odkud.com Open in urlscan Pro
46.28.105.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://odkud.com/
Submission: On April 14 via api (April 14th 2023, 10:09:11 am UTC) from US — Scanned from DE

Summary HTTP 190 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 25 domains to perform 190 HTTP transactions. The main IP is 46.28.105.136, located in Hluboka nad Vltavou, Czech Republic and belongs to WEDOS, CZ. The main domain is odkud.com.

This is the only time odkud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	46.28.105.136 46.28.105.136	197019 (WEDOS) (WEDOS)
24	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	88.86.101.2 88.86.101.2	39392 (SUPERNETW...) (SUPERNETWORK ^_^)
1 51	2001:41d0:303... 2001:41d0:303:d9d6:237a::1	16276 (OVH) (OVH)
15	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	() ()
1	63.215.202.137 63.215.202.137	() ()
2 2	185.29.132.245 185.29.132.245	() ()
1 16	142.250.181.226 142.250.181.226	() ()
2 2	37.157.6.254 37.157.6.254	() ()
3	35.227.252.103 35.227.252.103	() ()
5 5	198.47.127.19 198.47.127.19	() ()
5 5	185.80.39.216 185.80.39.216	() ()
1 3	2606:4700::68... 2606:4700::6812:19ad	() ()
1	35.71.131.137 35.71.131.137	() ()
1 1	51.89.9.254 51.89.9.254	() ()
1 2	46.228.164.11 46.228.164.11	() ()
2 2	18.198.127.244 18.198.127.244	() ()
1 1	2a05:d018:d29... 2a05:d018:d29:3605:5a00:a9cf:83b3:fc4	() ()
190	23

3 46.28.105.136 (Hluboka nad Vltavou, Czech Republic)

ASN197019 (WEDOS, CZ)
PTR: hc1-wd274.wedos.net

odkud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.86.101.2 (Prague, Czech Republic)

ASN39392 (SUPERNETWORK ^_^, CZ)
PTR: www2.toplist.cz

toplist.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2001:41d0:303:d9d6:237a::1 (France) 1 redirects

ASN16276 (OVH, FR)

geo.myip.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
myip.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.137 (None, )

ASN- ()

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.181.226 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.47.127.19 (None, ) 5 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (None, ) 5 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (None, ) 1 redirects

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.127.244 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:5a00:a9cf:83b3:fc4 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 138	692 KB
51	myip.ms 1 redirects geo.myip.ms myip.ms — Cisco Umbrella Rank: 327437	427 KB
30	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net	151 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	485 KB
14	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	47 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	6 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com	5 KB
5	pubmatic.com 5 redirects image6.pubmatic.com	2 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	244 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
3	openx.net rtb.openx.net	620 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 9047	818 B
3	odkud.com odkud.com	4 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	adform.net 2 redirects c1.adform.net	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	40 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	714 B
1	onetag-sys.com 1 redirects onetag-sys.com	336 B
1	adsrvr.org match.adsrvr.org	265 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	quantserve.com cms.quantserve.com	465 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 925
1	toplist.cz toplist.cz — Cisco Umbrella Rank: 84689	414 B
190	25

	Domain	Requested by
46	myip.ms	geo.myip.ms myip.ms
30	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net odkud.com
24	pagead2.googlesyndication.com	odkud.com pagead2.googlesyndication.com myip.ms tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
16	cm.g.doubleclick.net	1 redirects odkud.com googleads.g.doubleclick.net
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net odkud.com
11	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
11	www.google.com	1 redirects myip.ms www.gstatic.com www.google.com tpc.googlesyndication.com googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
5	image6.pubmatic.com	5 redirects
5	www.googletagservices.com	googleads.g.doubleclick.net
5	geo.myip.ms	1 redirects odkud.com geo.myip.ms
3	rtb.openx.net	googleads.g.doubleclick.net
3	fonts.gstatic.com	www.google.com fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	odkud.com	odkud.com
2	x.bidswitch.net	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	sync.mathtag.com	2 redirects
2	www.google-analytics.com	geo.myip.ms myip.ms
1	pr-bh.ybp.yahoo.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	onetag-sys.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	odkud.com
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	toplist.cz	odkud.com
190	32

This site contains links to these domains. Also see Links.

Domain
speed.odkud.com
password.odkud.com
download.odkud.com
howto.odkud.com
www.toplist.cz

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.myip.ms AlphaSSL CA - SHA256 - G4	`2023-02-25` - `2024-03-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
myip.ms R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh

This page contains 26 frames:

Primary Page: http://odkud.com/
Frame ID: 4D6EBDB824D3FE79D7F2768F4DBC6B7B
Requests: 16 HTTP requests in this frame

Frame: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Frame ID: F4A94B4C15A7E1AD72AF857D4E321B48
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html
Frame ID: C817D6618078756E7E01203CCE4C63F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1141051534&adf=4121372370&lmt=1681466944&format=0x0&url=http%3A%2F%2Fodkud.com%2F&ea=0&wgl=1&dt=1681466943744&bpp=14&bdt=74&idt=280&shv=r20230412&mjsv=m202304120101&ptt=5&saldr=sa&abxe=1&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1365&ady=487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cr%7C&abl=CS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=304
Frame ID: 4C74F47B756C5EE5373DEFD120C363EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1808938608369092&output=html&h=240&slotname=5852232746&adk=238356412&adf=3103862580&pi=t.ma~as.5852232746&w=120&lmt=1681466944&format=120x240&url=http%3A%2F%2Fodkud.com%2F&wgl=1&dt=1681466943771&bpp=3&bdt=100&idt=295&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1477&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=m202304120201&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mc2ALbUje7&p=http%3A//odkud.com&dtd=305
Frame ID: 46A767D2D389F517B5AA66EE0FF63CEA
Requests: 15 HTTP requests in this frame

Frame: https://myip.ms/d
Frame ID: 5F364916706AAD8D1D02CA1B70184D64
Requests: 56 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1808938608369092&output=html&adk=1812271804&adf=3025194257&lmt=1681466944&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fodkud.com%2F&ea=0&pra=7&wgl=1&dt=1681466943793&bpp=3&bdt=122&idt=289&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x240&nras=1&correlator=550059641701&frm=20&pv=1&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202304120201&fu=33792&bc=23&ifi=3&uci=a!3&fsb=1&dtd=310
Frame ID: 57442B7F72892100091309AF9C22D3CF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&co=aHR0cHM6Ly9teWlwLm1zOjQ0Mw..&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=118k92wbgy3g
Frame ID: 51AF85933531A77ECE7AC80C9D69B93C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3351510036035199&output=html&h=250&slotname=8097149328&adk=2779407153&adf=2615419347&pi=t.ma~as.8097149328&w=250&format=250x250&url=https%3A%2F%2Fgeo.myip.ms%2F&ea=0&wgl=1&dt=1681466944808&bpp=5&bdt=537&idt=257&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&correlator=1264305041433&frm=8&ife=1&pv=2&ga_vid=374939901.1681466945&ga_sid=1681466945&ga_hid=321026029&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1&ish=1&ifk=1593391294&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C31073584%2C31073869&oid=2&pvsid=2922083344550384&tmod=1271910175&uas=0&nvt=1&top=http%3A%2F%2Fodkud.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.qqcne9jwox4w&fsb=1&dtd=319
Frame ID: A24D87BA27083AD1FCC1251365C468B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05912C789FD21DA2F67DA846E1F927D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2715B401B3FEB4804E50B7512E792DFF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7B86D373D67F1F55DC372C8B2A1B92F5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7E78FC1BAA358709B37F5346AE70BD7E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1F91651EACB8732B903EA8C2A35493FE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Frame ID: 53278FC5A4DFF4C479AF705B46918C1F
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 28CD87E71E83B2F67662B0E5A59B9384
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E3A2192A922DB66A123D215FF6935912
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74B55BE02B4A00C99953EA3CBD038B4C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 5E6FF5A071C26DD8A669AC52DCEBD37E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 058ACF1DEA0960943A9F64F8393DB8F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 134F2282F791AE8A7346082F8104E196
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 44CAFBAE6C06C1B89CF5FEA71C367A1C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: 8D81BA4E99CC4D3DCC1BA871B1617656
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js
Frame ID: B60C634B2717E0243B02119A01A8159A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 21863D5554C21511BCFD1A82F2CE33FE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39F8F9F12664F8DB1F14603DD63B3926
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Odkud

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

190
Requests

89 %
HTTPS

55 %
IPv6

25
Domains

32
Subdomains

23
IPs

3
Countries

2100 kB
Transfer

5589 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://speed.odkud.com/
Title: Speedtest

Search URL Search Domain Scan URL

URL: http://password.odkud.com/
Title: Password

Search URL Search Domain Scan URL

URL: http://download.odkud.com/
Title: Download

Search URL Search Domain Scan URL

URL: http://howto.odkud.com/
Title: HowTo

Search URL Search Domain Scan URL

URL: http://www.toplist.cz/stat/613433
Title: <img src="http://toplist.cz/dot.asp?id=613433" border="0" alt="TOPlist" width="1" height="1" />

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://toplist.cz/dot.asp?id=613433&http=&t=Odkud HTTP 307
https://toplist.cz/dot.asp?id=613433&http=&t=Odkud

Request Chain 6

http://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500 HTTP 301
https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500

Request Chain 152

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEa800P52mmOunSUXp4mI3s&google_cver=1&google_push=Aer7DvKgME_bxWJuH3cbyl3gDH1cz7pdMEXdJ6UmJm3pqojR6TqhEYpfw3cRG1xQsSH0ArKV30sM0yYkgqZXSYmTakAfQ-S9Awkpa7k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKgME_bxWJuH3cbyl3gDH1cz7pdMEXdJ6UmJm3pqojR6TqhEYpfw3cRG1xQsSH0ArKV30sM0yYkgqZXSYmTakAfQ-S9Awkpa7k

Request Chain 153

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED4Qg4exQaVERDakZaNRTcI&google_cver=1&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgMb2lw9MuOdAhJF5kpzq_-1knc0 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED4Qg4exQaVERDakZaNRTcI&google_cver=1&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgMb2lw9MuOdAhJF5kpzq_-1knc0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MTA3MTIxOTM0OTQwMTY3Ng&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgMb2lw9MuOdAhJF5kpzq_-1knc0

Request Chain 155

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJZtSIY_TOsug9Zi3OC8d0k&google_cver=1&google_push=Aer7DvJgK71XZnzcBWQPtgN9ZYU0VessQvLxlEEiR6aFo_nX0RhER-vVnegMOHJiEPpV82lNc9m-z_7094tOeUDT_CrcL8wVBZ-2P54 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJZtSIY_TOsug9Zi3OC8d0k&google_cver=1&google_push=Aer7DvJgK71XZnzcBWQPtgN9ZYU0VessQvLxlEEiR6aFo_nX0RhER-vVnegMOHJiEPpV82lNc9m-z_7094tOeUDT_CrcL8wVBZ-2P54&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJgK71XZnzcBWQPtgN9ZYU0VessQvLxlEEiR6aFo_nX0RhER-vVnegMOHJiEPpV82lNc9m-z_7094tOeUDT_CrcL8wVBZ-2P54

Request Chain 156

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_cver=1&google_push=Aer7DvJuCV2XUNsYqVXp63oLf8GTyRjLzk8Rv-CF9oxOjmb-F_aCQ6K_4q09Sz4qCkEyPxFqhP9mOPVM70Q-JUf5CCdoAEX9JJdGo4g HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_push=Aer7DvJuCV2XUNsYqVXp63oLf8GTyRjLzk8Rv-CF9oxOjmb-F_aCQ6K_4q09Sz4qCkEyPxFqhP9mOPVM70Q-JUf5CCdoAEX9JJdGo4g&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvJuCV2XUNsYqVXp63oLf8GTyRjLzk8Rv-CF9oxOjmb-F_aCQ6K_4q09Sz4qCkEyPxFqhP9mOPVM70Q-JUf5CCdoAEX9JJdGo4g

Request Chain 162

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEa800P52mmOunSUXp4mI3s&google_cver=1&google_push=Aer7DvLoSJA0jp-2B2Tq8M0iEuU4V5q1YIJw3n0_dLvNhmB6u4VtbVq4_ueOUdC-EiqEblmw02i_FiBqusLXdHVOdq6dASnKQ9BuWw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLoSJA0jp-2B2Tq8M0iEuU4V5q1YIJw3n0_dLvNhmB6u4VtbVq4_ueOUdC-EiqEblmw02i_FiBqusLXdHVOdq6dASnKQ9BuWw

Request Chain 163

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 166

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJZtSIY_TOsug9Zi3OC8d0k&google_cver=1&google_push=Aer7DvIRnLbd0D97GwZDerIXbGRSEnPix9QTG-WEYZl-7ZfXt8_0pSYpDpq4Fns3T7VF8L5alFBdRebt1qiq8b8aYmK2zTGSRTEpYA HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJZtSIY_TOsug9Zi3OC8d0k&google_cver=1&google_push=Aer7DvIRnLbd0D97GwZDerIXbGRSEnPix9QTG-WEYZl-7ZfXt8_0pSYpDpq4Fns3T7VF8L5alFBdRebt1qiq8b8aYmK2zTGSRTEpYA&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SU6Eu16bSFaSaWYFG3KV7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIRnLbd0D97GwZDerIXbGRSEnPix9QTG-WEYZl-7ZfXt8_0pSYpDpq4Fns3T7VF8L5alFBdRebt1qiq8b8aYmK2zTGSRTEpYA

Request Chain 167

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_cver=1&google_push=Aer7DvIGtwdnfGRfanCtH9yCBz7Mjcv0YctvYHM4iAhuUPEzxMc9HfKIxjL93njd3kUlCqe49R0r-EcIcthdsBmMX-f90LNSyMJFww HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_push=Aer7DvIGtwdnfGRfanCtH9yCBz7Mjcv0YctvYHM4iAhuUPEzxMc9HfKIxjL93njd3kUlCqe49R0r-EcIcthdsBmMX-f90LNSyMJFww&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvIGtwdnfGRfanCtH9yCBz7Mjcv0YctvYHM4iAhuUPEzxMc9HfKIxjL93njd3kUlCqe49R0r-EcIcthdsBmMX-f90LNSyMJFww

Request Chain 168

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEP_YoqfZ6g6tuyJy1WKLmLI&google_cver=1&google_push=Aer7DvJvmoyBTI7IRXxAydCdLrp1ITyQl4C2aZM6__9-I_ChDpo6vgeAr9n3WJ3gPdw5F_Xyij4I2ScJbSUcE8hkf9ZkBbyHdGKa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJvmoyBTI7IRXxAydCdLrp1ITyQl4C2aZM6__9-I_ChDpo6vgeAr9n3WJ3gPdw5F_Xyij4I2ScJbSUcE8hkf9ZkBbyHdGKa

Request Chain 176

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOqAxTVoF86v22YrrTrpHjY&google_cver=1&google_push=Aer7DvKwL53z-xmL6tsbDl_GctHD0IhMnTlJszP3T21lntON2ZFxY4Jh2cJ8Utti2a8FCHsrel2pO7BYmJJs6no16D8z4DSGclbimA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ5MTYxNjcxNDAyMjYxNzMyOA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOqAxTVoF86v22YrrTrpHjY&google_cver=1

Request Chain 178

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEInvqRy6p0taucwSdyTA9IM&google_cver=1&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEInvqRy6p0taucwSdyTA9IM&google_cver=1&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4&google_hm=y8T1sQqsQk-x9MeD3ccbhQ==

Request Chain 179

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMArJrwICJJ3PbsJr6I_v2w&google_cver=1&google_push=Aer7DvKkMV4lIIgewbwrMSrJfqQ58dnAkh1Zjs1SnHLUvYTTJ9QN93JBzD-7ApPmTR9cHoovEwLbsLErXrRI-OcVaGbtonE-5PI38Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKkMV4lIIgewbwrMSrJfqQ58dnAkh1Zjs1SnHLUvYTTJ9QN93JBzD-7ApPmTR9cHoovEwLbsLErXrRI-OcVaGbtonE-5PI38Q&google_hm=eS1nQnZleC5CRTJwR3g1VklFb21XaW1yZEFIZWttVEhuMH5B

Request Chain 181

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJZtSIY_TOsug9Zi3OC8d0k&google_cver=1&google_push=Aer7DvKJWIgLzdV6qzfbJAz-oWTsoYRDl1uxLsnBCgFca_C-qohqhgppeAyy-q5KvP-9sYatczrS45XZf8NLvICqlQgSroM5ASy3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKJWIgLzdV6qzfbJAz-oWTsoYRDl1uxLsnBCgFca_C-qohqhgppeAyy-q5KvP-9sYatczrS45XZf8NLvICqlQgSroM5ASy3

Request Chain 182

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_cver=1&google_push=Aer7DvKwLONm1kwNmOsk6CrlCFmJ0CugNwqLd-_fKcrVX1ixMlQJ5-PSrQWwlJ9YDdn3Rg6e6EJRgrcCxm4KH2ECDQRLIWzeiBWABQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvKwLONm1kwNmOsk6CrlCFmJ0CugNwqLd-_fKcrVX1ixMlQJ5-PSrQWwlJ9YDdn3Rg6e6EJRgrcCxm4KH2ECDQRLIWzeiBWABQ

Request Chain 185

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

190 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
odkud.com/ 3 KB
2 KB 353ms
112ms Document
text/html 46.28.105.136
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL: http://odkud.com/
Protocol: HTTP/1.1
Server: 46.28.105.136 Hluboka nad Vltavou, Czech Republic, ASN197019 (WEDOS, CZ),
Reverse DNS: hc1-wd274.wedos.net
Software: Apache /
Resource Hash: 1286e51949deb5e4fa86a0d6a1c196ccd9cb6e478efe19393365a159d93bd1ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=300
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 1331
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Apr 2023 10:09:03 GMT
Expires: Fri, 14 Apr 2023 10:14:03 GMT
Keep-Alive: timeout=2, max=500
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

GET
H/1.1 200
OK menu.css
odkud.com/ 3 KB
1 KB 16ms
15ms Stylesheet
text/css 46.28.105.136
WEDOS

General

Check archive.org

Show headers Download Go to

Full URL: http://odkud.com/menu.css
Requested by: Host: odkud.com
URL: http://odkud.com/
Protocol: HTTP/1.1
Server: 46.28.105.136 Hluboka nad Vltavou, Czech Republic, ASN197019 (WEDOS, CZ),
Reverse DNS: hc1-wd274.wedos.net
Software: Apache /
Resource Hash: 5f6b53db6d833eac995341805e1d09b9511dff500d014d553835a95628d96a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2015 13:43:50 GMT
Server: Apache
ETag: "b7d-52005b8bef180-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=259200
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 985
Expires: Mon, 17 Apr 2023 10:09:03 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
50 KB 71ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3ae73989e439a77cf3bc2609d36f84c89453990022417f15c2d2126959f2e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50885
X-XSS-Protection: 0
Server: cafe
ETag: 5554694166196328230
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 14 Apr 2023 10:09:03 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 93 KB
35 KB 59ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3166db1356dd37ff796c1cdddde94b3992992fce33424c3d635b345dbc10021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14267702117436817550
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 35000
X-XSS-Protection: 0
Expires: Fri, 14 Apr 2023 10:09:03 GMT

GET
H/1.1 200
OK img1.gif
odkud.com/images/ 887 B
1 KB 16ms
16ms Image
image/gif 46.28.105.136
WEDOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://odkud.com/images/img1.gif
Requested by: Host: odkud.com
URL: http://odkud.com/menu.css
Protocol: HTTP/1.1
Server: 46.28.105.136 Hluboka nad Vltavou, Czech Republic, ASN197019 (WEDOS, CZ),
Reverse DNS: hc1-wd274.wedos.net
Software: Apache /
Resource Hash: 06bf100229d3c19f4c9137eec366c26e4957572d37a62e2a4c81ce16f6e9f397

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/menu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:03 GMT
Last-Modified: Fri, 18 Sep 2015 13:43:41 GMT
Server: Apache
ETag: "377-52005b8359d40"
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 887
Expires: Fri, 21 Apr 2023 10:09:03 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/ 345 KB
116 KB 109ms
79ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1808938608369092&plah=odkud.com&bust=31073807

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ee392ecb6ca6554087d80cfe4e0210a871ed7843233a6b7c9ff33f43417df32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118234
x-xss-protection: 0
server: cafe
etag: 18435859453379128325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:03 GMT

GET
H2

200

dot.asp
toplist.cz/
Redirect Chain

http://toplist.cz/dot.asp?id=613433&http=&t=Odkud
https://toplist.cz/dot.asp?id=613433&http=&t=Odkud

42 B
414 B

78ms
23ms

Image
image/gif

88.86.101.2
SUPERNETWORK ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://toplist.cz/dot.asp?id=613433&http=&t=Odkud

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

88.86.101.2 Prague, Czech Republic, ASN39392 (SUPERNETWORK ^_^, CZ),

Reverse DNS

www2.toplist.cz

Software

Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9
p3p: CP="NON DSP ADM DEV PSD CUSo OUR IND STP PRE NAV UNI"
x-w: 4
content-type: image/gif; charset=utf-8
cache-control: private,no-cache,no-store,must-revalidate,max-age=0
expires: Thu, 02 Dec 2004 16:00:00 GMT

Redirect headers

Location: https://toplist.cz/dot.asp?id=613433&http=&t=Odkud
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

/ Show response
geo.myip.ms/ Frame F4A9
Redirect Chain

http://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500

3 KB
2 KB

159ms
53ms

Document
text/html

2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Requested by: Host: odkud.com
URL: http://odkud.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 33c7346fe75b0d5bce0369e2fb8b8aad54fea85532b30907836327754cabba22

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1413
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Apr 2023 10:09:04 GMT
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 14 Apr 2023 10:09:03 GMT
Location: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Server: nginx

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/ Frame C817 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 05:26:10 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 05:26:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 400 cookie.js
partner.googleadservices.com/gampad/ 0
0 63ms
13ms Script
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.googleadservices.com/gampad/cookie.js?domain=odkud.com&callback=_gfp_s_
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1808938608369092&plah=odkud.com&bust=31073807
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 63ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=odkud.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1808938608369092&plah=odkud.com&bust=31073807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 61ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=odkud.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C74 0
149 B 35ms
33ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1141051534&adf=4121372370&lmt=1681466944&format=0x0&url=http%3A%2F%2Fodkud.com%2F&ea=0&wgl=1&dt=1681466943744&bpp=14&bdt=74&idt=280&shv=r20230412&mjsv=m202304120101&ptt=5&saldr=sa&abxe=1&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1365&ady=487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cr%7C&abl=CS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=304

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK de.png
geo.myip.ms/images/devices/24/flags/alt/ Frame F4A9 525 B
851 B 27ms
26ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geo.myip.ms/images/devices/24/flags/alt/de.png
Requested by: Host: geo.myip.ms
URL: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 5c49380cd5c655f2828362f2df4fe05304b5822462c839b270e407697ca6a6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Wed, 16 Dec 2015 14:00:00 GMT
Server: nginx
ETag: "56716e60-20d"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 525
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK chrome.png
geo.myip.ms/images/devices/24/browsers/ Frame F4A9 2 KB
2 KB 56ms
28ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geo.myip.ms/images/devices/24/browsers/chrome.png
Requested by: Host: geo.myip.ms
URL: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2b965b23576141bc0dd6a9a39d64491c692a61ed58e290e862203d1f3cfd330e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Wed, 16 Dec 2015 14:00:00 GMT
Server: nginx
ETag: "56716e60-619"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1561
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK win-6.png
geo.myip.ms/images/devices/24/os/ Frame F4A9 1018 B
1 KB 71ms
27ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://geo.myip.ms/images/devices/24/os/win-6.png
Requested by: Host: geo.myip.ms
URL: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 79229c91381152c205e6553d9faf5c23ccad26669bfd38bdeb2acbba0e2b4d1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Wed, 16 Dec 2015 14:00:00 GMT
Server: nginx
ETag: "56716e60-3fa"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1018
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46A7 102 KB
34 KB 1658ms
1652ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1808938608369092&output=html&h=240&slotname=5852232746&adk=238356412&adf=3103862580&pi=t.ma~as.5852232746&w=120&lmt=1681466944&format=120x240&url=http%3A%2F%2Fodkud.com%2F&wgl=1&dt=1681466943771&bpp=3&bdt=100&idt=295&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1477&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=m202304120201&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mc2ALbUje7&p=http%3A//odkud.com&dtd=305

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9256fa59d148ffc342e3d13f476e8458803723523a9fd75aa71e235dafb76d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34397
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:05 GMT
expires: Fri, 14 Apr 2023 10:09:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F4A9 49 KB
20 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: geo.myip.ms
URL: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://geo.myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 10:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 235
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 14 Apr 2023 12:05:09 GMT

GET
H/1.1 200
OK d Show response
myip.ms/ Frame 5F36 40 KB
9 KB 182ms
105ms Document
text/html 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/d
Requested by: Host: geo.myip.ms
URL: https://geo.myip.ms/?colorBG=000000&colorBorder=BB0000&colorText=999999&colorLink=EEEEEE&width=500
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bd62e6d21226a1c14f7165b29979adb5c9b45865547832d4ab6b36765004477e

Request headers

Referer: https://geo.myip.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 9013
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Apr 2023 10:09:04 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PleskLin

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5744 531 KB
92 KB 1222ms
1221ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1808938608369092&output=html&adk=1812271804&adf=3025194257&lmt=1681466944&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fodkud.com%2F&ea=0&pra=7&wgl=1&dt=1681466943793&bpp=3&bdt=122&idt=289&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x240&nras=1&correlator=550059641701&frm=20&pv=1&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=m202304120201&fu=33792&bc=23&ifi=3&uci=a!3&fsb=1&dtd=310

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b74d2fd782aca0e904f017edcd2f4392b2b346fbcc7eec82c2754a8d9da27157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 93970
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:05 GMT
expires: Fri, 14 Apr 2023 10:09:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK bootstrap.min.css
myip.ms/css/ Frame 5F36 120 KB
18 KB 33ms
33ms Stylesheet
text/css 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/css/bootstrap.min.css
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Tue, 22 Dec 2015 12:00:00 GMT
Server: nginx
ETag: W/"56793b40-1deac"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK ui.css
myip.ms/css/red/ Frame 5F36 29 KB
7 KB 69ms
31ms Stylesheet
text/css 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/css/red/ui.css
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8ecea7dfc842266636188a53b3e94c1a1092d653d24cc221bd637c35c33a9c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Nov 2020 21:52:37 GMT
Server: nginx
ETag: W/"5fab0ba5-758e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK easydesign_red.css
myip.ms/css/ Frame 5F36 42 KB
9 KB 90ms
27ms Stylesheet
text/css 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/css/easydesign_red.css
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: aaed132b7232ed3084f94ba1eee7ac3ceb23990d6946ca6b4790199693f7c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Nov 2020 21:52:37 GMT
Server: nginx
ETag: W/"5fab0ba5-a87e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK jquery.min.js Show response
myip.ms/js/ Frame 5F36 94 KB
32 KB 112ms
40ms Script
application/javascript 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/js/jquery.min.js
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Thu, 18 Feb 2016 16:11:05 GMT
Server: nginx
ETag: W/"56c5ed19-176d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
myip.ms/js/ Frame 5F36 235 KB
58 KB 127ms
36ms Script
application/javascript 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/js/jquery-ui.min.js
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: b808bb431c90a624fe5516ffe635cb04efbc5b23e293ab0876f903eccc94ef24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Thu, 18 Feb 2016 16:11:05 GMT
Server: nginx
ETag: W/"56c5ed19-3ab26"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
myip.ms/js/ Frame 5F36 36 KB
9 KB 151ms
37ms Script
application/javascript 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/js/bootstrap.min.js
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Thu, 18 Feb 2016 16:09:38 GMT
Server: nginx
ETag: W/"56c5ecc2-8fd0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK lan.en.js Show response
myip.ms/js/ Frame 5F36 5 KB
2 KB 195ms
41ms Script
application/javascript 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/js/lan.en.js
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 29dffcd6d04c11937d65829029b426f7656ba48bb10842399894f0b9318e144f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Wed, 25 Jan 2023 14:27:03 GMT
Server: nginx
ETag: W/"63d13c37-123a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK easydesign_common.js Show response
myip.ms/js/ Frame 5F36 145 KB
56 KB 229ms
75ms Script
application/javascript 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://myip.ms/js/easydesign_common.js
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 287e32a2091a3d9f440fc2d01f6e3f74ed536e0564669830854445b63209dcad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Nov 2020 21:52:26 GMT
Server: nginx
ETag: W/"5fab0b9a-24529"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800, public
Connection: keep-alive
Expires: Fri, 21 Apr 2023 10:09:04 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame 5F36 944 B
927 B 84ms
48ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&onload=recaptchaCallback

Requested by

Host: myip.ms
URL: https://myip.ms/d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4afc3a590036179e04e6d184ac438507da45350583c9bd32b0f0071e343f2a92

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 607
x-xss-protection: 1; mode=block
expires: Fri, 14 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK myip.png
myip.ms/images/ Frame 5F36 7 KB
7 KB 26ms
25ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/myip.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f5dbc8a4b9257a4211ce7fb212f2e9bf2a03d8cfec618aa6cb49e0eb50bc474f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:06 GMT
Server: nginx
ETag: "564e8b4e-1b9b"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7067
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK ipv6_support3.png
myip.ms/images/ Frame 5F36 6 KB
7 KB 25ms
25ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/ipv6_support3.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2ded198bf369f1919d4082170075a888ef643f2a64c51baf9f13ff033fff8e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:04 GMT
Server: nginx
ETag: "564e8b4c-190f"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6415
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK loading2.gif
myip.ms/images/ Frame 5F36 9 KB
9 KB 27ms
27ms Image
image/gif 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/loading2.gif
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2a6c8e86a79ca62466372a595a79711995b857fd1ee5847dc5b83e58558dcd4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:05 GMT
Server: nginx
ETag: "564e8b4d-2294"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8852
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK excel.png
myip.ms/images/ Frame 5F36 1 KB
1 KB 27ms
26ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/excel.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 593a01985714b4b3c9c3537ac57f8cd81654a5375cd69753b481ea848b9d2a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:02 GMT
Server: nginx
ETag: "564e8b4a-42d"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1069
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK text.png
myip.ms/images/ Frame 5F36 902 B
1 KB 28ms
27ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/text.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 65143d8384e359177d69d222e105f86ec89831fb263ea36876b1ab7e789d16d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:11 GMT
Server: nginx
ETag: "564e8b53-386"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 902
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK chromeshop.png
myip.ms/images/ Frame 5F36 2 KB
2 KB 32ms
32ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/chromeshop.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 58979d0f1baa471210625401b791126048a60d3b689eb70ef4bf68c0ffa3b25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:53:57 GMT
Server: nginx
ETag: "564e8b45-899"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2201
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK robots.png
myip.ms/images/ Frame 5F36 9 KB
10 KB 25ms
25ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/robots.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: c9df8df6837396a027457387d34fe59a498a29271fab1b2545caecfe7d317cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Tue, 15 Jan 2019 21:00:02 GMT
Server: nginx
ETag: "5c3e49d2-25b8"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9656
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5F36 138 KB
47 KB 86ms
81ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: myip.ms
URL: https://myip.ms/d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c465ada8e502af773faa2641d95f119155de9527a900c474766de5f3548bb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47975
x-xss-protection: 0
server: cafe
etag: 16089779634429728460
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:04 GMT

GET
H/1.1 200
OK line4.png
myip.ms/images/ Frame 5F36 194 B
519 B 33ms
31ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/line4.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7c6a42302f7a70f678fd4774c45145125f4449a4173a8ce169d7cb198fcd6af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:05 GMT
Server: nginx
ETag: "564e8b4d-c2"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 194
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK gourlspelling.png
myip.ms/lib/gourlspelling/ Frame 5F36 3 KB
3 KB 34ms
31ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/lib/gourlspelling/gourlspelling.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fc805039dfb668cb4cd52a4952bce5dc38492c3bdea7aa1b2e498c01e83b565e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Sat, 14 Mar 2015 17:00:00 GMT
Server: nginx
ETag: "55046910-bbc"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3004
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK google_today.png
myip.ms/images/demo/ Frame 5F36 3 KB
3 KB 36ms
33ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/demo/google_today.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 245f716de1267a5efba19177e1aa2f0735cfd1762a269b54af0f2fc4f7cb45e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:16 GMT
Server: nginx
ETag: "564e8b58-aca"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2762
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK yahoo_today.png
myip.ms/images/demo/ Frame 5F36 2 KB
3 KB 34ms
31ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/demo/yahoo_today.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: d38cd7815b1ee1be1c569b9ad959ec576d82ab9c06ade62b909ea92a8ad3ce34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:16 GMT
Server: nginx
ETag: "564e8b58-9da"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2522
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bing_today.png
myip.ms/images/demo/ Frame 5F36 3 KB
3 KB 80ms
29ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/demo/bing_today.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 442b02a90d8b3fb9fff3a872dcb023519b9d8ad54d12f2ff5f0da75d597af720

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:16 GMT
Server: nginx
ETag: "564e8b58-ac1"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2753
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK facebook_today.png
myip.ms/images/demo/ Frame 5F36 3 KB
3 KB 35ms
31ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/demo/facebook_today.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0b6bb04fbfed3b1065e6072a9e99a424bac8c8e7cad9c816a979557755034940

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:16 GMT
Server: nginx
ETag: "564e8b58-abc"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2748
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 5F36 409 KB
165 KB 63ms
10ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&onload=recaptchaCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myip.ms/
Origin: https://myip.ms
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 09:36:56 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5F36 49 KB
20 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: myip.ms
URL: https://myip.ms/d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Apr 2023 10:05:09 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 235
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 14 Apr 2023 12:05:09 GMT

GET
H/1.1 200
OK bg.png
myip.ms/images/ Frame 5F36 144 B
469 B 36ms
26ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/bg.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6fe4d3b2c9ac9cfb54928fbe876f11b781a8115a3a8674f55309233e14e0d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:53:55 GMT
Server: nginx
ETag: "564e8b43-90"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bg_dots.png
myip.ms/images/ Frame 5F36 216 B
541 B 36ms
32ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/bg_dots.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7397ca49d2daf09290bcec6808451105533fd009ad56ec9b3792f6c95e603212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:53:55 GMT
Server: nginx
ETag: "564e8b43-d8"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 216
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bg_blue.png
myip.ms/images/menu/ Frame 5F36 3 KB
3 KB 35ms
30ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/bg_blue.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 8706076aad64ac711879eaf65a8b1e5c8d7ea8f992b0c9404f6f1c47146a957f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-bc2"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3010
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK arrow.png
myip.ms/images/menu/ Frame 5F36 231 B
556 B 35ms
31ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/arrow.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4ce3e14300ad4e850f913eb21d90b806c274799d18bb151ed4ee00c9cde0396b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-e7"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bg_sub_left.png
myip.ms/images/menu/ Frame 5F36 369 B
695 B 31ms
29ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/bg_sub_left.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: afaf8fd59951b664dfc94508437558756a366be9e5ed34d5c76a255a1e464ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-171"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 369
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bg_sub.png
myip.ms/images/menu/ Frame 5F36 2 KB
3 KB 57ms
55ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/bg_sub.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2b4cbaf14109500c2917a368234e5dd721775a31a8c80266f5e01769944142cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-8bd"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2237
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK hostingtop.png
myip.ms/images/menu/ Frame 5F36 8 KB
8 KB 56ms
54ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/hostingtop.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: bc07fe31befbf5e59c5234c6d31147500997b5260a3c8bdb3f58fae5a8940de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:37 GMT
Server: nginx
ETag: "564e8b6d-1f98"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8088
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bg_hdr.png
myip.ms/images/menu/ Frame 5F36 205 B
530 B 58ms
56ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/bg_hdr.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e5c24b0e8f92a4c8c945503f6464db1a10726253711d64712f8cce18b919c348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-cd"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 205
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK bullet.png
myip.ms/images/menu/ Frame 5F36 121 B
446 B 57ms
55ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/bullet.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e8a2c35f437043eb2aecb17dbf4766d106127e00638dfd380832fd0fc6bfd350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-79"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK excelreports.png
myip.ms/images/menu/ Frame 5F36 9 KB
9 KB 85ms
84ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/excelreports.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: db1ce5917797aa9d311b9e9088700dae9d477e6c6fa27e4d071e83c40f7244e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:37 GMT
Server: nginx
ETag: "564e8b6d-230e"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8974
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK botvisit.png
myip.ms/images/menu/ Frame 5F36 7 KB
7 KB 57ms
55ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/botvisit.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: ee4e7d89eeeb17ee6150aa81116b7eed43d9c362a5dbcbe0a1dbe49810cbe0cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-1bbb"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7099
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK infobox.png
myip.ms/images/menu/ Frame 5F36 9 KB
10 KB 55ms
44ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/infobox.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 86e4fd2cd5b6a0663e79d7000476d828f4bdd322bf060037fce49b654c71d046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:37 GMT
Server: nginx
ETag: "564e8b6d-24e7"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9447
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK countrieslist.png
myip.ms/images/menu/ Frame 5F36 10 KB
11 KB 56ms
45ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/countrieslist.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 76bb2cc8f767f47e023d43261135eaf4e5710a5137ae282001cd736b9562c00a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:37 GMT
Server: nginx
ETag: "564e8b6d-28bb"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10427
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK citiesdb.png
myip.ms/images/menu/ Frame 5F36 6 KB
7 KB 56ms
46ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/citiesdb.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 6e0ba664269746ecc13b977160f73ea0d98f99cc56d6b0c0486082e5be239e16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:37 GMT
Server: nginx
ETag: "564e8b6d-1924"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6436
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK arrow_off.png
myip.ms/images/menu/ Frame 5F36 126 B
451 B 56ms
45ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/menu/arrow_off.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 596a77dd9a22101043b12bb7b13a43a3904382ad25ccc2484e457ba775ec9369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:36 GMT
Server: nginx
ETag: "564e8b6c-7e"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 126
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK flags.png
myip.ms/images/ Frame 5F36 78 KB
79 KB 79ms
77ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/flags.png
Requested by: Host: myip.ms
URL: https://myip.ms/css/easydesign_red.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 0b81a6c93e3d55fb7ac69789687314084695332e7f03dd91eedf3fb855b550ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/css/easydesign_red.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Mon, 30 Nov 2015 03:02:39 GMT
Server: nginx
ETag: "565bbc4f-1396f"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80239
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK loading.gif
myip.ms/images/ Frame 5F36 12 KB
12 KB 62ms
62ms Image
image/gif 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/loading.gif
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd2e0a1593906573a879dc74528698fcd9efb8185b3260ce745e82be650b6b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:05 GMT
Server: nginx
ETag: "564e8b4d-2e4d"
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11853
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK easydesign_logo_big_hover.png
myip.ms/images/ Frame 5F36 3 KB
4 KB 31ms
27ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/easydesign_logo_big_hover.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: eff28293a1db4a203121f9f313d576f5d05942c7a5c3b5c2a0137bacd603c7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:01 GMT
Server: nginx
ETag: "564e8b49-deb"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3563
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK easydesign_logo_hover.png
myip.ms/images/ Frame 5F36 1 KB
2 KB 33ms
29ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/easydesign_logo_hover.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 838d5e2145b377e3e860858924a126c889ecc5b44f35ef470cc7cd2ee3108251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:01 GMT
Server: nginx
ETag: "564e8b49-582"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1410
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK new2.png
myip.ms/images/ Frame 5F36 2 KB
3 KB 29ms
28ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/new2.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 1301aec5f6563c132c5e33bc56fd347101471e454984986209e6dbbffe85a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:06 GMT
Server: nginx
ETag: "564e8b4e-92c"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2348
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK tsorter_expand2.png
myip.ms/images/ Frame 5F36 264 B
590 B 30ms
28ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/images/tsorter_expand2.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: e3a55b97c277f33ab8827840558a5f18b3e7bc4a910d3cea4d451aa26b8eb6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Fri, 20 Nov 2015 02:54:12 GMT
Server: nginx
ETag: "564e8b54-108"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 264
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK nav_up.png
myip.ms/css/red/images/ Frame 5F36 2 KB
2 KB 33ms
28ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/css/red/images/nav_up.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 4fe34d5e9ee729e04c8d2643863975afabccaba2a78ca9a30b58ddb117398b77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Thu, 01 Aug 2013 02:00:00 GMT
Server: nginx
ETag: "51f9c120-6a6"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1702
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK nav_down.png
myip.ms/css/red/images/ Frame 5F36 2 KB
2 KB 35ms
29ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/css/red/images/nav_down.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: deb5954bd4e636820e052408dc07f4a620e92382dd37578f30b4de80ea4c2729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Thu, 01 Aug 2013 02:00:00 GMT
Server: nginx
ETag: "51f9c120-6af"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1711
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H/1.1 200
OK myip.png
myip.ms/css/red/images/ Frame 5F36 4 KB
4 KB 39ms
33ms Image
image/png 2001:41d0:303:d9d6:237a::1
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://myip.ms/css/red/images/myip.png
Requested by: Host: myip.ms
URL: https://myip.ms/d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:303:d9d6:237a::1 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 579628d08533f4448f98c025ab33e1462384b0dbb58625759a97424f5e415cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Date: Fri, 14 Apr 2023 10:09:04 GMT
Last-Modified: Thu, 01 Aug 2013 02:00:00 GMT
Server: nginx
ETag: "51f9c120-e5c"
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3676
Expires: Sun, 14 May 2023 10:09:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/ Frame 5F36 345 KB
116 KB 102ms
100ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3351510036035199&plah=myip.ms&bust=31073869

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b251f4cdcc25891c184e260b09b27c8417d8e748b894fed7dbeaea48805e7213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118221
x-xss-protection: 0
server: cafe
etag: 11116344899107929055
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:04 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 51AF 47 KB
26 KB 64ms
33ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&co=aHR0cHM6Ly9teWlwLm1zOjQ0Mw..&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=118k92wbgy3g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2be46cf7323af9bd50e060749c974657541ce77d417cf91f9507c94ed2f35112

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rg9AAsOPI0N7hhIg39riaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myip.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 25997
content-security-policy: script-src 'report-sample' 'nonce-rg9AAsOPI0N7hhIg39riaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 51AF 55 KB
24 KB 71ms
36ms Stylesheet
text/css 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&co=aHR0cHM6Ly9teWlwLm1zOjQ0Mw..&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=118k92wbgy3g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 16:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Apr 2024 16:09:29 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ Frame 51AF 409 KB
164 KB 67ms
34ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168106
x-xss-protection: 0
last-modified: Sun, 02 Apr 2023 18:01:18 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 13 Apr 2024 09:36:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5F36 107 B
165 B 34ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=myip.ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5F36 107 B
165 B 32ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=myip.ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A24D 430 B
229 B 158ms
152ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3351510036035199&output=html&h=250&slotname=8097149328&adk=2779407153&adf=2615419347&pi=t.ma~as.8097149328&w=250&format=250x250&url=https%3A%2F%2Fgeo.myip.ms%2F&ea=0&wgl=1&dt=1681466944808&bpp=5&bdt=537&idt=257&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&correlator=1264305041433&frm=8&ife=1&pv=2&ga_vid=374939901.1681466945&ga_sid=1681466945&ga_hid=321026029&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1&ish=1&ifk=1593391294&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759842%2C44759926%2C31073584%2C31073869&oid=2&pvsid=2922083344550384&tmod=1271910175&uas=0&nvt=1&top=http%3A%2F%2Fodkud.com&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.qqcne9jwox4w&fsb=1&dtd=319

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1675da185dd28478fc7c38500eef72cb945bde491683377ba470775a3db26ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myip.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:05 GMT
expires: Fri, 14 Apr 2023 10:09:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 51AF 2 KB
2 KB 11ms
8ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 576233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 14 Apr 2023 18:05:12 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 51AF 15 KB
16 KB 64ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:05 GMT
x-content-type-options: nosniff
age: 257880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 51AF 15 KB
15 KB 67ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 10:31:02 GMT
x-content-type-options: nosniff
age: 257883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Apr 2024 10:31:02 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 51AF 102 B
134 B 31ms
27ms Other
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=6MY32oPwFCn9SUKWt8czDsDw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

93df7036a797945783d64cc7cc90a3431ea14ad9e1886349addc7fb9d46296a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&co=aHR0cHM6Ly9teWlwLm1zOjQ0Mw..&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=118k92wbgy3g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5F36 14 KB
11 KB 96ms
58ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4873cdea789ee342bba03a85c61529dd965ee730cb5bd0f9b8c614e285f7c641

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11066
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/ 150 KB
51 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304120101/reactive_library_fy2021.js?bust=31073807

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c65c1bd00a7f29ca41e0ff2ee8a447b7eba99bd3ccf075b2ed2d8b5cbd18b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52151
x-xss-protection: 0
server: cafe
etag: 15708015127466243316
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5F36 17 KB
7 KB 58ms
26ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:09:05 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 51AF 32 KB
18 KB 60ms
59ms XHR
application/json 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9a79cf6d5f0fc4fbbe6778f83372f783f3b1f53105efdab2121b26df22c0fb72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeOVYoUAAAAAArQxOelOzAaeM9zUCMbUBXC-yIc&co=aHR0cHM6Ly9teWlwLm1zOjQ0Mw..&hl=de&v=6MY32oPwFCn9SUKWt8czDsDw&size=invisible&cb=118k92wbgy3g
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18628
x-xss-protection: 1; mode=block
expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0591 13 KB
5 KB 12ms
10ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://myip.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:06:15 GMT
expires: Sat, 13 Apr 2024 10:06:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2715 783 B
534 B 22ms
21ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fc780ba4c342822f97c773d611ea5b5572a0dceb3233f5b662adebc4d2308c8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sBu1nTgpUy-1hV5MLUbMPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://myip.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-sBu1nTgpUy-1hV5MLUbMPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:05 GMT
expires: Fri, 14 Apr 2023 10:09:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ Frame 46A7 8 KB
1 KB 52ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1808938608369092&output=html&h=240&slotname=5852232746&adk=238356412&adf=3103862580&pi=t.ma~as.5852232746&w=120&lmt=1681466944&format=120x240&url=http%3A%2F%2Fodkud.com%2F&wgl=1&dt=1681466943771&bpp=3&bdt=100&idt=295&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1477&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=m202304120201&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mc2ALbUje7&p=http%3A//odkud.com&dtd=305

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:17:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 46A7 2 KB
818 B 14ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 46A7 22 KB
9 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 46A7 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:56:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 46A7 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46A7 159 KB
49 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 46A7 33 KB
14 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 44ms
44ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=odkud.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 22ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=odkud.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 7B86 10 KB
4 KB 18ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 01:23:10 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 01:23:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 7E78 10 KB
4 KB 13ms
12ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 01:23:10 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 01:23:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 1F91 10 KB
4 KB 23ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 01:23:10 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 01:23:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/ Frame 5327 10 KB
4 KB 21ms
9ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 01:23:10 GMT
etag: 2378337311435320485
expires: Fri, 28 Apr 2023 01:23:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 46A7 0
0 56ms
51ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CULHDQCY5ZKHcCtHnn88PjIOH2AHJ19-vbaOjxpz6EKCHgOyQAhABIOeLjwxgleKQgqAHoAGHg7_3A8gBCagDAcgDywSqBOQBT9AlxHtKUYM3MmjpEYGAvGfxq_k0fbKGUlgzIq4-5t56k4nwdsriKXIojfhftDc91XH9ASYQJWUHcSDbn_Uugjqq_WkGV3SS74aR8OtpOqkkHwo-w7ytXx-P6disqzBEdtw-N6h8cJBBwqOlO-7Xj7v39UJxzaRLpAasrlE5dqMw3bI5cLYOTNTC3LH5yA7r9IVu5KFL6b_uo4hpwTlywKKGL0JslRRrENN4ClxKNrmUj_aAjOMtEyGK2EsbaTMhG8kvR1tZrW0DQCmmYs6JqcYkwQ9F_Q37kGYYz260Eod0-f9WwASl8sGllgSSBQQIBBgBkgUECAUYBKAGLoAH_ZrNmgOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDMiA_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0xODA4OTM4NjA4MzY5MDkyGAA&sigh=c7OiiCEtizg&uach_m=[UACH]&cid=CAQSGwBygQiDJPDufKRg_gMpi6wsauRUKwIxVAKs4BgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1808938608369092&output=html&h=240&slotname=5852232746&adk=238356412&adf=3103862580&pi=t.ma~as.5852232746&w=120&lmt=1681466944&format=120x240&url=http%3A%2F%2Fodkud.com%2F&wgl=1&dt=1681466943771&bpp=3&bdt=100&idt=295&shv=r20230412&mjsv=m202304120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1477&ady=219&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=m202304120201&fu=1024&bc=23&ifi=2&uci=a!2&fsb=1&xpc=mc2ALbUje7&p=http%3A//odkud.com&dtd=305
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Apr 2023 10:09:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13841927327346195174/ Frame 46A7 7 KB
7 KB 16ms
13ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13841927327346195174/14763004658117789537?w=195&h=102

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5792be960ec5e00331d1c0ea69833d63001c6d53cc44cfda789fad92dd8e3535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 22:12:34 GMT
x-content-type-options: nosniff
age: 129391
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7236
x-xss-protection: 0
last-modified: Sat, 12 Nov 2022 06:35:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 11 Apr 2024 22:12:34 GMT

GET
DATA 200
OK truncated
/ Frame 46A7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 46A7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 css2
fonts.googleapis.com/ Frame 7B86 4 KB
705 B 59ms
0ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:20:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7B86 205 B
229 B 37ms
30ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:09:25 GMT
x-content-type-options: nosniff
age: 7180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Apr 2024 08:09:25 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 7B86 604 B
628 B 39ms
32ms Image
image/png 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:45:21 GMT
x-content-type-options: nosniff
age: 1424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 13 Apr 2024 09:45:21 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/ Frame 7B86 19 KB
8 KB 41ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 20:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 20:01:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7E78 8 KB
989 B 51ms
0ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:31:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7E78 2 KB
765 B 47ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 7E78 22 KB
9 KB 61ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7E78 3 KB
1 KB 58ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:56:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 7E78 20 KB
8 KB 58ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7E78 0
0 71ms
24ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJAGx3IhwA8-uy7W0OmSA0X2LcOCfo-US0Tw7tX6JoDOIiQFJmE7SDscJsqblYEsShSoVpOmMO-OVj2Q62ZjNKdwxa3w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E78 159 KB
49 KB 115ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 7E78 33 KB
14 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1F91 8 KB
893 B 68ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:15:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 1F91 2 KB
765 B 52ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 1F91 22 KB
9 KB 72ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 1F91 3 KB
1 KB 49ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:56:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 1F91 20 KB
8 KB 72ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1F91 0
0 52ms
24ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRE5iZjJqMTCRrCczgrUg4fE5qc20SCGdyy2GMA3bVXGR3BX0OdCOmQ1d_5_zy1cxzVRKZzZlA8W280Udgrb-lfQpe0fQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F91 159 KB
49 KB 105ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 1F91 33 KB
14 KB 77ms
50ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5327 8 KB
893 B 43ms
26ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:14:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 5327 2 KB
765 B 42ms
27ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5327 0
0 81ms
67ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce9mQQCY5ZPOsDOeYn88P5ayBoA2tkaPab7rzmdOvEQoQASDni48MYJXikIKgB6AB7LPywAHIAQmoAwHIA8sEqgTsAU_QBOXYC5jij3mfDg696yeOTrR0f6ZnEyaJbkw4FJ_jvJ-b5BZDx0x3xUj5wi9PMXU3ZlA9djQgmcQtK-jsIqKHLNXVYlB9UWO2AYSac_bzdWcKcKuwaN07zOx51gCA0tyklICgISGdKhcVV9yc02lECVQDy-E8wuzUGyISV_sYi5AkdzkNN_kX3EKFp_ZWrEeTO0zkjIykxRQN4_9xw-Ahx11kLHnynk4vQzZoDjkj15IfWnva6d9NwY8Xr1LaCOnuNaWW7DlzZgsV07_0_7teofaXb1EqIiDM8q7ZdeHOnCoAIFnXkY9wV3MKwASk7LWHqgSSBQQIBBgBkgUECAUYBKAGLoAH_MuNvwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD7ngbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xODA4OTM4NjA4MzY5MDkyGAA&sigh=qJpWJPPzRDc&uach_m=[UACH]&cid=CAQSKQBygQiDlKyI_f01Xp_BH4prLElv0DTCLT-KhvzT33JoggeZmjszfEKMGAE&template_id=5000

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Apr 2023 10:09:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 5327 22 KB
9 KB 45ms
33ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 5327 3 KB
1 KB 57ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:56:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 5327 20 KB
8 KB 52ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5327 0
0 55ms
43ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkR7JdLXmDDKo1ePppQ_A4U6dnlWjyaKb64mwNKx3a9vW0JRB1XmjUx9hxJVWVvJl5pLRTRv0Dx2_wuj2UJuElPajvKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5327 159 KB
49 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 5327 33 KB
14 KB 42ms
30ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/3882688590286189496/ Frame 5327 20 KB
20 KB 54ms
45ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3882688590286189496/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d407634b92acf323228361f0f5206d9212472a3bbe7f29908717616162172f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 01:56:00 GMT
x-content-type-options: nosniff
age: 288786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20307
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 13:00:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 01:56:00 GMT

GET
DATA 200
OK truncated
/ Frame 5327 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5327 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2715 0
0 72ms
50ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=2922083344550384&rc=05AMqPRJzN1IqWLD6YLPOhggGt-bcoj5foymov_mTU-afOucRWRFMlUFg1aW9thWST36RFMVGYlpDi2q8r1UGCtVN0vyUgr4g20-z-2aSkL5pqczuoLYc-SdqogUeAQ_ivzXW45xK-ep6teliKtcahm8F2svH-iZN_3nj23K5VLXay6KE3ptXi-bczGyplQE5LKxJx28lPljdcrQ
Requested by: Host: odkud.com
URL: http://odkud.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 46A7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd20d1d181849efc3d4f39197a129427af91e68db963752b4d39a3fca762bedd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0591 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:46:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 28CD 8 KB
894 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 08:16:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 28CD 2 KB
765 B 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/ Frame 28CD 22 KB
9 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 28CD 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 08:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Apr 2023 08:56:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/ Frame 28CD 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230412/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 19:25:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:27 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 28CD 0
0 19ms
17ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTU5Bdn5S3lajzwuPaq3z5POIVw7zNQJB0B58FV1zUqVszYFJul1Ngh4uo3zgdNATAAidQ2jO__YDd3mVhMDdL4Uc95Rg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28CD 159 KB
49 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49801
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681299295334834"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Apr 2023 10:09:06 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 28CD 33 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 05:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:47:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 11 Jul 2023 05:00:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E3A2 1 KB
643 B 52ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sat, 15 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 46A7 29 KB
29 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 21:54:53 GMT
x-content-type-options: nosniff
age: 303253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 21:54:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 74B5 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sat, 15 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5327 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 760be76fde3643436059bbbe4523629904553e77fa0e10655a2f552d2b821a94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E6F 36 KB
14 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:46:20 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E3A2 35 B
465 B 91ms
0ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDE3Z1LlIJnSjT-6Am38Ulc&google_cver=1&google_push=Aer7DvKpJ6aSPF8NX0SLDRiXPg34XJI1JXKYHBSNP0K0w2n1vYAM9pd6OqfPjHMIBvbbK-Cyx8iXxoStiNBK-IvqfobpP1KSmQQwQuU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame E3A2 0
104 B 391ms
24ms Image
text/plain 63.215.202.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK9RuhpxSnkQ6QakN7KVkGQ&google_cver=1&google_push=Aer7DvIImRs18-zcaQc0IyZomREIn6yT6fGrh6L5bSESHyREEZ0vV9wMR8B8UjwMtkrz8bkpEFx6-NndAAv1WAZE6ZEv7Dmf3TNPrpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E3A2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEa800P52mmOunSUXp4mI3s&google_cver=1&google_push=Aer7DvKgME_bxWJuH3cbyl3gDH1cz7pdMEXdJ6UmJm3pqojR6TqhEYpfw3cRG1xQsSH0ArKV30sM0yYkgqZXSYmT...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKgME_bxWJuH3cbyl3gDH1cz7pdMEXdJ6UmJm3pqojR6TqhEYpfw3cRG1xQsSH0ArKV30sM0yYkgqZXSYmTakAfQ-S9Awkpa7k

170 B
329 B

23ms
18ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKgME_bxWJuH3cbyl3gDH1cz7pdMEXdJ6UmJm3pqojR6TqhEYpfw3cRG1xQsSH0ArKV30sM0yYkgqZXSYmTakAfQ-S9Awkpa7k

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 Apr 2023 10:09:06 GMT
Server: MT3 796 58fb543 master zrh-pixel-x7 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvKgME_bxWJuH3cbyl3gDH1cz7pdMEXdJ6UmJm3pqojR6TqhEYpfw3cRG1xQsSH0ArKV30sM0yYkgqZXSYmTakAfQ-S9Awkpa7k
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3A2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESED4Qg4exQaVERDakZaNRTcI&google_cver=1&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgMb2...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESED4Qg4exQaVERDakZaNRTcI&google_cver=1&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MTA3MTIxOTM0OTQwMTY3Ng&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgM...

170 B
188 B

22ms
18ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MTA3MTIxOTM0OTQwMTY3Ng&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgMb2lw9MuOdAhJF5kpzq_-1knc0

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjU1MTA3MTIxOTM0OTQwMTY3Ng&google_push=Aer7DvLub2bLt9kfo0lVHVNco_9ytGznrxA-TVKxqPEf0_zF9SOlidRO1wOju_DJvFYypf4wmt4LgMb2lw9MuOdAhJF5kpzq_-1knc0
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame E3A2 43 B
135 B 76ms
23ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENWGxLTq2gRgbujGMxrndrA&google_cver=1&google_push=Aer7DvIIGyok3AjFZHm_sxsXcpXTqnMK_0kYlqt5EeeqP9Ib6PuZAzHSn4Wz_ulFwCqXaXxvwXc77X0jsszNJ9e6XPfCWW0fPqS4_OI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: brhf7p22oennf1okekhlfd9lsr9bsk7c

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3A2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
18ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJgK71XZnzcBWQPtgN9ZYU0VessQvLxlEEiR6aFo_nX0RhER-vVnegMOHJiEPpV82lNc9m-z_7094tOeUDT_CrcL8wVBZ-2P54

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJgK71XZnzcBWQPtgN9ZYU0VessQvLxlEEiR6aFo_nX0RhER-vVnegMOHJiEPpV82lNc9m-z_7094tOeUDT_CrcL8wVBZ-2P54
date: Fri, 14 Apr 2023 10:09:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E3A2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvJuCV2XUNsYqVXp63oLf8GTyRjLzk8Rv...

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvJuCV2XUNsYqVXp63oLf8GTyRjLzk8Rv-CF9oxOjmb-F_aCQ6K_4q09Sz4qCkEyPxFqhP9mOPVM70Q-JUf5CCdoAEX9JJdGo4g

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 10:09:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvJuCV2XUNsYqVXp63oLf8GTyRjLzk8Rv-CF9oxOjmb-F_aCQ6K_4q09Sz4qCkEyPxFqhP9mOPVM70Q-JUf5CCdoAEX9JJdGo4g
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E3A2 0
139 B 73ms
21ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lydmc-O9QRRFD8-6y3XsRba4PAV5V6_d6AdVnUbiH7QxSRqtc3ylTIiqL9rpZMg56PJ9pk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12763576885890017088/ Frame 7E78 16 KB
16 KB 71ms
66ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12763576885890017088/14763004658117789537?w=400&h=209

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d57b8ab9df4ed40d069b9b89585d4b002a55b2d9f974e6df09a58600c4f395d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16674
x-xss-protection: 0
last-modified: Sun, 09 Apr 2023 18:51:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 10:09:06 GMT

GET
DATA 200
OK truncated
/ Frame 7E78 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E78 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7E78 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d025f27c9fed3c4537c17a0ff807a4320857d7d7098f7c77cb290c9be6e15af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74B5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEEa800P52mmOunSUXp4mI3s&google_cver=1&google_push=Aer7DvLoSJA0jp-2B2Tq8M0iEuU4V5q1YIJw3n0_dLvNhmB6u4VtbVq4_ueOUdC-EiqEblmw02i_FiBqusLXdHVO...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLoSJA0jp-2B2Tq8M0iEuU4V5q1YIJw3n0_dLvNhmB6u4VtbVq4_ueOUdC-EiqEblmw02i_FiBqusLXdHVOdq6dASnKQ9BuWw

170 B
188 B

17ms
16ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLoSJA0jp-2B2Tq8M0iEuU4V5q1YIJw3n0_dLvNhmB6u4VtbVq4_ueOUdC-EiqEblmw02i_FiBqusLXdHVOdq6dASnKQ9BuWw

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 14 Apr 2023 10:09:06 GMT
Server: MT3 796 58fb543 master zrh-pixel-x3 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvLoSJA0jp-2B2Tq8M0iEuU4V5q1YIJw3n0_dLvNhmB6u4VtbVq4_ueOUdC-EiqEblmw02i_FiBqusLXdHVOdq6dASnKQ9BuWw
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 14 Apr 2023 10:09:05 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 74B5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5...

43 B
433 B

163ms
162ms

Image
image/gif

2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: odkud.com
URL: http://odkud.com/
Protocol: H2
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b7b26c22fb72bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 575
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIZCx3D6aqeSLq6W6b8TLT1gp4cPDKKRAgyhhjCVOKrxRYxFeVVryu1dF0JIveqgnQQUBNuHoK0Ctec6lNMKYyMzR_aSL5Q7w%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b7b26c05c6b2bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 74B5 70 B
265 B 128ms
35ms Image
image/gif 35.71.131.137

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEL7EjMl-Lly6eRuAPpImC08&google_cver=1&google_push=Aer7DvIAA4YBhYPnDYtdb_FJp7vVcOsCwSjKBi5YzUwqrSp5ukdwwKt-d-XTh3sMCNtlgaRNqbN_llXlAr2Q97rtbwVlixyZI5GgKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 dds
rtb.openx.net/sync/ Frame 74B5 43 B
350 B 26ms
22ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENWGxLTq2gRgbujGMxrndrA&google_cver=1&google_push=Aer7DvIwH9LRQlxiwY_lT_CzLBTggg3W2pUYZiwW_e2etwnoRRj2k5sjiNwzEilAnNHdVKPM2j5Ec-H-nF6STpIZ9BRh48pJlB3i
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: g8e9k8mhpa95b6t2efia5j3tioauitk1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74B5
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SU6Eu16bSFaSaWYFG3KV7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
19ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SU6Eu16bSFaSaWYFG3KV7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIRnLbd0D97GwZDerIXbGRSEnPix9QTG-WEYZl-7ZfXt8_0pSYpDpq4Fns3T7VF8L5alFBdRebt1qiq8b8aYmK2zTGSRTEpYA

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SU6Eu16bSFaSaWYFG3KV7w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvIRnLbd0D97GwZDerIXbGRSEnPix9QTG-WEYZl-7ZfXt8_0pSYpDpq4Fns3T7VF8L5alFBdRebt1qiq8b8aYmK2zTGSRTEpYA
date: Fri, 14 Apr 2023 10:09:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74B5
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvIGtwdnfGRfanCtH9yCBz7Mjcv0YctvY...

170 B
188 B

19ms
16ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvIGtwdnfGRfanCtH9yCBz7Mjcv0YctvYHM4iAhuUPEzxMc9HfKIxjL93njd3kUlCqe49R0r-EcIcthdsBmMX-f90LNSyMJFww

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 10:09:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvIGtwdnfGRfanCtH9yCBz7Mjcv0YctvYHM4iAhuUPEzxMc9HfKIxjL93njd3kUlCqe49R0r-EcIcthdsBmMX-f90LNSyMJFww
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 74B5
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEP_YoqfZ6g6tuyJy1WKLmLI&google_cver=1&google_push=Aer7DvJvmoyBTI7IRXxAydCdLrp1ITyQl4C2aZM6__9-I_ChDpo6vgeAr9n3WJ3gPdw5F_Xyij4I2ScJbSUc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJvmoyBTI7IRXxAydCdLrp1ITyQl4C2aZM6__9-I_ChDpo6vgeAr9n3WJ3gPdw5F_Xyij4I2ScJbSUcE8hkf9ZkBbyHdGKa

170 B
188 B

18ms
17ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJvmoyBTI7IRXxAydCdLrp1ITyQl4C2aZM6__9-I_ChDpo6vgeAr9n3WJ3gPdw5F_Xyij4I2ScJbSUcE8hkf9ZkBbyHdGKa

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvJvmoyBTI7IRXxAydCdLrp1ITyQl4C2aZM6__9-I_ChDpo6vgeAr9n3WJ3gPdw5F_Xyij4I2ScJbSUcE8hkf9ZkBbyHdGKa
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 74B5 0
49 B 25ms
21ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LK5xx5eCE4WJKogq9VMnRS7qJoTF-FV801b2MdfDYSn8zTb3-PwoX6nypZW1LawQgXXxWn

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 058A 36 KB
14 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:46:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 134F 143 B
166 B 29ms
10ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 09:56:40 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 44CA 1 KB
643 B 29ms
10ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 05:12:40 GMT
etag: 48472445140208031
expires: Sat, 15 Apr 2023 05:12:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D81 36 KB
14 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:46:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7E78 0
19 B 60ms
52ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeNJAQCY5ZPGsDOeYn88P5ayBoA20g5b9b8qMnMawEdnZHhABIOeLjwxgleKQgqAHoAHPrN_1KMgBCakCowF2XZQSXT6oAwHIA8sEqgT_AU_Qn8gJQvVJYy4er1ktebom-EGWkpdvkmfKFdFsbgC6V2R-2bdHfgqDGupl70SYUZ_5M35PHyUWbzw2RlSwv5FrIbhgFrjfkoZsMB1aPdiYQKhKaW3BS-2MjrbGwo8xTXQmGbgK8eupt_9ztdYddEXxHHDfBEIGN4nmD4DfCOjkg86T02pYKSJlA-wujU6mhr-bbbO_SuFDbOwhSLcimDJ9KaSCNWSJ98BXg10rlk4UBbeuyxwn5j2_0qA9317IU8x6vD9Gnsvfg-zPfx8OiRDGiXa8wPx4LIm6DSYERpPZWfMg1V1vvICbYsG_Bwn4zMd_R7tOMklywq36Jz7fQMAEscbhurEEkgUECAQYAZIFBAgFGASgBi6AB8_kr9UDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQu6kL0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAPQFQGAFwGyFxwKGggAEhRwdWItMTgwODkzODYwODM2OTA5MhgA&sigh=7vPbZZcJQLY&uach_m=[UACH]&cid=CAQSKQBygQiDlKyI_f01Xp_BH4prLElv0DTCLT-KhvzT33JoggeZmjszfEKMGAE&template_id=5000&vis=1

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Apr 2023 10:09:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame B60C 36 KB
14 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: odkud.com
URL: http://odkud.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:46:20 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 44CA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOqAxTVoF86v22YrrTrpHjY&google_cver=1&google_push=Aer7DvKwL53z-xmL6tsbDl_GctHD0IhMnTlJszP3T21lntON2ZFxY4Jh2cJ8Utti2a8FCHsrel2pO7BYmJJs6no16D8z4DSGclbimA
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ5MTYxNjcxNDAyMjYxNzMyOA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOqAxTVoF86v22YrrTrpHjY&google_cver=1

43 B
398 B

15ms
14ms

Image
image/gif

46.228.164.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOqAxTVoF86v22YrrTrpHjY&google_cver=1
Protocol: H2
Server: 46.228.164.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOqAxTVoF86v22YrrTrpHjY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i.match
a.tribalfusion.com/ Frame 44CA 43 B
395 B 185ms
184ms Image
image/gif 2606:4700::6812:19ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESEOc1aXCIBG0U78pi5MdgmE0&google_cver=1&google_push=Aer7DvJkF8tqC_RH7bW9wkbsGy6FY2Z_G7T4Z3zmNS1K4uVXixvtuVOHGHvbhhFOXUYhWb1kJKqbg3nloJcahdBZfcx4zAM9sGiCtA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvJkF8tqC_RH7bW9wkbsGy6FY2Z_G7T4Z3zmNS1K4uVXixvtuVOHGHvbhhFOXUYhWb1kJKqbg3nloJcahdBZfcx4zAM9sGiCtA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7b7b26c22fc02bee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44CA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEInvqRy6p0taucwSdyTA9IM&google_cver=1&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9d...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEInvqRy6p0taucwSdyTA9IM&google_cver=1&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtU...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4&google_hm=y8T1sQqsQk-x9MeD3ccbhQ==

170 B
188 B

19ms
19ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4&google_hm=y8T1sQqsQk-x9MeD3ccbhQ==

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4&google_hm=y8T1sQqsQk-x9MeD3ccbhQ==
date: Fri, 14 Apr 2023 10:09:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44CA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMArJrwICJJ3PbsJr6I_v2w&google_cver=1&google_push=Aer7DvKkMV4lIIgewbwrMSrJfqQ58dnAkh1Zjs1SnHLUvYTTJ9QN93JBzD-7ApPmTR9cHoovEwLbsLErXrRI-OcVaGbtonE...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKkMV4lIIgewbwrMSrJfqQ58dnAkh1Zjs1SnHLUvYTTJ9QN93JBzD-7ApPmTR9cHoovEwLbsLErXrRI-OcVaGbtonE-5PI38Q&google_hm=eS1nQnZleC5CRTJwR3g1...

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKkMV4lIIgewbwrMSrJfqQ58dnAkh1Zjs1SnHLUvYTTJ9QN93JBzD-7ApPmTR9cHoovEwLbsLErXrRI-OcVaGbtonE-5PI38Q&google_hm=eS1nQnZleC5CRTJwR3g1VklFb21XaW1yZEFIZWttVEhuMH5B

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 14 Apr 2023 10:09:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKkMV4lIIgewbwrMSrJfqQ58dnAkh1Zjs1SnHLUvYTTJ9QN93JBzD-7ApPmTR9cHoovEwLbsLErXrRI-OcVaGbtonE-5PI38Q&google_hm=eS1nQnZleC5CRTJwR3g1VklFb21XaW1yZEFIZWttVEhuMH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 44CA 43 B
135 B 32ms
30ms Image
image/gif 35.227.252.103

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENWGxLTq2gRgbujGMxrndrA&google_cver=1&google_push=Aer7DvKmyDqRV7Aop8YclfvNx68D4AKst_H4B5l3FxRcQ0lMxfqHczKRWQeutJMLKeS9oLK_KaMU7u561_IiermLxYcVuNE9Wj0O2Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bmbf7jcoh8kmdppvvqj4t3qnunn1ub7a

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44CA
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

26ms
24ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKJWIgLzdV6qzfbJAz-oWTsoYRDl1uxLsnBCgFca_C-qohqhgppeAyy-q5KvP-9sYatczrS45XZf8NLvICqlQgSroM5ASy3

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R8VuPJ_bSv2Li-FFtv5DXw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvKJWIgLzdV6qzfbJAz-oWTsoYRDl1uxLsnBCgFca_C-qohqhgppeAyy-q5KvP-9sYatczrS45XZf8NLvICqlQgSroM5ASy3
date: Fri, 14 Apr 2023 10:09:06 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 44CA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvKwLONm1kwNmOsk6CrlCFmJ0CugNwqLd...

170 B
188 B

22ms
20ms

Image
image/png

142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvKwLONm1kwNmOsk6CrlCFmJ0CugNwqLd-_fKcrVX1ixMlQJ5-PSrQWwlJ9YDdn3Rg6e6EJRgrcCxm4KH2ECDQRLIWzeiBWABQ

Protocol

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 14 Apr 2023 10:09:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFlMkvUTHIk5XLJV_ODSRuo&google_hm=ZDkmQuF2-D_Eajc2G5umngAAFKgAAAAB&google_nid=index&google_push=Aer7DvKwLONm1kwNmOsk6CrlCFmJ0CugNwqLd-_fKcrVX1ixMlQJ5-PSrQWwlJ9YDdn3Rg6e6EJRgrcCxm4KH2ECDQRLIWzeiBWABQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 44CA 0
12 B 41ms
40ms Image
text/html 142.250.181.226

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jvw-QgsuzHkglW6vMJH5TPOyycT5ePZOWwFC2f5mQC3ct87Z47hbvJGEyVFLm7lJodSb7E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 77ms
58ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230412&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f216b0f627146e9c42d6777886a385c6095f338151e5cbb9031fc70ff99629e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11246
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 134F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:07 GMT
expires: Fri, 14 Apr 2023 10:09:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:07 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 10:09:07 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0591 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sSb-sQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46A7 42 B
64 B 45ms
44ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxMKWXWtcEzmCkpllzX26J7x1KpgvSg413Na4sUdWeXOZodKKj_OjxBfA_86py9jJrG2uCGP70YZXAGVoALNOqs1PMi4Bbh_y5xPgr583lMLTlehQY5WQ6P98CTpx7MHKm-gqEwQ&sai=AMfl-YQw0teo9GJvp3d2bQH9MKAyesDmuA98y5luocI5nue0OQpgwgCTDWUWlBsUmEgl4DgA30XljU9o_54P&sig=Cg0ArKJSzOkTDxEC2fdaEAE&cid=CAQSGwBygQiDJPDufKRg_gMpi6wsauRUKwIxVAKs4BgB&id=lidar2&mcvt=1098&p=0,0,240,120&mtos=1098,1098,1098,1098,1098&tos=1098,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=238356412&rs=2&la=0&cr=0&vs=4&r=v&rst=1681466944078&rpt=2330&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2186 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:03:11 GMT
expires: Sat, 13 Apr 2024 10:03:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 39F8 783 B
535 B 18ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bec1025f029f35b4680356459838a4cdf7037b0a975ef1066df9810a2ef79565

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kO6KH7UsaQhxt7hE7Zob9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://odkud.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-kO6KH7UsaQhxt7hE7Zob9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Apr 2023 10:09:07 GMT
expires: Fri, 14 Apr 2023 10:09:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5327 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNtXy8dUcho_eSi5Ky9iYGNSra97XjySmaeS537YhuE6DNXsURrZDfXDCuYADlsL9yQ54HVdMrmg3R5t158L_8-6qQju4TX0dxc1zlHLl4AV0Ci6XbXwQdV47kvKGhYEfl5atfzA&sai=AMfl-YRH0WUwA1h1adubLlg55naeAFFCH5NysmwQ50Vd28O6D_7gHckgQJkpRyopk3GxEyCPWgwISNr5Ka9VbKB3OgOjyu__nB1pOTA&sig=Cg0ArKJSzON3oTXE02aWEAE&cid=CAQSKQBygQiDlKyI_f01Xp_BH4prLElv0DTCLT-KhvzT33JoggeZmjszfEKMGAE&id=lidar2&mcvt=1017&p=0,0,124,1005&mtos=392,1017,1017,1017,1017&tos=392,625,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1681466945823&rpt=751&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 39F8 0
0 44ms
43ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230412&jk=2303789462508340&rc=05AMqPRJzN1IqWLD6YLPOhggGt-bcoj5foymov_mTU-afOucRWRFMlUFg1aW9thWST36RFMVGYlpDi2q8r1UGCtVN0vyUgr4g20-z-2aSkL5pqczuoLYc-SdqogUeAQ_ivzXW45xK-ep6teliKtcahm8F2svH-iZN_3nj23K5VLXay6KE3ptXi-bczGyplQE5LKxJx28lPljdcrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 200 kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2186 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kBq9KUdG_fSJS_g22hG5IJOh94ldGEt94wg22nyNOr4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 19:46:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 138167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14442
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 19:46:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E78 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuP6Z-Do3Ky10h2nXCb1T_Fui2BNkTGYNok3A5srucDNrqSK10FlGk5fUHiaREjAEIPdZsJNKhGixtU1E03qI3Rwyx0ofQnOWLsQIFyE_vV86bCVyQWVDeQv1_M_btkiyOwIJcSxw&sai=AMfl-YQoMEaPzfoqz_sN2J4swikLEV-kpvYkPREqBeTGRianQ6Y5Q3D2NBr6C6gYExO7SPZWxXUwMX6ZcLrKU_U8hrLX3nVUIJ4BjUk&sig=Cg0ArKJSzOiLy3EuQclWEAE&cid=CAQSKQBygQiDlKyI_f01Xp_BH4prLElv0DTCLT-KhvzT33JoggeZmjszfEKMGAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230412&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1681466945816&rpt=703&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Apr 2023 10:09:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2186 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uL33_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 10:09:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5F36 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=2922083344550384&bg=!OjmlOW3NAAZA7GLoYOw7ADkAdvg8WrAwNN_sJSp3_c9p7eU3Ev62R_sj2ivomnS_V7zGV6heMEeXAuDG_zMX5JDq0RVaQRGiFTYCAAAEa1IAAAACaAEHCgAI2ffrccMQA6iZAxE4qom1J5txFiaOmd3LspdzKkSKVsd_-Sk1HoUGkc7DiLTD1fIKslQo9xTMm4MiRq-Qupk7CInaFX6rUKkS2_YjKT0Nj6eRAZ43D1J9u2l5RZVikD2R9gmP8rDPkbjobV7H4GLtRrsTNQEC9Qv3s7wZKnLbasly_Ap4miyAuoTNwZQmWf5heJ8nDfZmgGoRkDJSnnjHD3brMKVsnpGDB36HA4vCxMPErCHRoZPCENVW6RjfBednzeszM3-Rmk0kgl2XbSxz1OMsu-6l0Q27LQv7xc3WrpGM2YCCF_LroqNTkJ-EIYfPZL-AeMyKtyqdmh0zXM3L9kwPa--cKKBboVv5HmrEJf3m8piMokT6LTPUgea3tjbOyZmWLzzIPmpmMVJLClbR82EbfazuQxsmWTlnp1rjBDib9nk3uU2LhxoYSpMwuIwY_vNIdLebwu_aUgXn8nINl1QeIY7lbaYmgfSY_aLMQY-w7WgSA3eLSO3bc_xMwfiTJuLDs2JpQAikchlJ8t-TQaV9FAZMfMtcpo8Hvbk7ILdg-0YiRnFejGkS_FGeh3Zp02rv4mrH9NdIPHf97QTs9AJO1jFeIcE6hHqvLFtZuJHveVjCZptJLJL60uJlpDHGXp4SMoxh5x-GIqSu7iq9SYBcRuC2L1_3KrryJh2QqTBczIHCcJNFO027xJctB215Ykzu1CpUiSVa4KJ_31OSD7V5W-DqKgGDjejvjqG6tx6YP8TnwlpDLa2ZayOJ8KeFWpYZLfMKLmyvFNxEwCon0qN_xPK1-v9Sco5a3afri84vSe0ivvhVo2CL9n-uzLw4G4mjepFRKvlliRvsBDchhGjEzabVPQU7tg2RREX0XanFanJ8peWNt-_8u3cAOsQP3mCJgQcew1Y6BJ4ZpmJk6Gsb9z6tr7TBxgc6lr0x-G12IrvANMvwNoyqqzo1a4rZXK9VEsqUWTkoNOgIL6u7xRGkxts2nQIKsrH7hM-sTbdD8BHVyLlPo79QWB_N_wXVQef4Tg7Fgs8qnKF3Jyp9wVzkk7vyzFtYcwuf8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myip.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230412&jk=2303789462508340&bg=!YmGlYTXNAAZA7GLoYOw7ADkAdvg8WtrL69f0zRszNW1u4WigZnuk_RR02qetWyzav2ZtAcuVVamjjZC8KTIThVcboCqZPF3Q__wCAAAAbVIAAAACaAEHCgBeSL1LvwfZUMRw0EZm4_COxTCYCzUGBoB1D6OEW71sJbxXY009315pYdQursbnRXmENwYIsA73CmVDvQtRc2iaaWTCIm6xsrXmD0k4CxQQtgtm8kb5tCJqogvK76XZQZkC0vya0arRr_yZHBVFD1TvZjt_u9mNlfiAgivqRBQhZyJwI3viebU_minGwTEJBJ82SQ6AQU7H6sQ0-g9xRi0Yq6H7FmggFfpy1TD5rgwXSqdv-Y13Df72GuQ5OY54XBCmvjSo9tDdMZxeF9bvZJDmiUsTCqxOtOKn97OLgwhbPlV-HiaUcori8vzW-ilKdmYBFd1pn0njpjPiznDMglBUQtJhiFVo3AwElsUQ8mlwNuSFaqGv2r0impmDQ30tVH-G5xmDdG0ZWuXIqGB2rBn2qAtrQ7bcNH04Qs5M-2FoAIftcq_yjEAuOnMO9KcTsGXZ40CUM_hq7TFSIIMgDPIYtsrZRi9fZt_ZbN1o2jQ-tZA58OnalhXmV-v_qUS4zu3pcPBICNkkfFzUvovJdJgd4zQZunxbC9EESIREr9jsXAEpvU40gqrCEbCnczxv4JafSAWoK65FFHnuE5yfS_poo1VCqJhaFk4a2jyITYz3ROKJ0JS5i-F4TUzPJWKlD-M-aM35Uat3e0OUCqniMVQ6i6z9ScVYHcV-TClZeu41pNHr-yVmIdkPYa8juWylRjsUCvc-wbj2yV8kIINxGzQhW8i4JissRX74CnyZ-f9dLEU5sD1Xo6TirqisfWKajnW4rLzlBFih3R1UOZ2zPZOuVcdTuZhQueTtAHdT_xUujrXfmwvWyqZ93HJxyDWxQ8f0h2GhLwcn7R-hQkUASBVhDIb5uV8L6EP-7t1hUC1_JLJEefstewXBw1C-wrOD763UDD7EzKbRXCF2ld6QNg_5yk4PGvZYwSvJbTieda30_rDZctWA6_x7MU4oP51kjj9GnyDZn4zkRUoV2mU42G5oVC_jhxH5pAcDD6dN9K2CL-6DjXBz4Wyok9UIGGSwWlCapMpqvTQ09EccE4zrmAacTAMpI9Ahedhb89_VgG_4V8PER1ZPiGAqOXItycwKbsAmn50G
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://odkud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 15:23:38	Name: _GRECAPTCHA Value: 09AMqPRJwRKcM4SHGF3w1WI8mPMFZDxu8k4MMpIrSC1iwdh3P93ONs2T3a2kYvR9JMg87TJWChHqOzKBVQdjNyBDg
.doubleclick.net/	1970-01-20 20:26:02	Name: IDE Value: AHWqTUm-J7mnBxfyz6WEY-Ar2naMBoc9QYcEzAIFqqjspZwk3onfMA9_A4FUX3UukPc
.doubleclick.net/	1970-01-20 11:04:27	Name: test_cookie Value: CheckForPermission
.pubmatic.com/	1970-01-20 11:05:53	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 13:14:02	Name: d Value: EFABCQHgKIEA
.quantserve.com/	1970-01-20 20:34:41	Name: mc Value: 64392642-920ee-83964-4cff7
.mathtag.com/	1970-01-20 11:47:38	Name: mt_mop Value: 4:1681466947
.casalemedia.com/	1970-01-20 19:50:02	Name: CMID Value: ZDkmQuF2.D-Eajc2G5umngAA
.casalemedia.com/	1970-01-20 13:14:02	Name: CMPS Value: 5288
.casalemedia.com/	1970-01-20 13:14:02	Name: CMPRO Value: 5288
.mathtag.com/	1970-01-20 20:30:22	Name: uuid Value: 47c76439-2643-4300-8a63-8137f66e67b3
.adform.net/	1970-01-20 11:47:38	Name: C Value: 1
.pubmatic.com/	1970-01-20 19:50:02	Name: KADUSERCOOKIE Value: 47C56E3C-9FDB-4AFD-8B8B-E145B6FE435F
.adform.net/	1970-01-20 12:30:50	Name: uid Value: 2551071219349401676
.bidswitch.net/	1970-01-20 19:50:02	Name: tuuid Value: cbc4f5b1-0aac-424f-b1f4-c783ddc71b85
.bidswitch.net/	1970-01-20 19:50:02	Name: c Value: 1681466946
.yahoo.com/	1970-01-20 19:50:24	Name: A3 Value: d=AQABBEMmOWQCEL8sxrKj4h6vRmuRrM_dw2EFEgEBAQF3OmRDZAAAAAAA_eMAAA&S=AQAAAkpC3TTp4LaY_qU5yzpleWo
.tribalfusion.com/	1970-01-20 13:14:02	Name: ANON_ID Value: aunseFwl6h7bQQwbQQqBZbE8UnC5f2ZcRiM52pQqxFRDWgZb0YG7lZa9weFMqwCqVM2TOJxRMZb0j895EQNoscZdEV
.bidswitch.net/	1970-01-20 19:50:02	Name: tuuid_lu Value: 1681466947
.bidswitch.net/	1970-01-20 11:04:27	Name: google_push Value: Aer7DvIWPnTKxqjumyIUDqGKuWXxVWdXEK-U4Fxyu65VuNYDn6lUM8PWH6BUMXul5pxapG4TyEVMc0AoSbiUtUNXqd9ddnM_ore4
.turn.com/	1970-01-20 15:23:38	Name: uid Value: 3491616714022617328
.doubleclick.net/	1970-01-20 11:04:30	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?output=html&adk=1141051534&adf=4121372370&lmt=1681466944&format=0x0&url=http%3A%2F%2Fodkud.com%2F&ea=0&wgl=1&dt=1681466943744&bpp=14&bdt=74&idt=280&shv=r20230412&mjsv=m202304120101&ptt=5&saldr=sa&abxe=1&correlator=550059641701&frm=20&pv=2&ga_vid=595451866.1681466944&ga_sid=1681466944&ga_hid=1279941078&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1365&ady=487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31073807&oid=2&pvsid=2303789462508340&tmod=1041652616&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cr%7C&abl=CS&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&dtd=304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://partner.googleadservices.com/gampad/cookie.js?domain=odkud.com&callback=_gfp_s_ Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-1808938608369092&fa=4&ifi=6&uci=a!6&xpc=iPhKvrIcTD&p=http%3A//odkud.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-1808938608369092&fa=1&ifi=7&uci=a!7&xpc=oYga5VoYgU&p=http%3A//odkud.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230412/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-1808938608369092&fa=3&ifi=5&uci=a!5&xpc=zt6lFFb2kt&p=http%3A//odkud.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
geo.myip.ms
googleads.g.doubleclick.net
image6.pubmatic.com
match.adsrvr.org
myip.ms
odkud.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
rtb.openx.net
s.tribalfusion.com
ssum-sec.casalemedia.com
sync.mathtag.com
toplist.cz
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.181.226
18.198.127.244
185.29.132.245
185.80.39.216
198.47.127.19
2001:41d0:303:d9d6:237a::1
2606:4700::6812:19ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200a
2a05:d018:d29:3605:5a00:a9cf:83b3:fc4
35.227.252.103
35.71.131.137
37.157.6.254
46.228.164.11
46.28.105.136
51.89.9.254
63.215.202.137
88.86.101.2
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
06bf100229d3c19f4c9137eec366c26e4957572d37a62e2a4c81ce16f6e9f397
0b6bb04fbfed3b1065e6072a9e99a424bac8c8e7cad9c816a979557755034940
0b81a6c93e3d55fb7ac69789687314084695332e7f03dd91eedf3fb855b550ef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1286e51949deb5e4fa86a0d6a1c196ccd9cb6e478efe19393365a159d93bd1ae
1301aec5f6563c132c5e33bc56fd347101471e454984986209e6dbbffe85a13f
1675da185dd28478fc7c38500eef72cb945bde491683377ba470775a3db26ca5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
245f716de1267a5efba19177e1aa2f0735cfd1762a269b54af0f2fc4f7cb45e1
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
287e32a2091a3d9f440fc2d01f6e3f74ed536e0564669830854445b63209dcad
29dffcd6d04c11937d65829029b426f7656ba48bb10842399894f0b9318e144f
2a6c8e86a79ca62466372a595a79711995b857fd1ee5847dc5b83e58558dcd4c
2b4cbaf14109500c2917a368234e5dd721775a31a8c80266f5e01769944142cd
2b965b23576141bc0dd6a9a39d64491c692a61ed58e290e862203d1f3cfd330e
2be46cf7323af9bd50e060749c974657541ce77d417cf91f9507c94ed2f35112
2ded198bf369f1919d4082170075a888ef643f2a64c51baf9f13ff033fff8e5e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87
33c7346fe75b0d5bce0369e2fb8b8aad54fea85532b30907836327754cabba22
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
442b02a90d8b3fb9fff3a872dcb023519b9d8ad54d12f2ff5f0da75d597af720
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
4873cdea789ee342bba03a85c61529dd965ee730cb5bd0f9b8c614e285f7c641
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4afc3a590036179e04e6d184ac438507da45350583c9bd32b0f0071e343f2a92
4ce3e14300ad4e850f913eb21d90b806c274799d18bb151ed4ee00c9cde0396b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe34d5e9ee729e04c8d2643863975afabccaba2a78ca9a30b58ddb117398b77
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5792be960ec5e00331d1c0ea69833d63001c6d53cc44cfda789fad92dd8e3535
579628d08533f4448f98c025ab33e1462384b0dbb58625759a97424f5e415cab
58979d0f1baa471210625401b791126048a60d3b689eb70ef4bf68c0ffa3b25f
593a01985714b4b3c9c3537ac57f8cd81654a5375cd69753b481ea848b9d2a32
596a77dd9a22101043b12bb7b13a43a3904382ad25ccc2484e457ba775ec9369
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c49380cd5c655f2828362f2df4fe05304b5822462c839b270e407697ca6a6b9
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f6b53db6d833eac995341805e1d09b9511dff500d014d553835a95628d96a21
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65143d8384e359177d69d222e105f86ec89831fb263ea36876b1ab7e789d16d6
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
6d57b8ab9df4ed40d069b9b89585d4b002a55b2d9f974e6df09a58600c4f395d
6e0ba664269746ecc13b977160f73ea0d98f99cc56d6b0c0486082e5be239e16
7397ca49d2daf09290bcec6808451105533fd009ad56ec9b3792f6c95e603212
760be76fde3643436059bbbe4523629904553e77fa0e10655a2f552d2b821a94
76bb2cc8f767f47e023d43261135eaf4e5710a5137ae282001cd736b9562c00a
79229c91381152c205e6553d9faf5c23ccad26669bfd38bdeb2acbba0e2b4d1c
7c6a42302f7a70f678fd4774c45145125f4449a4173a8ce169d7cb198fcd6af4
7d407634b92acf323228361f0f5206d9212472a3bbe7f29908717616162172f7
838d5e2145b377e3e860858924a126c889ecc5b44f35ef470cc7cd2ee3108251
86e4fd2cd5b6a0663e79d7000476d828f4bdd322bf060037fce49b654c71d046
8706076aad64ac711879eaf65a8b1e5c8d7ea8f992b0c9404f6f1c47146a957f
8c65c1bd00a7f29ca41e0ff2ee8a447b7eba99bd3ccf075b2ed2d8b5cbd18b40
8d025f27c9fed3c4537c17a0ff807a4320857d7d7098f7c77cb290c9be6e15af
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecea7dfc842266636188a53b3e94c1a1092d653d24cc221bd637c35c33a9c07
8f216b0f627146e9c42d6777886a385c6095f338151e5cbb9031fc70ff99629e
901abd294746fdf4894bf836da11b92093a1f7895d184b7de30836da7c8d3abe
93df7036a797945783d64cc7cc90a3431ea14ad9e1886349addc7fb9d46296a2
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a79cf6d5f0fc4fbbe6778f83372f783f3b1f53105efdab2121b26df22c0fb72
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ee392ecb6ca6554087d80cfe4e0210a871ed7843233a6b7c9ff33f43417df32
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2c465ada8e502af773faa2641d95f119155de9527a900c474766de5f3548bb6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aaed132b7232ed3084f94ba1eee7ac3ceb23990d6946ca6b4790199693f7c7a3
afaf8fd59951b664dfc94508437558756a366be9e5ed34d5c76a255a1e464ada
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b251f4cdcc25891c184e260b09b27c8417d8e748b894fed7dbeaea48805e7213
b3ae73989e439a77cf3bc2609d36f84c89453990022417f15c2d2126959f2e9c
b74d2fd782aca0e904f017edcd2f4392b2b346fbcc7eec82c2754a8d9da27157
b808bb431c90a624fe5516ffe635cb04efbc5b23e293ab0876f903eccc94ef24
bc07fe31befbf5e59c5234c6d31147500997b5260a3c8bdb3f58fae5a8940de0
bd62e6d21226a1c14f7165b29979adb5c9b45865547832d4ab6b36765004477e
bec1025f029f35b4680356459838a4cdf7037b0a975ef1066df9810a2ef79565
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c9256fa59d148ffc342e3d13f476e8458803723523a9fd75aa71e235dafb76d3
c9df8df6837396a027457387d34fe59a498a29271fab1b2545caecfe7d317cca
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cbeee230de9adc4b4765d4387c54fa936a5c26f8306fe0e6f5f8415284f56c33
d38cd7815b1ee1be1c569b9ad959ec576d82ab9c06ade62b909ea92a8ad3ce34
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db1ce5917797aa9d311b9e9088700dae9d477e6c6fa27e4d071e83c40f7244e7
dd20d1d181849efc3d4f39197a129427af91e68db963752b4d39a3fca762bedd
deb5954bd4e636820e052408dc07f4a620e92382dd37578f30b4de80ea4c2729
e3166db1356dd37ff796c1cdddde94b3992992fce33424c3d635b345dbc10021
e3a55b97c277f33ab8827840558a5f18b3e7bc4a910d3cea4d451aa26b8eb6f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c24b0e8f92a4c8c945503f6464db1a10726253711d64712f8cce18b919c348
e6fe4d3b2c9ac9cfb54928fbe876f11b781a8115a3a8674f55309233e14e0d65
e8a2c35f437043eb2aecb17dbf4766d106127e00638dfd380832fd0fc6bfd350
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ee4e7d89eeeb17ee6150aa81116b7eed43d9c362a5dbcbe0a1dbe49810cbe0cf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff28293a1db4a203121f9f313d576f5d05942c7a5c3b5c2a0137bacd603c7e5
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5dbc8a4b9257a4211ce7fb212f2e9bf2a03d8cfec618aa6cb49e0eb50bc474f
fc780ba4c342822f97c773d611ea5b5572a0dceb3233f5b662adebc4d2308c8c
fc805039dfb668cb4cd52a4952bce5dc38492c3bdea7aa1b2e498c01e83b565e
fd2e0a1593906573a879dc74528698fcd9efb8185b3260ce745e82be650b6b5d

odkud.com Open in urlscan Pro 46.28.105.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

190 Requests

89 %HTTPS

55 %IPv6

25 Domains

32 Subdomains

23 IPs

3 Countries

2100 kBTransfer

5589 kBSize

22 Cookies

5 Outgoing links

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

odkud.com Open in urlscan Pro
46.28.105.136 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

89 %
HTTPS

55 %
IPv6

25
Domains

32
Subdomains

23
IPs

3
Countries

2100 kB
Transfer

5589 kB
Size

22
Cookies

190 HTTP transactions
9 data transactions