=https%3A//www.423down.com&dtd=326
Frame ID: 7B6543FB92F104794518E43FBAF9FA62
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&adk=2528968786&adf=864023522&pi=t.aa~a.3407511349~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&to=qs&pwprc=4630267249&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994827&bpp=1&bdt=1621&idt=1&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9f5273b8bd553087-22b6e36a3bdd0092%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ&gpic=UID%3D00000bbd6266f6c6%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g&prev_fmts=0x0%2C858x280%2C380x280&nras=2&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=i7Ly0EBUYT&p=https%3A//www.423down.com&dtd=7
Frame ID: 41C03B5D64132236958B93B305268DA4
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1
Frame ID: 17398BFD73DDA75A1B8CD6EA2F837415
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1
Frame ID: B8D2A1A71D4994378D084010DA1269CA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8B57024F6E1A338CA18BDDA84F20E8D0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js
Frame ID: CE4E18D2284BAF466F2F5511A9C745E7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js
Frame ID: EC0546CFFE5E83BF725304E846A1E184
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js
Frame ID: C0630098D69D4E42652484D06E329C88
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2386F2871D7104444400F382C2FB7AC8
Requests: 9 HTTP requests in this frame

Frame: https://p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 34C779BDC028FFD72836AFDB2B282A0B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js
Frame ID: 36118F29241BB4143D0CA34058FC7EA5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js
Frame ID: CBE1294399783493E599392E5CF509F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

腾讯QQ PC版 9.7.3.28946 去广告绿色精简版 - 423DownQQ下载(QQ精简版)_腾讯QQ最新版QQPC版下载_QQ2022腾讯QQ绿色精简版 - 423Down

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

93 %
HTTPS

57 %
IPv6

17
Domains

24
Subdomains

16
IPs

8
Countries

1358 kB
Transfer

3244 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wetab.link/?hmsr=423down
Title: WeTab

Search URL Search Domain Scan URL

URL: http://www.51jike.top/
Title: 百度网盘超级会员/各大平台VIP，限时特价，诚信商家！

Search URL Search Domain Scan URL

URL: https://www.123pan.com/
Title: 123云盘 - 空间2T，上传下载不限速，分享免登陆下载！

Search URL Search Domain Scan URL

URL: https://beian.miit.gov.cn/
Title: 津ICP备19007314号-80

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 102

https://um.simpli.fi/gp_match?google_gid=CAESEBCotdBmZQuF6rkWlUnrWxI&google_cver=1&google_push=Aa02lx_zz3Q5y2po5xE_I3R9WXUxRXtEQ_z9TISU9Gdlbn3Sh_PFLvXUcRDKHg9BBgTl2fECoQAaAYqZZwRXvJPp4mfM4JjsNGybiA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=62F9DBA0C61F47FE85CBCCD5E9A8E820&google_push=Aa02lx_zz3Q5y2po5xE_I3R9WXUxRXtEQ_z9TISU9Gdlbn3Sh_PFLvXUcRDKHg9BBgTl2fECoQAaAYqZZwRXvJPp4mfM4JjsNGybiA

Request Chain 103

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENKG-4wsBIue1dPDO6KQB0s&google_cver=1&google_push=Aa02lx-ibsnskyyj8aGAWKBbGXVUDZJ9TwNaHRkweoA_76RBH2lgTxFOEyI1XZqoX8k-G5k8wuHQVJx0wiJjpk0SHpznDH7tr4SVxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-ibsnskyyj8aGAWKBbGXVUDZJ9TwNaHRkweoA_76RBH2lgTxFOEyI1XZqoX8k-G5k8wuHQVJx0wiJjpk0SHpznDH7tr4SVxw&google_hm=eS1LaDN3OUdSRTJwR2VwYnVMOUNrWUVUVzlyZUczVmJXMn5B

Request Chain 104

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMjzTcko-0x8k4oM5A91qC0&google_cver=1&google_push=Aa02lx9lxJcshD9XKzVGizPAfwLpdjGT_G1VYHcHYfVgaItPSTZ0DDf9LOmKr-_rnKkTXfYvNhcBUfVY8CHNKtunPsF4YnZI9ccc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVQTjZPRTUtMVEtSzJJQQ==&google_push=Aa02lx9lxJcshD9XKzVGizPAfwLpdjGT_G1VYHcHYfVgaItPSTZ0DDf9LOmKr-_rnKkTXfYvNhcBUfVY8CHNKtunPsF4YnZI9ccc

Request Chain 105

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECSeO1SB8Ec5K4EXZJa7sBw&google_cver=1&google_push=Aa02lx8JoqnocMWUk4VVmHnZuiO5TpSRXBSDcPzvWXDhAlUUMLfIEuhRxALXJqKuvEDGyUj_vFuOUR21Oo9IIoBJr7QZq6VGFEZqig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8JoqnocMWUk4VVmHnZuiO5TpSRXBSDcPzvWXDhAlUUMLfIEuhRxALXJqKuvEDGyUj_vFuOUR21Oo9IIoBJr7QZq6VGFEZqig

Request Chain 106

https://match.360yield.com/match/ebda?google_gid=CAESEJbKc-Uv3Co0GCn1H3VNnnk&google_cver=1&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7ZcvHZ_SVVX93VegpA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJbKc-Uv3Co0GCn1H3VNnnk&google_cver=1&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7ZcvHZ_SVVX93VegpA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sQO6AIglS2iL4WaRdNYATw&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7ZcvHZ_SVVX93VegpA

Request Chain 107

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKnaE9v05DgBIZDaD7InjxU&google_cver=1&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-ndVkpB_Ttxg0resQQ_rZZWe2B3NlneI HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKnaE9v05DgBIZDaD7InjxU&google_cver=1&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-ndVkpB_Ttxg0resQQ_rZZWe2B3NlneI&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUXNmaHRKRTJ1RWpqVk5lb3U4TU44Y0x5NEhVVFFaTH5B&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-ndVkpB_Ttxg0resQQ_rZZWe2B3NlneI

111 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 8125.html Show response
www.423down.com/ 50 KB
10 KB 1308ms
312ms Document
text/html 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

fe3178f8a600a94db2358cee116a56c6a3111b02c6910920a27f6d72295585c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Mar 2023 12:16:33 GMT
server: Tengine
strict-transport-security: max-age=172800; includeSubdomains; preload
vary: Accept-Encoding Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H2 200 erphpdown.css
www.423down.com/wp-content/plugins/erphpdown/static/ 6 KB
2 KB 198ms
198ms Stylesheet
text/css 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.423down.com/wp-content/plugins/erphpdown/static/erphpdown.css

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

744977b6f0e171b5a37e874c63b540cdd63f01e6dc5bcc7914874b7f77e76f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 30 Oct 2017 01:34:54 GMT
server: Tengine
content-encoding: br
etag: W/"59f681be-1788"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1871ms
405ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?152027bf90023a4cf754c9af7675431d

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f122c003e3b339b85ca4b175c2c08c25d7dd061b1f36825c7cd55f85aa71f2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 01 Mar 2023 12:16:35 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: c66c216bd03ae46a47d86ed3a64ab47c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11304

GET
H2 200 style.css
www.423down.com/wp-content/themes/D7/ 33 KB
8 KB 226ms
226ms Stylesheet
text/css 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.423down.com/wp-content/themes/D7/style.css

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

79a7b7daabd0550af70bfec2002e69feb30654d3c13aaae09ff84bf6cd6c3f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 04:23:08 GMT
server: Tengine
content-encoding: br
etag: W/"6176312c-8271"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 jquery.js Show response
www.423down.com/wp-content/themes/D7/js/ 39 KB
19 KB 321ms
321ms Script
application/javascript 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.423down.com/wp-content/themes/D7/js/jquery.js

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

a3dba20968ace0a25b4cc5a468da7f80a3ea5f75f4bd5610237a2af854484bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sat, 06 Nov 2021 00:16:03 GMT
server: Tengine
content-encoding: br
etag: W/"6185c943-9b06"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 186ms
97ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5073779749772018

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d54bcaeaeae8e1054383f05a5bee262393d83067fbd83a33432e102139028ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Origin: https://www.423down.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49373
x-xss-protection: 0
server: cafe
etag: 3037276385733611416
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 12:16:33 GMT

GET
H2 200 body.gif
www.423down.com/wp-content/themes/D7/img/ 4 KB
5 KB 204ms
203ms Image
image/gif 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/themes/D7/img/body.gif

Requested by

Host: www.423down.com
URL: https://www.423down.com/wp-content/themes/D7/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

5c0bb78ff1065338e305c19f9a905c27d08a923d81a5f3f6a1c6a0feda57c1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/wp-content/themes/D7/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Wed, 30 Dec 2015 05:39:35 GMT
server: Tengine
etag: "56836e17-1163"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4451
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 423Down.png
www.423down.com/wp-content/themes/D7/img/ 4 KB
5 KB 224ms
223ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/themes/D7/img/423Down.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/wp-content/themes/D7/style.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

95a09c27e2a8ed6a5fe4a51fa1a4a6bf15ae9fe72e368a689f00495dfb1c43e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/wp-content/themes/D7/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 17:28:00 GMT
server: Tengine
etag: "5fb2b6a0-1167"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4455
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 2021060704202413.png
www.423down.com/wp-content/uploads/2021/05/ 66 KB
66 KB 290ms
290ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/uploads/2021/05/2021060704202413.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

d949999caf35dbd8d2ea0ed41e66871c87531233c8fb8c65c018a28e8ccb0ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 06 Jun 2021 12:20:23 GMT
server: Tengine
etag: "60bcbd87-10837"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 67639
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 new.png
www.423down.com/wp-content/themes/D7/img/ 1 KB
1 KB 508ms
508ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/themes/D7/img/new.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

a64a5c16437a020515d0b26b4cd13e9ab2bfe3fee0f140349a1946c7e7101ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sat, 09 Oct 2021 02:59:25 GMT
server: Tengine
etag: "6161058d-49d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1181
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 estrongs.png
www.423down.com/wp-content/uploads/2020/06/ 24 KB
24 KB 562ms
559ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/uploads/2020/06/estrongs.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

941c57e49d2bf34fafac88f901568e154e8db331cc0f3c90d30b8270f59fb0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Thu, 11 Jun 2020 09:54:57 GMT
server: Tengine
etag: "5ee1ff71-60b8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24760
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 Solid-Explorer.png
www.423down.com/wp-content/uploads/2020/01/ 14 KB
15 KB 563ms
559ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/uploads/2020/01/Solid-Explorer.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

e3d3da3bc36039181f7983d6672860324ba3aa37d01c6f8d0117b58f7860d0e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 28 Jan 2020 10:33:02 GMT
server: Tengine
etag: "5e300dde-3978"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14712
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 1658626521-leidian9.png
www.423down.com/wp-content/uploads/2022/07/ 8 KB
8 KB 563ms
559ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/uploads/2022/07/1658626521-leidian9.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

bd1593d6eeb1b9ca3afe863f21c50a425b47cdd815c1d4d5dec961db0fab91fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 24 Jul 2022 01:35:21 GMT
server: Tengine
etag: "62dca1d9-1f01"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7937
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 xyplorer.png
www.423down.com/wp-content/uploads/2020/04/ 54 KB
54 KB 563ms
560ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/uploads/2020/04/xyplorer.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

3386d6c2dc621a2dfdd4f542227d26bec5f0668a0d65750618259332d155326a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Tue, 28 Apr 2020 03:31:54 GMT
server: Tengine
etag: "5ea7a3aa-d768"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 55144
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 Revo-Uninstaller.png
www.423down.com/wp-content/uploads/2018/04/ 40 KB
41 KB 563ms
560ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/uploads/2018/04/Revo-Uninstaller.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

e75162e3ae955c1c74ca07dd0baf40478eea6d91b6ee75495fdda4fb852ec7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Wed, 21 Mar 2018 06:11:22 GMT
server: Tengine
etag: "5ab1f78a-a1c4"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 41412
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 /
dn-qiniu-avatar.qbox.me/avatar/ 3 KB
3 KB 992ms
309ms Image
image/jpeg 240e:96c:1100:5a01:3::3fd
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dn-qiniu-avatar.qbox.me/avatar/?s=36&d=https%3A%2F%2Fwww.423down.com%2Fwp-content%2Fthemes%2FD7%2Fimg%2Fdefault.png
Requested by: Host: www.423down.com
URL: https://www.423down.com/8125.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:96c:1100:5a01:3::3fd , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 96216e4eac20f8b160d1d7df73e1d1488491bf3d94771cea01e4def120a2cd1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-log: X-Log
date: Wed, 01 Mar 2023 05:52:24 GMT
via: cache41.l2cn3047[0,0,304-0,H], cache61.l2cn3047[0,0], vcache16.cn3775[0,0,200-0,H], vcache14.cn3775[2,0]
x-reqid: dA4AAAD2QWy8NUgX
age: 23050
x-swift-cachetime: 86395
x-bill: Tbl:avatar;FileType:0
x-cache: HIT TCP_MEM_HIT dirn:9:160459322
content-transfer-encoding: binary
content-disposition: inline; filename=""; filename*=utf-8''
x-swift-savetime: Wed, 01 Mar 2023 05:52:29 GMT
content-length: 2637
last-modified: Fri, 08 Jan 2016 09:59:28 GMT
server: Tengine
etag: "Fq5lr3ULBrMDOteSq4wQIVz6oVdZ"
access-control-max-age: 2592000
ali-swift-global-savetime: 1677649944
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 65e21aa216776729946235527e

GET
H2 200 msie10.png
www.423down.com/wp-content/plugins/wp-useragent/img/16/net/ 414 B
702 B 563ms
560ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/plugins/wp-useragent/img/16/net/msie10.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

88a5e335aeb265f502f416398e1bdd8668a74fe8bd32185c6b19cbcbba03f8b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:33 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 10:51:53 GMT
server: Tengine
etag: "5fb10849-19e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 414
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:33 GMT

GET
H2 200 win-4.png
www.423down.com/wp-content/plugins/wp-useragent/img/16/os/ 783 B
1 KB 563ms
561ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/plugins/wp-useragent/img/16/os/win-4.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

718a5bb621f6cae6e10cacbb90cc33b3f6a04a7cb466362b4bed83e275bcba84

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 10:51:53 GMT
server: Tengine
etag: "5fb10849-30f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 783
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:34 GMT

GET
H2 200 chrome.png
www.423down.com/wp-content/plugins/wp-useragent/img/16/net/ 907 B
1 KB 563ms
561ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/plugins/wp-useragent/img/16/net/chrome.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

0d502b7e03eb48675762a6a4bf66f58c605ab1ff16b8184d594aa967dd00d5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 10:51:53 GMT
server: Tengine
etag: "5fb10849-38b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 907
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:34 GMT

GET
H2 200 win-6.png
www.423down.com/wp-content/plugins/wp-useragent/img/16/os/ 261 B
549 B 563ms
562ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/plugins/wp-useragent/img/16/os/win-6.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

349308e18adc6757c96b146f38490f55cf17ed21cc2aa99d3510ab7e06847c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 10:51:53 GMT
server: Tengine
etag: "5fb10849-105"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 261
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:34 GMT

GET
H2 200 edge-2.png
www.423down.com/wp-content/plugins/wp-useragent/img/16/net/ 811 B
1 KB 563ms
562ms Image
image/png 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.423down.com/wp-content/plugins/wp-useragent/img/16/net/edge-2.png

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

be7e2d6ded2a7a9a2a3f38e071ed84a03bad55f24677fa98ca610a115f610071

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 10:51:53 GMT
server: Tengine
etag: "5fb10849-32b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 811
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:34 GMT

GET
H2 200 43f0fc0bf4b30f13815114748b87f969
dn-qiniu-avatar.qbox.me/avatar/ 3 KB
3 KB 992ms
311ms Image
image/jpeg 240e:96c:1100:5a01:3::3fd
CHINANET-SH-AP Ch...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dn-qiniu-avatar.qbox.me/avatar/43f0fc0bf4b30f13815114748b87f969?s=36&d=https%3A%2F%2Fwww.423down.com%2Fwp-content%2Fthemes%2FD7%2Fimg%2Fdefault.png
Requested by: Host: www.423down.com
URL: https://www.423down.com/8125.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:96c:1100:5a01:3::3fd , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 96216e4eac20f8b160d1d7df73e1d1488491bf3d94771cea01e4def120a2cd1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-log: X-Log
date: Wed, 01 Mar 2023 08:28:53 GMT
via: cache54.l2cn3047[56,56,304-0,M], cache16.l2cn3047[57,0], vcache19.cn3775[0,0,200-0,H], vcache14.cn3775[1,0]
content-md5: 1f5cvMMc/1+KwBDbcusADA==
x-reqid: MaIAAAAA6nFGPkgX
age: 13661
x-swift-cachetime: 86400
x-bill: Tbl:avatar;FileType:0
x-cache: HIT TCP_HIT dirn:8:32435412
content-transfer-encoding: binary
content-disposition: inline; filename="43f0fc0bf4b30f13815114748b87f969"; filename*=utf-8''43f0fc0bf4b30f13815114748b87f969
x-swift-savetime: Wed, 01 Mar 2023 08:28:53 GMT
content-length: 2637
last-modified: Fri, 17 Jul 2020 08:02:29 GMT
server: Tengine
etag: "Fq5lr3ULBrMDOteSq4wQIVz6oVdZ"
access-control-max-age: 2592000
ali-swift-global-savetime: 1677659333
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 65e21aa216776729946245528e

GET
H2 200 jquery.colorbox-min.js Show response
www.423down.com/wp-content/plugins/erphpdown/static/ 11 KB
5 KB 529ms
528ms Script
application/javascript 45.151.132.50
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.423down.com/wp-content/plugins/erphpdown/static/jquery.colorbox-min.js

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.151.132.50 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Tengine /

Resource Hash

b4da15c9f6ed2539306392c5e60554143454862dc6a68ba6c5cfbb6cf7f6c483

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/8125.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
strict-transport-security: max-age=172800; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 30 Oct 2017 01:34:54 GMT
server: Tengine
content-encoding: br
etag: W/"59f681be-2afa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-xss-protection: 1
expires: Fri, 31 Mar 2023 12:16:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 366 KB
120 KB 187ms
105ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5073779749772018&plah=www.423down.com&bust=31072479

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5073779749772018

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

537958e4928e6ed9ffaeda7b2608f5837e0c203bf742515464a66d96ae9d6fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123272
x-xss-protection: 0
server: cafe
etag: 12182580528513901346
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 12:16:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/ Frame 5250 10 KB
5 KB 128ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5073779749772018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:37:20 GMT
etag: 2378337311435320485
expires: Tue, 14 Mar 2023 19:37:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
603 B 138ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.423down.com&callback=_gfp_s_&client=ca-pub-5073779749772018

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5073779749772018&plah=www.423down.com&bust=31072479

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75b3cfe83849e9491e6f2958e151ffd37f6ed1ad5acecb6aaadcfb99b565208b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 173ms
48ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.423down.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 153ms
50ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.423down.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=header&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 762E 249 KB
55 KB 401ms
400ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&adk=2710647471&adf=2336291663&lmt=1677672994&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fwww.423down.com%2F8125.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994064&bpp=5&bdt=858&idt=291&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5561462839509&frm=20&pv=2&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=310

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a1e80ea9c79cd9d2670789b945833032fd4aa6d80bac503feb904b3a4781fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56085
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:34 GMT
expires: Wed, 01 Mar 2023 12:16:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1853 107 KB
33 KB 462ms
462ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=6446571284&adk=1638010549&adf=72148518&pi=t.ma~as.6446571284&w=858&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&format=858x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994069&bpp=2&bdt=863&idt=312&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=181&ady=2997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=krKHPRDT6c&p=https%3A//www.423down.com&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1953af9e51bf1396f7691d0ff960df6a0cccb16b9ee31e42a3e33ab30133818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33973
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:34 GMT
expires: Wed, 01 Mar 2023 12:16:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B65 101 KB
35 KB 583ms
583ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=2673002829&adk=3611007012&adf=3975080438&pi=t.ma~as.2673002829&w=380&lmt=1677672994&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994071&bpp=1&bdt=864&idt=324&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FdsJZjWsGu&p=https%3A//www.423down.com&dtd=326

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b0d77614a8ba5022c251f9e6a9776745914b5c5878b9dec1ff89601f9f5afc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35751
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:34 GMT
expires: Wed, 01 Mar 2023 12:16:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/ 150 KB
51 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302140101/reactive_library_fy2021.js?bust=31072479

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aeb7a87d67edd6eabdfe7a2cf8d9fb4ab61c98d9155c8a9397e7a1b1f9a3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52041
x-xss-protection: 0
server: cafe
etag: 18432623773751928389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Mar 2023 12:16:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 53ms
51ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.423down.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 51ms
50ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.423down.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41C0 102 KB
37 KB 463ms
462ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&adk=2528968786&adf=864023522&pi=t.aa~a.3407511349~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&to=qs&pwprc=4630267249&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994827&bpp=1&bdt=1621&idt=1&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9f5273b8bd553087-22b6e36a3bdd0092%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ&gpic=UID%3D00000bbd6266f6c6%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g&prev_fmts=0x0%2C858x280%2C380x280&nras=2&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=i7Ly0EBUYT&p=https%3A//www.423down.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d219483aff5098447b1075667d4b365313680856e45f060253698b707b86d865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37681
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:35 GMT
expires: Wed, 01 Mar 2023 12:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1853 4 KB
1 KB 165ms
61ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=6446571284&adk=1638010549&adf=72148518&pi=t.ma~as.6446571284&w=858&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&format=858x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994069&bpp=2&bdt=863&idt=312&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=181&ady=2997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=krKHPRDT6c&p=https%3A//www.423down.com&dtd=321

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 10:36:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1853 2 KB
799 B 309ms
159ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 1853 22 KB
9 KB 201ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1853 3 KB
1 KB 306ms
158ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1853 20 KB
8 KB 208ms
59ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1853 158 KB
49 KB 180ms
53ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 1853 34 KB
14 KB 180ms
52ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 05:53:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1853 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChIbQIkL_Y8zvGtDp6gT78rvwDe-DxKFuv8ivrL8OzMeapv0IEAEgkcGWKmCVwqaCsAegAbC6odcDyAEJqQJwOXOrmdmxPqgDAcgDywSqBNUBT9CXlt_yZ34g8Gi8OMYV-0sQfgMa4S5eIyauHwrw3LYleX6i5D-fyGIhx9fIx2925wz6FPTQgw20-JWyXLFeE5VW-cF6di0AGHZRqkzIOewALurgunmlU0L5rGBsesqexOdqaL4dLUgQV0H0Gwk7fGdC311bysY-vtlQhSPocyLxp1UfvXkPIg5ulnC7x69pVeXv9udigAtzxHWm7oN2lT6oni_wgOVNb8lsw75IkbDsF15GFuaxqRXazRnd6D2--sMbDh9moPalH8PX3yFjktOTcjPtwATJmKmq4AOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHxfetPqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDd4gTSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi01MDczNzc5NzQ5NzcyMDE4GAA&sigh=45_IX0NmZbo&uach_m=[UACH]&cid=CAQSGwDUE5ymV-gpaLM8_WK8OVu3WkhU_D6EpF9_MhgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=6446571284&adk=1638010549&adf=72148518&pi=t.ma~as.6446571284&w=858&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&format=858x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994069&bpp=2&bdt=863&idt=312&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=181&ady=2997&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=krKHPRDT6c&p=https%3A//www.423down.com&dtd=321
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Mar 2023 12:16:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Mar 2023 12:16:34 GMT

GET
DATA 200
OK truncated
/ Frame 1853 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 1853
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

59ms
58ms

Image
image/png

2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 21:17:07 GMT
x-content-type-options: nosniff
age: 485968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 21:17:07 GMT

Redirect headers

date: Tue, 28 Feb 2023 18:38:41 GMT
x-content-type-options: nosniff
server: cafe
age: 63474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Mar 2023 18:38:41 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.423down.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
53ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.423down.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/ Frame 1739 10 KB
4 KB 42ms
39ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 20:02:40 GMT
etag: 2378337311435320485
expires: Tue, 14 Mar 2023 20:02:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/ Frame B8D2 10 KB
4 KB 46ms
44ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.423down.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 20:02:40 GMT
etag: 2378337311435320485
expires: Tue, 14 Mar 2023 20:02:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1739 6 KB
745 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 10:57:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1739 2 KB
818 B 184ms
157ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 1739 22 KB
9 KB 92ms
67ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1739 3 KB
1 KB 185ms
161ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 1739 20 KB
8 KB 131ms
106ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1739 158 KB
48 KB 135ms
133ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 1739 34 KB
14 KB 68ms
65ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 05:53:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B8D2 4 KB
694 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 11:27:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame B8D2 2 KB
799 B 175ms
160ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B8D2 0
0 88ms
86ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7aOWIkL_Y6uQGprU6gTeoIKAD_rZjKBv6Pu_7LMRZBABIJHBlipglcKmgrAHoAGWovHUAcgBCakCcDlzq5nZsT6oAwHIA8sEqgTnAU_Qn4QGnTiXhdw3n0IVghGroUeCQexjPtpPAMW1DF6UCdynh3ncuEb8o0RN0u5FD8MiADbK65WBt5SeL93MhYt93Wv8Tpkoe4MGSAOYvYhBlh8pxsszkdmNt3aZNGUo6SL7BAYSqf442G4hhtwnao3QriX5xU1wF__3um480RGyVzjU34no6KIDprkC1eT0FQ4-xruW7LdksjnByCw0l9zKBX9wWKrFlEgbtsXa_Ubo1ZvUzBRDZWXs2SPGC9rPYnWSqKfrkWYh1crSySJmRMmmuAkOJxWxXgNxzW5E6qGyfz9jaf_XlMAEguGpzacEkgUECAQYAZIFBAgFGASgBi6AB9LdjqsCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1qAK0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTUwNzM3Nzk3NDk3NzIwMTgYAA&sigh=9zQC3WbI2lc&uach_m=[UACH]&cid=CAQSGwDUE5ymzI6aiRRNkRaHTERVNMeDaTm95DRIpRgB&template_id=484

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Mar 2023 12:16:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame B8D2 22 KB
9 KB 129ms
116ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame B8D2 3 KB
1 KB 176ms
163ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame B8D2 20 KB
8 KB 166ms
154ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8D2 158 KB
48 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame B8D2 34 KB
14 KB 100ms
99ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 05:53:29 GMT

GET
H2 200 30ff74cd17fac218005202762a48c647.js Show response
www.gstatic.com/mysidia/ Frame 7B65 10 KB
4 KB 108ms
104ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/30ff74cd17fac218005202762a48c647.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=2673002829&adk=3611007012&adf=3975080438&pi=t.ma~as.2673002829&w=380&lmt=1677672994&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994071&bpp=1&bdt=864&idt=324&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FdsJZjWsGu&p=https%3A//www.423down.com&dtd=326

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 02:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4407
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 00:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 30 May 2023 02:38:26 GMT

GET
H2 200 a7d0470ddcd0fa42353fa3e1ef0d9bb3.js Show response
www.gstatic.com/mysidia/ Frame 7B65 11 KB
5 KB 112ms
108ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a7d0470ddcd0fa42353fa3e1ef0d9bb3.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe210f25ffa8cb8180963416babbda9ef2f1f09110e99405e70a6a3d4ed2cff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4818
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 20:06:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7B65 8 KB
968 B 52ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 12:06:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 7B65 2 KB
799 B 66ms
51ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 7B65 22 KB
9 KB 128ms
125ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:13 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 7B65 3 KB
1 KB 67ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 7B65 20 KB
8 KB 142ms
139ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B65 158 KB
48 KB 153ms
150ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H2 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 7B65 34 KB
14 KB 65ms
51ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 05:53:29 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/13897224826366160398/ Frame B8D2 37 KB
37 KB 166ms
164ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13897224826366160398/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efd3030e696a7ad6f396c7f29657ae7025f0819d9d96abfdd994c4a58d726bdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 15:04:22 GMT
x-content-type-options: nosniff
age: 76333
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37859
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 09:11:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Feb 2024 15:04:22 GMT

GET
DATA 200
OK truncated
/ Frame 1853 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 017faa2aa362faa887d1ae5d90ee80cf2683501d64bb6a2a94899d69a0977351

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B65 0
0 88ms
83ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm3BOIkL_Y8SZG62W78EP_f6N6AfhxfjObu2Z2uSUCILr0uCyARABIJHBlipglcKmgrAHoAHIsanNA8gBAagDAcgDywSqBNwBT9Dw5_MkHR5wEGO1_zcp4PyjKtGfv3AbWUamFAlEhU6PTp7WJ3ODnk1D4xXnAmtjxYPOqHrGgGuUsnPbg4Vgm02ke5y2-NjvXSZRCYMBWQhmqPIR_BWgDzyF4yPJ9Eizd0Ww6ML3u7mGrCRI1wm7HfeA6WlKEvDMBmT6m0_cp0iaalkfEQO4AeccotL6AgLKK5GoJ26s_fWZAY8AJmfDNj88RhMo5cAXppQcbjbBzcqrfTSJsG3DHZzs0p_WCiE7IMpU79w_lCSx2pL7esCe_PyCtS-Q3h2FSa2vn8AE6viq5usBkgUECAQYAZIFBAgFGASAB-Tq4jWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDDvh3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUFNAVAYAXAbIXHAoaCAASFHB1Yi01MDczNzc5NzQ5NzcyMDE4GAA&sigh=s0r1dzS96KM&uach_m=[UACH]&cid=CAQSGwDUE5ymUgJL7SbzW9wAGMyKTqyF78w5_9qJvRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=2673002829&adk=3611007012&adf=3975080438&pi=t.ma~as.2673002829&w=380&lmt=1677672994&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994071&bpp=1&bdt=864&idt=324&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FdsJZjWsGu&p=https%3A//www.423down.com&dtd=326
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Mar 2023 12:16:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B57 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&slotname=2673002829&adk=3611007012&adf=3975080438&pi=t.ma~as.2673002829&w=380&lmt=1677672994&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994071&bpp=1&bdt=864&idt=324&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C858x280&nras=1&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=FdsJZjWsGu&p=https%3A//www.423down.com&dtd=326
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7B65 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf3358716796288548d8f1d9be0e9c158593f04f0dbfd2cf5bcb924eb1c6a7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B8D2 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fb6a705430e4d62d02d620de6f63431ea38eaef9e31b0dcf237ec98fe268e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13897224826366160398/ Frame 1739 43 KB
43 KB 54ms
53ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13897224826366160398/2076313506083323656

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afea20f7c91af83e2d1441e660197cb80c894211bba64d56fc9ba8fc234a09d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:30:55 GMT
x-content-type-options: nosniff
age: 60340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43975
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 09:11:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Feb 2024 19:30:55 GMT

GET
DATA 200
OK truncated
/ Frame 1739 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1739 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeafd46e06e14920bffaeb3a39b9ad31309db627bfc8194ec95aae02a48dbee5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 1853 16 KB
16 KB 135ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 543327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 05:21:08 GMT

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame CE4E 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 41C0 2 KB
765 B 75ms
75ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&adk=2528968786&adf=864023522&pi=t.aa~a.3407511349~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&to=qs&pwprc=4630267249&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994827&bpp=1&bdt=1621&idt=1&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9f5273b8bd553087-22b6e36a3bdd0092%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ&gpic=UID%3D00000bbd6266f6c6%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g&prev_fmts=0x0%2C858x280%2C380x280&nras=2&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=i7Ly0EBUYT&p=https%3A//www.423down.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 41C0 22 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2062
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 41C0 3 KB
1 KB 77ms
75ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 11:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2061
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 11:42:14 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 41C0 20 KB
8 KB 67ms
66ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60612
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Mar 2023 19:26:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 41C0 0
0 139ms
47ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIybuzhAhp_KJ7x4xS-lqsPi2r15aTrbB2mdn51S5q4aIZ9mLq9xHDu1_ualyCJAhPvL7ayu_35Ol0xKvXr1OujJ3aog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&adk=2528968786&adf=864023522&pi=t.aa~a.3407511349~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&to=qs&pwprc=4630267249&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994827&bpp=1&bdt=1621&idt=1&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9f5273b8bd553087-22b6e36a3bdd0092%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ&gpic=UID%3D00000bbd6266f6c6%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g&prev_fmts=0x0%2C858x280%2C380x280&nras=2&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=i7Ly0EBUYT&p=https%3A//www.423down.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41C0 158 KB
48 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677501794595172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 12:16:35 GMT

GET
H3 200 3d1f1376e308865cf68987b0ba581d94.js Show response
www.gstatic.com/mysidia/ Frame 41C0 34 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3d1f1376e308865cf68987b0ba581d94.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 05:53:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 109386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14319
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 04:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 29 May 2023 05:53:29 GMT

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame EC05 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1739 0
18 B 87ms
86ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKvV9IkL_Y6qQGprU6gTeoIKAD_rZjKBv6Pu_7LMRZBABIJHBlipglcKmgrAHoAGWovHUAcgBCakCcDlzq5nZsT6oAwHIA8sEqgTmAU_QvqHPwfreniYzMxJTbBgBeqlIRJTl82XRA-GDGifoiuxdrVkv52OnVQ5mzUufpGe5kF1R6Puj1yV3WiUuLpsXPnQOILvRn-dGb2Mup2Obd6h3AcCzcTwvIhZjO0wyguGIipTYapHiojB4XetPyfKWbO6YAdY4dtccRuYmgy1c7ts3FdAy3w4SmHVA4JMxSQEOkplLtTvzKEXpQ8XB_juqYk6TK2QlxsvxDPxBHSFlIL8j2wiKP1p9K4SpbFAc2teT8jAdQGMEEvI_UaGFMVkgeRwIHpfjL4UAAp-4tLxXZzUHekDOwASC4anNpwSSBQQIBBgBkgUECAUYBKAGLoAH0t2OqwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC7hQHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItNTA3Mzc3OTc0OTc3MjAxOBgA&sigh=45EY2U0pz_s&uach_m=[UACH]&cid=CAQSGwDUE5ymzI6aiRRNkRaHTERVNMeDaTm95DRIpRgB&template_id=484&vis=1

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Mar 2023 12:16:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame C063 36 KB
14 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 41C0 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0y8JIkL_Y_73NYGX6gSAo5qoAoq75YZvl43NvZARsJAfEAEgkcGWKmCVwqaCsAegAfz8-PcCyAEBqQILVTjZB8WxPqgDAcgDywSqBNsBT9B5PGQcIhA8QOUkpsWMO7tOTLlo1YbUzsBvi5b3eydBNIOGNGMkzV0hFhfSljY__VewhcGZoSy81uPhm_2V7skSCAxtC_TTImS_jHsc--12EtdZSemsu2acsVDsNUbpbdJqel4nRSwH-2XmrqCagwOKEnNE9T8pZwifbwb8mMUH7pV57tQ-jZ-ElkCkJHTmcANJvlIuLLLMmJ6k_bD14Fu_LkcSIesi7w3eTwV79FMtHEkcPb-2llp6-qT39jBpchai4QEGsREZ0QD3IaGwFKlctzEbRH1iay3YwASendfPkQSgBgKAB7Om75oBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkN8C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwOIFAHQFQGAFwGyFxwKGggAEhRwdWItNTA3Mzc3OTc0OTc3MjAxOBgA&sigh=ozXskWqKt1o&uach_m=[UACH]&cid=CAQSPADUE5ymCod_ptHjnQ_vxn1M3zgoaWekJ2mP3xUnjgzL5weI4rjNUxr2gwOURBp32d--yc9rgFHnEFD8pxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&adk=2528968786&adf=864023522&pi=t.aa~a.3407511349~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&to=qs&pwprc=4630267249&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994827&bpp=1&bdt=1621&idt=1&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9f5273b8bd553087-22b6e36a3bdd0092%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ&gpic=UID%3D00000bbd6266f6c6%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g&prev_fmts=0x0%2C858x280%2C380x280&nras=2&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=i7Ly0EBUYT&p=https%3A//www.423down.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 01 Mar 2023 12:16:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7B65 28 KB
28 KB 104ms
51ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:36:43 GMT
x-content-type-options: nosniff
age: 491992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 19:36:43 GMT

GET
H3 200 2059114222531300490
tpc.googlesyndication.com/daca_images/simgad/ Frame 41C0 46 KB
46 KB 70ms
69ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2059114222531300490?w=600&h=500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d79bc35cffa480b2d883571daf0157a4db752d6867287da2a35181c8aaa7427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:09:15 GMT
x-content-type-options: nosniff
age: 440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46778
x-xss-protection: 0
last-modified: Fri, 17 Feb 2023 20:59:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Mar 2023 12:09:15 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8B57
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:35 GMT
expires: Wed, 01 Mar 2023 12:16:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2386 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 11:09:24 GMT
etag: 48472445140208031
expires: Thu, 02 Mar 2023 11:09:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 34C7 247 B
868 B 299ms
86ms Document
text/html 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

074b77bc7bf74f68088b0cb451df666cbcc607de0f31c50cdf5e99813ab2997e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-xoGD_q1VizeATylUbUUOEQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 41C0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97da57c1db053a93236c0fe8183810b862caa0624900b08142c8cdf12782cdef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2386 0
104 B 240ms
82ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDFnhZnUucefjivSA17BKNo&google_cver=1&google_push=Aa02lx-hhJqobc9KNwrbCork_fEsd63MolA3Yj9Np7atYNsJ0tRdcU44BaH6AyBl6vOoZwOmilX3M_XNtfZa_0XPx5R96CoenjDY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5073779749772018&output=html&h=280&adk=2528968786&adf=864023522&pi=t.aa~a.3407511349~rp.4&w=380&fwrn=4&fwrnh=100&lmt=1677672994&rafmt=1&to=qs&pwprc=4630267249&format=380x280&url=https%3A%2F%2Fwww.423down.com%2F8125.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1677672994827&bpp=1&bdt=1621&idt=1&shv=r20230227&mjsv=m202302140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9f5273b8bd553087-22b6e36a3bdd0092%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ&gpic=UID%3D00000bbd6266f6c6%3AT%3D1677672994%3ART%3D1677672994%3AS%3DALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g&prev_fmts=0x0%2C858x280%2C380x280&nras=2&correlator=5561462839509&frm=20&pv=1&ga_vid=326366026.1677672994&ga_sid=1677672994&ga_hid=1922775148&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=2867&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44777877%2C31072479&oid=2&pvsid=3333141818994853&tmod=1313413046&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=i7Ly0EBUYT&p=https%3A//www.423down.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2386
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEBCotdBmZQuF6rkWlUnrWxI&google_cver=1&google_push=Aa02lx_zz3Q5y2po5xE_I3R9WXUxRXtEQ_z9TISU9Gdlbn3Sh_PFLvXUcRDKHg9BBgTl2fECoQAaAYqZZwRXvJPp4mfM4JjsNGybiA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=62F9DBA0C61F47FE85CBCCD5E9A8E820&google_push=Aa02lx_zz3Q5y2po5xE_I3R9WXUxRXtEQ_z9TISU9Gdlbn3Sh_PFLvXUcRDKHg9BBgTl2fECoQAaAYqZZwRXvJP...

170 B
232 B

95ms
78ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=62F9DBA0C61F47FE85CBCCD5E9A8E820&google_push=Aa02lx_zz3Q5y2po5xE_I3R9WXUxRXtEQ_z9TISU9Gdlbn3Sh_PFLvXUcRDKHg9BBgTl2fECoQAaAYqZZwRXvJPp4mfM4JjsNGybiA

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Mar 2023 12:16:35 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=62F9DBA0C61F47FE85CBCCD5E9A8E820&google_push=Aa02lx_zz3Q5y2po5xE_I3R9WXUxRXtEQ_z9TISU9Gdlbn3Sh_PFLvXUcRDKHg9BBgTl2fECoQAaAYqZZwRXvJPp4mfM4JjsNGybiA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 28 Feb 2023 12:16:35 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2386
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENKG-4wsBIue1dPDO6KQB0s&google_cver=1&google_push=Aa02lx-ibsnskyyj8aGAWKBbGXVUDZJ9TwNaHRkweoA_76RBH2lgTxFOEyI1XZqoX8k-G5k8wuHQVJx0wiJjpk0SHpznDH7...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-ibsnskyyj8aGAWKBbGXVUDZJ9TwNaHRkweoA_76RBH2lgTxFOEyI1XZqoX8k-G5k8wuHQVJx0wiJjpk0SHpznDH7tr4SVxw&google_hm=eS1LaDN3OUdSRTJwR2Vw...

170 B
232 B

77ms
77ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-ibsnskyyj8aGAWKBbGXVUDZJ9TwNaHRkweoA_76RBH2lgTxFOEyI1XZqoX8k-G5k8wuHQVJx0wiJjpk0SHpznDH7tr4SVxw&google_hm=eS1LaDN3OUdSRTJwR2VwYnVMOUNrWUVUVzlyZUczVmJXMn5B

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Mar 2023 12:16:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx-ibsnskyyj8aGAWKBbGXVUDZJ9TwNaHRkweoA_76RBH2lgTxFOEyI1XZqoX8k-G5k8wuHQVJx0wiJjpk0SHpznDH7tr4SVxw&google_hm=eS1LaDN3OUdSRTJwR2VwYnVMOUNrWUVUVzlyZUczVmJXMn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2386
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMjzTcko-0x8k4oM5A91qC0&google_cver=1&google_push=Aa02lx9lxJcshD9XKzVGizPAfwLpdjGT_G1VYHcHYfVgaItPSTZ0DDf9LOmKr-_rnKkTXfYvNhc...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVQTjZPRTUtMVEtSzJJQQ==&google_push=Aa02lx9lxJcshD9XKzVGizPAfwLpdjGT_G1VYHcHYfVgaItPSTZ0DDf9LOmKr-_rnKkTXfYvNhcBUfVY8CHNKtunPsF4YnZI9ccc

170 B
232 B

77ms
76ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVQTjZPRTUtMVEtSzJJQQ==&google_push=Aa02lx9lxJcshD9XKzVGizPAfwLpdjGT_G1VYHcHYfVgaItPSTZ0DDf9LOmKr-_rnKkTXfYvNhcBUfVY8CHNKtunPsF4YnZI9ccc

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVQTjZPRTUtMVEtSzJJQQ==&google_push=Aa02lx9lxJcshD9XKzVGizPAfwLpdjGT_G1VYHcHYfVgaItPSTZ0DDf9LOmKr-_rnKkTXfYvNhcBUfVY8CHNKtunPsF4YnZI9ccc
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2386
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECSeO1SB8Ec5K4EXZJa7sBw&google_cver=1&google_push=Aa02lx8JoqnocMWUk4VVmHnZuiO5TpSRXBSDcPzvWXDhAlUUMLfIEuhRxALXJqKuvEDGyUj_vFuOUR21Oo9I...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8JoqnocMWUk4VVmHnZuiO5TpSRXBSDcPzvWXDhAlUUMLfIEuhRxALXJqKuvEDGyUj_vFuOUR21Oo9IIoBJr7QZq6VGFEZqig

170 B
329 B

118ms
77ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8JoqnocMWUk4VVmHnZuiO5TpSRXBSDcPzvWXDhAlUUMLfIEuhRxALXJqKuvEDGyUj_vFuOUR21Oo9IIoBJr7QZq6VGFEZqig

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8JoqnocMWUk4VVmHnZuiO5TpSRXBSDcPzvWXDhAlUUMLfIEuhRxALXJqKuvEDGyUj_vFuOUR21Oo9IIoBJr7QZq6VGFEZqig
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2386
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEJbKc-Uv3Co0GCn1H3VNnnk&google_cver=1&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7ZcvHZ_SVV...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJbKc-Uv3Co0GCn1H3VNnnk&google_cver=1&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7Zcv...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sQO6AIglS2iL4WaRdNYATw&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7Zc...

170 B
232 B

78ms
78ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sQO6AIglS2iL4WaRdNYATw&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7ZcvHZ_SVVX93VegpA

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=sQO6AIglS2iL4WaRdNYATw&google_push=Aa02lx-xui7RTIRCMDbSeTbn2xT6U0EvJzKedqmcyck8yv8682-T5SajF5-WgWaRHqphJ4iIryrwEORp6YoL7ZcvHZ_SVVX93VegpA
access-control-allow-origin: *
date: Wed, 01 Mar 2023 12:16:35 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2386
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKnaE9v05DgBIZDaD7InjxU&google_cver=1&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-nd...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKnaE9v05DgBIZDaD7InjxU&google_cver=1&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-nd...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUXNmaHRKRTJ1RWpqVk5lb3U4TU44Y0x5NEhVVFFaTH5B&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7Z...

170 B
232 B

77ms
76ms

Image
image/png

142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUXNmaHRKRTJ1RWpqVk5lb3U4TU44Y0x5NEhVVFFaTH5B&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-ndVkpB_Ttxg0resQQ_rZZWe2B3NlneI

Requested by

Protocol

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1jUXNmaHRKRTJ1RWpqVk5lb3U4TU44Y0x5NEhVVFFaTH5B&google_push=Aa02lx97M9FNjneIxpH_vvMjZXSGrRO-gU7OB7E81mhOt2lVNivRc4s7ZxBn9g7RIGA8mW7-ndVkpB_Ttxg0resQQ_rZZWe2B3NlneI
date: Wed, 01 Mar 2023 12:16:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2386 0
130 B 267ms
73ms Image
text/html 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Isv92ZpIQ-zqzdh_51IejyvexpE1P36ZNoYvGybu-U_dFXc1F1qDWkRSFOU8VKIcB02hzDmw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 12:16:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3611 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET UrlChangeTracker.js
hmcdn.baidu.com/static/tongji/plugins/ 0
0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 375ms
375ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=745221904&si=152027bf90023a4cf754c9af7675431d&v=1.3.0&lv=1&sn=42531&r=0&ww=1600&u=https%3A%2F%2Fwww.423down.com%2F8125.html&tt=%E8%85%BE%E8%AE%AFQQ%20PC%E7%89%88%209.7.3.28946%20%E5%8E%BB%E5%B9%BF%E5%91%8A%E7%BB%BF%E8%89%B2%E7%B2%BE%E7%AE%80%E7%89%88%20-%20423Down

Requested by

Host: www.423down.com
URL: https://www.423down.com/8125.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.423down.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Mar 2023 12:16:36 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 iframe.html Show response
p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 34C7 5 KB
2 KB 86ms
85ms Document
text/html 142.250.180.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f3.1e100.net

Software

sffe /

Resource Hash

e3d2b731d9e8fbd7f9c779874d0cbf4c97bc91fed6a36cb5b435651acb0176e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1986
content-security-policy-report-only: script-src 'nonce-WHCsrsRa0iVMjD_cNEl_9w' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 12:16:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Fri, 03 Feb 2023 22:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js Show response
pagead2.googlesyndication.com/bg/ Frame CBE1 36 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeyVZ0EhAtcDFQuhm4W2HTvLIH7JypmBfS93VbjkVpU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 07:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14287
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 07:57:49 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B8D2 42 B
174 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts_SYtaJqCSIBdah7tcOysWTeC9Xul_wpe3EbUsqS2WSDIHip6izo7Xz92kF5qXq-BeJXY6hjhECL8CZiRx01PlcFwlSX4GUSYUdSgBDjDmX28oW3VgRh3JCtOIsJtqiD18QClzg&sai=AMfl-YSSGi21N7jFZhVFlwCDiuUiN1o_491c7_qZ25v-EZunn6KQmtgAyhlUC-bmjWaEXlPgyWqUIzVL0ibZ&sig=Cg0ArKJSzKblMrHydSD7EAE&cid=CAQSGwDUE5ymzI6aiRRNkRaHTERVNMeDaTm95DRIpRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=130,749,1000,1030,1030&tos=130,619,251,30,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2710647471&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677672994923&rpt=374&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1739 42 B
108 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGIVLfeHzrFw6QBRw20ikTwtxp9WSK8JxfEAbi99r8l_CXKxPPsX7HSwC-v41v_bfjAj6BYPnklpFsH9FXsqj985vv8lwS7iespvXfPxyx_WVHepW8kYILJEVihsV4tNAetLtsAQ&sai=AMfl-YSGXIM43VV_puWWiiUPCzFYknCBwtKqerRs1ElVUCb7Lehbbd43pVTjS4JcDeNQ7esSOJHE5JwLL_QO&sig=Cg0ArKJSzGjWqqstt8zrEAE&cid=CAQSGwDUE5ymzI6aiRRNkRaHTERVNMeDaTm95DRIpRgB&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2710647474&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677672994919&rpt=394&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B65 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuz9FJ0M8D2qtlnm5e-6MzMRPTjTSM3KHjO2PafmsFOQCQH5HCr2bS7y7_6I1wvBNPd_SDgiQIkwx1PcrvxmZ36BHmUyd_0YFePXZWADcSyAN4-lLcD4HegKkJC3iia7l4yaiKPYQ&sai=AMfl-YSuxr76PGodAFEQL_Q3FSLqBFK3FCVDFgjTCVkyjef0GwkpHRByAYiwoNqq_NW2LnIxVpy76aDv7CnV&sig=Cg0ArKJSzNhL6iLeJaS5EAE&cid=CAQSGwDUE5ymUgJL7SbzW9wAGMyKTqyF78w5_9qJvRgB&id=lidar2&mcvt=1000&p=0,0,280,380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230227&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3611007012&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677672994398&rpt=1250&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Mar 2023 12:16:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hmcdn.baidu.com
URL: https://hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.423down.com/	1970-01-20 19:37:12	Name: X_CACHE_KEY Value: d9c535a8238a9ff85b2a8e36c33c58bd
www.423down.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: sgq014p81esb228e3qdiipnt8v
.423down.com/	1970-01-20 19:22:48	Name: __gads Value: ID=9f5273b8bd553087-22b6e36a3bdd0092:T=1677672994:RT=1677672994:S=ALNI_MYWf-PkHYVAK_JtCGPr1gmb7sE3MQ
.423down.com/	1970-01-20 19:22:48	Name: __gpi Value: UID=00000bbd6266f6c6:T=1677672994:RT=1677672994:S=ALNI_MZtrkAd7Zh_B3RXo8mKqJ6f0ZEv0g
.hm.baidu.com/	1970-01-20 19:37:12	Name: HMACCOUNT_BFESS Value: 9FD62623D31B07F7
.doubleclick.net/	1970-01-20 19:22:48	Name: IDE Value: AHWqTUmokmtfNazXSND0zIUP8BEpoxY4cVLlQDSjGIWOUw6OOZuMfvRTm5E7accBRe0
.doubleclick.net/	1970-01-20 10:01:16	Name: DSID Value: NO_DATA
.simpli.fi/	1970-01-20 18:48:15	Name: suid Value: 62F9DBA0C61F47FE85CBCCD5E9A8E820
.423down.com/	1970-01-20 18:46:48	Name: Hm_lvt_152027bf90023a4cf754c9af7675431d Value: 1677672996
.423down.com/	1969-12-31 23:59:59	Name: Hm_lpvt_152027bf90023a4cf754c9af7675431d Value: 1677672996
.analytics.yahoo.com/	1970-01-20 18:46:48	Name: IDSYNC Value: 18yx~2a9o
.yahoo.com/	1970-01-20 18:47:10	Name: A3 Value: d=AQABBCNC_2MCEOyq2labcGfWv5uaE8F5h9oFEgEBAQGTAGQJZAAAAAAA_eMAAA&S=AQAAAgGcHjyyLmsQeyyNh3Rgc9Q
.360yield.com/	1970-01-20 12:10:48	Name: tuuid Value: b103ba00-8825-4b68-8be1-669174d6004f
.360yield.com/	1970-01-20 12:10:48	Name: tuuid_lu Value: 1677672995

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=2710647471&client=ca-pub-5073779749772018&fa=1&ifi=6&uci=a!6&btvi=4&xpc=L6ck57qAcr&p=https%3A//www.423down.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230227/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=2710647474&client=ca-pub-5073779749772018&fa=4&ifi=5&uci=a!5&btvi=3&xpc=8Zm5r4xtml&p=https%3A//www.423down.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=172800; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
dclk-match.dotomi.com
dn-qiniu-avatar.qbox.me
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hm.baidu.com
hmcdn.baidu.com
match.360yield.com
onetag-sys.com
p4-hoyhr7ao5swv2-rpqe4p3ehv4wxynv-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
www.423down.com
www.google.com
www.googletagservices.com
www.gstatic.com
hmcdn.baidu.com
103.235.46.191
142.250.180.195
142.251.208.130
18.156.0.31
240e:96c:1100:5a01:3::3fd
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2004
2a00:1450:400d:80a::2001
2a00:1450:400d:80a::2003
2a02:fa8:8806:16::1400
2a05:d018:d29:3605:3a35:c032:6d7e:7081
3.70.39.209
35.204.74.118
45.151.132.50
51.89.9.251
69.173.144.139
017faa2aa362faa887d1ae5d90ee80cf2683501d64bb6a2a94899d69a0977351
074b77bc7bf74f68088b0cb451df666cbcc607de0f31c50cdf5e99813ab2997e
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0a1e80ea9c79cd9d2670789b945833032fd4aa6d80bac503feb904b3a4781fec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d502b7e03eb48675762a6a4bf66f58c605ab1ff16b8184d594aa967dd00d5e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184f7e9267bf77e6df354fcbd8c87029012a59f9aa277fde93f376349ee0f0a6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3386d6c2dc621a2dfdd4f542227d26bec5f0668a0d65750618259332d155326a
349308e18adc6757c96b146f38490f55cf17ed21cc2aa99d3510ab7e06847c0e
38935741f6939baa18b56370cf3e8a1b20e1e52439ded7d8dd4c5e39a5ca2672
3d79bc35cffa480b2d883571daf0157a4db752d6867287da2a35181c8aaa7427
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4fb6a705430e4d62d02d620de6f63431ea38eaef9e31b0dcf237ec98fe268e9f
537958e4928e6ed9ffaeda7b2608f5837e0c203bf742515464a66d96ae9d6fd4
5b0d77614a8ba5022c251f9e6a9776745914b5c5878b9dec1ff89601f9f5afc2
5c0bb78ff1065338e305c19f9a905c27d08a923d81a5f3f6a1c6a0feda57c1a6
5d54bcaeaeae8e1054383f05a5bee262393d83067fbd83a33432e102139028ad
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61ec9567412102d703150ba19b85b61d3bcb207ec9ca99817d2f7755b8e45695
718a5bb621f6cae6e10cacbb90cc33b3f6a04a7cb466362b4bed83e275bcba84
744977b6f0e171b5a37e874c63b540cdd63f01e6dc5bcc7914874b7f77e76f96
75b3cfe83849e9491e6f2958e151ffd37f6ed1ad5acecb6aaadcfb99b565208b
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
79a7b7daabd0550af70bfec2002e69feb30654d3c13aaae09ff84bf6cd6c3f3b
88a5e335aeb265f502f416398e1bdd8668a74fe8bd32185c6b19cbcbba03f8b5
8aeb7a87d67edd6eabdfe7a2cf8d9fb4ab61c98d9155c8a9397e7a1b1f9a3db0
941c57e49d2bf34fafac88f901568e154e8db331cc0f3c90d30b8270f59fb0fb
95a09c27e2a8ed6a5fe4a51fa1a4a6bf15ae9fe72e368a689f00495dfb1c43e5
96216e4eac20f8b160d1d7df73e1d1488491bf3d94771cea01e4def120a2cd1e
97da57c1db053a93236c0fe8183810b862caa0624900b08142c8cdf12782cdef
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a3dba20968ace0a25b4cc5a468da7f80a3ea5f75f4bd5610237a2af854484bb7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a64a5c16437a020515d0b26b4cd13e9ab2bfe3fee0f140349a1946c7e7101ea5
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
afea20f7c91af83e2d1441e660197cb80c894211bba64d56fc9ba8fc234a09d5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4da15c9f6ed2539306392c5e60554143454862dc6a68ba6c5cfbb6cf7f6c483
bd1593d6eeb1b9ca3afe863f21c50a425b47cdd815c1d4d5dec961db0fab91fa
be7e2d6ded2a7a9a2a3f38e071ed84a03bad55f24677fa98ca610a115f610071
bf3358716796288548d8f1d9be0e9c158593f04f0dbfd2cf5bcb924eb1c6a7d3
bf604d68a81b4f3042807e4f9561e19db4130802cad8c53b39549c383a86ff77
c1953af9e51bf1396f7691d0ff960df6a0cccb16b9ee31e42a3e33ab30133818
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d219483aff5098447b1075667d4b365313680856e45f060253698b707b86d865
d949999caf35dbd8d2ea0ed41e66871c87531233c8fb8c65c018a28e8ccb0ae8
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2b731d9e8fbd7f9c779874d0cbf4c97bc91fed6a36cb5b435651acb0176e7
e3d3da3bc36039181f7983d6672860324ba3aa37d01c6f8d0117b58f7860d0e3
e75162e3ae955c1c74ca07dd0baf40478eea6d91b6ee75495fdda4fb852ec7af
eeafd46e06e14920bffaeb3a39b9ad31309db627bfc8194ec95aae02a48dbee5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd3030e696a7ad6f396c7f29657ae7025f0819d9d96abfdd994c4a58d726bdd
f122c003e3b339b85ca4b175c2c08c25d7dd061b1f36825c7cd55f85aa71f2d9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656
fe210f25ffa8cb8180963416babbda9ef2f1f09110e99405e70a6a3d4ed2cff9
fe3178f8a600a94db2358cee116a56c6a3111b02c6910920a27f6d72295585c0

www.423down.com Open in urlscan Pro 45.151.132.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

93 %HTTPS

57 %IPv6

17 Domains

24 Subdomains

16 IPs

8 Countries

1358 kBTransfer

3244 kBSize

14 Cookies

4 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.423down.com Open in urlscan Pro
45.151.132.50 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

93 %
HTTPS

57 %
IPv6

17
Domains

24
Subdomains

16
IPs

8
Countries

1358 kB
Transfer

3244 kB
Size

14
Cookies

111 HTTP transactions
7 data transactions