www.u-pull-it.com Open in urlscan Pro
104.21.15.8 Public Scan

fra24s05-in-f14.1e100.net

Software

cafe /

Resource Hash

143c2c1a9fd4205d31635ebe1cb1177fccd5ed4b03cec733560903fe18197da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.u-pull-it.com/
Origin: https://www.u-pull-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 51429
x-xss-protection: 0
server: cafe
etag: 10898920439334314091
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 08:15:05 GMT

GET
H3 200 0ef0bc878f437a718dbd99d94c743e2e.css
www.u-pull-it.com/wp-content/litespeed/css/ 2 KB
1016 B 17ms
16ms Stylesheet
text/css 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/css/0ef0bc878f437a718dbd99d94c743e2e.css?ver=43e2e
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad879f7ef2970533c1cae474b822894d6c736259e46f9ff5f52da2b0a405db02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=1768
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"6e8-61785a29-3011fa;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l%2BbpaJfujkO%2BOC3maLygn6s4SwM6FGcd538Jkj7SiLDKGIa2IWcZ2%2BVUStpSNNKuziybcVKdIYgxoCLXYQMp39DnIi2tWEYmrR2FfSsTSZmpcWsxsrnWenhnxVMoOiWO2X6Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 6a4a7979abb85c8c-FRA
expires: Wed, 27 Oct 2021 08:20:55 GMT

GET
H3 200 122ee508f2612c7dc5ac7ab30e1afd9e.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 6 KB
2 KB 23ms
20ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/122ee508f2612c7dc5ac7ab30e1afd9e.js?ver=afd9e
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42ffbeb4bebb4a2fd22fc5661a9b4843cfcbfec8c1c6e9731ed49cb11e5f70d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=5874
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 20:09:51 GMT
server: cloudflare
etag: W/"16f2-6178608f-3011fc;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef%2BirfTCXRpHjNgQg8OzRt7gm3S1blo41BXvtFpG8CIQPTKMJwHQZhBhujKkpQRbxm3iUKAQIlV0rJIH0fJFbFn%2BTcLuBoqsEaVt1Evn7nGm%2Bb31bfTOokaHO1WoBMrPR3MvQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbf35c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 1db9224732dccada9dd79d6241ab69d8.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 19 KB
6 KB 27ms
23ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/1db9224732dccada9dd79d6241ab69d8.js?ver=b69d8
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1517f746b20a4d7d80914a92787e891afe1f5282558b24c659f3b38b3d24b1b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=19765
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 20:09:51 GMT
server: cloudflare
etag: W/"4d35-6178608f-3011fd;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=62fc1qUbVZhf6XHAUHv4UeaIguk23sHJyURXR9%2B2fiAjep6b518yZbXmg2BmbUqjfNHyz4n67ZAaqmIN2LeJTpbPQQ%2F8pTc1YweObcovBJhxV2zqXT0iYr0brYvZPKvjvVkXqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbf45c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 c3f095d8193f7a0c887ad8a54617f396.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 1 KB
1 KB 21ms
18ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/c3f095d8193f7a0c887ad8a54617f396.js?ver=7f396
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dae60c1ae93830b79a4a973b55a51e457d539eb298da9fca643b3ed0042d569

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=1428
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 20:09:51 GMT
server: cloudflare
etag: W/"594-6178608f-3011fe;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wUMRSFnaJEw%2F1z0KAWGwOO283a%2B9SEnYzFVbdG97hLJcj9Iiq1KemtLQGiXvCH5yxFyc7zP61coY%2BGVhkp6Zh6txgXpVoEsLPowHSWKzo9q6%2BoirLOr3ckxy%2B8KyGyAfTBZcSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbf65c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 a0078045184e205479ed674367301903.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 5 KB
2 KB 101ms
98ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/a0078045184e205479ed674367301903.js?ver=01903
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ef1bb35d078499d5e68d0e512a205e3011574896787e614c9e2365443dae72e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5321
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 24 Oct 2021 20:41:28 GMT
server: cloudflare
etag: W/"14c9-6175c4f8-301220;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNZmzJEvccZObAt1X0DmW3IDZiYc7%2FHJ3%2BuVXSq%2FzPN4Vr5WG6RKkr0UWPdjuyBTOOEaTSOJKUH9EK4kKpmP%2By8AAM%2FAxC0kBLqhFqpapxaDGkTz7lHM956AOHKA0heShTSY3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbf95c8c-FRA
expires: Mon, 25 Oct 2021 23:46:33 GMT

GET
H3 200 55a2118db9a14ae316db542f82c80e1c.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 5 KB
3 KB 25ms
21ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/55a2118db9a14ae316db542f82c80e1c.js?ver=80e1c
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd0fe90c96987613cbe89d2983876dbf770b4bc5cb2309ffdb6810cb21b87d28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=4704
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"1260-61785a29-301201;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCn96URdD0mVyO%2Fa1pss1y%2Ftm3BSxATaD1e%2BBgW%2Fsq7yYvMYELrgemUBATDLZutzjQDf5ZctypHIc9hTxujLzl77PBn4BA%2FTBSJvAfSr%2FyGKjjw3lStjWGlumRLtPm66xBYSHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbfa5c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 9c9d22345674ca26ecf5e3cc3ff14577.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 5 KB
3 KB 20ms
17ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/9c9d22345674ca26ecf5e3cc3ff14577.js?ver=14577
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97c394685a901842e70323159eca79e6fc9884373b6cb63223e489a957788c14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=4881
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"1311-61785a29-301202;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvPhI1QXEoJlfhGuJZCHKjnU77mwFpdSxoQxrz1v%2FHLG1Y2ey2AMRPwq4lcczBfAwnH8YZFzrhK7Hmh4%2BGjL1zzUoo%2B4%2FyvB2q7dblFuN0MfMexlYM0dS6p9Jsh02xFbLwkrJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbfc5c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 b77727d0701be8ba28d08e29e597d2ec.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 14 KB
5 KB 18ms
15ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/b77727d0701be8ba28d08e29e597d2ec.js?ver=7d2ec
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0078ef86ca62b5196f6bcd002aa9a8ec3c3a57c36832dbe90d91ea9d62a7b88e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=14004
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"36b4-61785a29-301203;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deADT52JNso65HtLNUixuJr0PWwXwEyPTR52eHzDTohgx9oY0EcUKyHcasDVnZv4ztQJe11nMi9sCgkLMFk3jRnvggvllld5bkiwhU9Is1eaIYIFirBvYWKiZHVuRiT3kc%2BY%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbfd5c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 39261cfe022652dcfdd41ee5ea9b99e5.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 19 KB
6 KB 26ms
23ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/39261cfe022652dcfdd41ee5ea9b99e5.js?ver=b99e5
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8223d063043f23d6fa3e3eedf6baf7acb79ab814e2d01ebc41986b2508e1887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=19902
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"4dbe-61785a29-301204;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P9uS3hzfS6x1iX%2FllvzhbZkSC9yLFQ%2BRQx96YwDANarOhmHQgc%2BVHiNiWW4E31BX9BMWuYGW3%2BvYKfbW6UiDxheCifWrHlfj01sc9i8vE%2FBIJo9dq6Uc4D9D3bHtnxrlwOuaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bbff5c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 57b6ed2a509a45457e19344de8abf647.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 12 KB
4 KB 29ms
26ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/57b6ed2a509a45457e19344de8abf647.js?ver=bf647
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16f753762797f6d0783a7d74897d179fa104c3946301380911115d6efffe622b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=12200
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"2fa8-61785a29-301205;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cktos1VtBWh5BuCWJwLMtRofkiDqZVtV78hSDu%2F5Mz0kiZOSVkewrDoleZbhApIj3ZR30YaFkViK1hK4x0gcfX9l4EBfgoQBAazd5QsM%2FMoWwSw0tUA5HmaOUe1EX6VuC848YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bc005c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 462b8107a97f146dbb485dbaff94c9b4.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 20 KB
7 KB 33ms
30ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/462b8107a97f146dbb485dbaff94c9b4.js?ver=4c9b4
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0a265b5c72dd333fc0340fd81ce10ba69b74ea2c956d143c7004ee51797c287

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=20789
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"5135-61785a29-301206;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df%2BqvGZv2zViDiOfMv6UqWu7kstnWpmrpXqzgL0I%2Bh8uXsLF35JvkTO38Ug56npDHfmJI%2BnIXOev1WzuU%2FU6gEBjiNR4RHZWaZL7HQC%2FUE1UByqeBgqrLjx5aR7thClAh80oag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bc025c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 aoG1Ey13nth2pvRxIIjAevmqzNM.js Show response
www.u-pull-it.com/cdn-cgi/apps/body/ 6 KB
3 KB 22ms
19ms Script
application/javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/cdn-cgi/apps/body/aoG1Ey13nth2pvRxIIjAevmqzNM.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/cdn-cgi/apps/head/BvpFCnKzEDSH2kx2aFtjkKl65GM.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea82a0e496f9ac4fc5a0349674c20fc8733ac9651e2d06d6ece1a63d15ca735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 899069
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: V3T58MTEHJ7XEEK7
x-amz-id-2: gTYNgpyCoTiBSf+DGzIPt+1OiaEPSzA6VIG/lIH5q0Augl0YhcEEnETKMiiaXEfEDuuSIpXR5eI=
last-modified: Thu, 12 Dec 2019 05:16:56 GMT
server: cloudflare
etag: W/"d78ae742b3db62c395093f9910ba28eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFrzvG%2F79GgoUenjEkAAgIyFuvWvNGSLlKozziBw8nF5%2BqQxgRvyrXqtxNbhc2uAhyqzIIUkgGBT4A8TGiLW7n442qWeXmY9VJfSlWKkshK%2FOJxP%2FWuVs1GoufpKQL%2B77U%2FMGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: yV2YeiByh76RsMr0WIyQG.CdsDX3o8fC
cf-ray: 6a4a7979bc035c8c-FRA

GET
DATA 200
OK truncated Show response
/ 50 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745aa7922c7f2b2b90fed47707f158c11b5c6d65ebb515bb55db1c57f545b267

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 bfdaf3b6f76c5e863ed43a41716500f8.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 36 KB
11 KB 36ms
33ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/bfdaf3b6f76c5e863ed43a41716500f8.js?ver=500f8
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e1af48cf2da34c1a25b5286e8412fac7eb4e15b77e9837be6d81515c5cd8b3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=36659
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"8f33-61785a29-301207;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RbLLYh70d2jjv55F1LAyWukWa%2FwXKxTPckgB1Hn527HyLYcMgnXLhFn6ILlUbbJe753ZQWJuOiGZeGsi0IrrTxftfQlRAz2f7uy6D5kgnrnXDQcV0CFXO6FLiM%2B%2BbYO7bvb8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bc055c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 899eb82bae1f1992b4f9e0d189d60400.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 23 KB
6 KB 24ms
21ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/899eb82bae1f1992b4f9e0d189d60400.js?ver=60400
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a1df1c46c431cbf79d3b4c905d17a56bdf5448491eb2437e6f8ef9a4e219d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=23781
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"5ce5-61785a29-301208;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8dcgX7aSgyuco%2Fm5AyoD7inIKoNl4mepcDGykfqIJiG51O6iHvmiyrJlhYxUfnbbWVnzf3g6WnM49VEg%2FUd3lq5UD2%2B%2BcUMDAp4m%2BAotBQ3w8hGXIXfa4RQWcaGezsYmcTTiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bc065c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
H3 200 a8924f176f6b8e472022992ebfcd5789.js Show response
www.u-pull-it.com/wp-content/litespeed/js/ 8 KB
3 KB 21ms
18ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/litespeed/js/a8924f176f6b8e472022992ebfcd5789.js?ver=d5789
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4150b2d0c45511c9d77040a5b2ce2576dc314bfe18c64b69c929036b9e686425

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42849
cf-polished: origSize=8476
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 26 Oct 2021 19:42:33 GMT
server: cloudflare
etag: W/"211c-61785a29-301209;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzdjiZv0%2F%2Bl1YlML90fdfYrNCni7cB%2F33%2FTRONMiTGH%2Fviqwr43zJwthKqM4FRW9bwhscYNVycIs9kCsH%2FxRY7WOhXMemCZjtd69W7YyGIAJtMRcMSv%2BH%2FeWjcIHydBtjEC7Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 6a4a7979bc085c8c-FRA
expires: Wed, 27 Oct 2021 08:20:56 GMT

GET
DATA 200
OK truncated Show response
/ 134 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ac50bf404d7817475d636a0db03afa86a8b991912126863dcffd7b50d19daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 45 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 129b2f90622753ed6ccfd8e610d3236ec87f1b93af9afed05bc68e808b8f595e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56c7a62d35038f015936e535fd55a52eb94116831c5008679867f55615470380

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4ef235c3eef8bef32e50772b0e1304d8b32c115f886b9ea90200b5834045c6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 header-bg.jpg.webp
www.u-pull-it.com/wp-content/uploads/2018/12/ 16 KB
17 KB 67ms
66ms Image
image/webp 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/header-bg.jpg.webp
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b71a5a833605ed51291d417eb189e99b19f4eacde881221c689c76b0fe5e07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "4036-615a2dec-301ef7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5gZ2wW4TMMDrfu6lSXKoHvIs5%2FU6z%2FMjlxdUCKvTTk7eBstCsjyV9OJIFfeZIhzU9zLkmyprss%2FfecFPzVqEHAE7%2B8mqAvZxY2c8fB%2FCaRdHIEYYOwzjde5XGsWjDJT97EV8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a7979dc295c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16438
expires: Wed, 27 Oct 2021 20:15:05 GMT

GET
H3 200 fa-solid-900.woff2
www.u-pull-it.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 22ms
15ms Font
font/woff2 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/litespeed/css/e33c1c4e9481650db7b1e36196fd2003.css?ver=d2003
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.u-pull-it.com/wp-content/litespeed/css/e33c1c4e9481650db7b1e36196fd2003.css?ver=d2003
Origin: https://www.u-pull-it.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78196
last-modified: Sat, 16 Oct 2021 20:53:01 GMT
server: cloudflare
etag: "13174-616b3bad-320bd2;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DkgQYJqKFwK1ZFwHzkmZY%2F9F06jzyy0oh1lhJTQ6pYgH7hA%2FQ3AuVNc28b8GSIJvmhB4d%2FvfXTcOboZN3VO0UdZUVSmlL7Z443t5NO0qqDGTGtAXT4wCZ6xuNM1Ed3olyRTvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a4a7979ec785c8c-FRA
expires: Sun, 17 Oct 2021 12:08:12 GMT

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5cb3c2477e41ca879dd08266a7cc5ca76272ff26f53fedcff5672feeaa7bb97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 144 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 545a515e4e22ea119ed0f30968bc6a3b07c9c77755735a1d654a8b2206434d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1914c65f50a289e8c61022e4ff089c99f7e41459a50c7a7e8636fbd42342d582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated Show response
/ 24 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cab68ec377f969057de608a48096cfdf97a36d37e1932eb008a0cb9cd451cbd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 854 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8567910c20a8d5d4780282da4d9bbd8d6ecb51cda15a6a52c0ff0e08d21e44ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
DATA 200
OK truncated Show response
/ 329 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 269fcaffa15662f93737af0282f7a6bb79d0c927344246e0ba46a2190b707ad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 144 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68d792925bb05b01d7402881dda450299ae716a9d0a246ffcae999999485dca6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a8dee780750f204dc8b4345c03357d3ae2eaf6489481b602953c0a3cf34783f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 010aae119961cd27aea895903153b1beef0d5643c82ae24f0d1180bad00f0ab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32cd11fc0fc77c6c407388c78ebe00d1c95286af8600be4b4fe2f29e169daa11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab347189e7ad45b87273fb8b92f2d47ce3def1c67808bd4f489fc2e4cc540f8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 87 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68e4427f2af26e714883b6d7bb03cdf873c1d24b43b1fd91c8a0c6e78a3441c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 324 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae9de52233685161ea61d4d2125cfdc5173e6b1a7fbeec4acd0a6f593c1e2458

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115192652-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 839
date: Wed, 27 Oct 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19747
expires: Wed, 27 Oct 2021 10:01:06 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/cc267ab8871224bd/ 290 KB
95 KB 36ms
13ms Script
text/javascript 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71173eb1cc84ee88adebf5552afaf335a6d6b2759d37b722b56f7d05c9abc1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 97502
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 25 Oct 2022 09:54:46 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/cc267ab8871224bd/ 41 KB
9 KB 31ms
8ms Stylesheet
text/css 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/cc267ab8871224bd/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 09:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9032
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 21:05:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 25 Oct 2022 09:54:46 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
5 KB 29ms
7ms Stylesheet
text/css 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=008229716389279171738:ruztqiee2l8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:07:38 GMT
x-content-type-options: nosniff
age: 447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4495
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 27 Oct 2021 08:57:38 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ 270 KB
97 KB 48ms
34ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1957707705603006&plah=www.u-pull-it.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51fbc43a986a30d22ab621f23d0d95e51dd574f1f1b677af3bc77c226cf957cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 99003
x-xss-protection: 0
server: cafe
etag: 2748601908783812869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 08:15:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/ Frame 97C0 10 KB
5 KB 28ms
7ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1957707705603006

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Oct 2021 15:13:19 GMT
expires: Tue, 09 Nov 2021 15:13:19 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 61306
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 41ms
20ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1811602816&t=pageview&_s=1&dl=https%3A%2F%2Fwww.u-pull-it.com%2F&ul=en-us&de=UTF-8&dt=CAR%20JUNKYARDS%20NEAR%20ME%20-%20U%20PULLL%20IT%20SELF%20SERVICE%20USED%20AUTO%20PARTS&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1824248233&gjid=1296015400&cid=3661310.1635322505&tid=UA-115192652-2&_gid=733644631.1635322505&_r=1&gtm=2ouak0&z=1220100830

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u-pull-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.u-pull-it.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 text-editor.9efe2dca043f0f618897.bundle.min.js Show response
www.u-pull-it.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 116ms
115ms Script
application/x-javascript 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.u-pull-it.com/wp-content/plugins/elementor/assets/js/text-editor.9efe2dca043f0f618897.bundle.min.js
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/wp-content/litespeed/js/9c9d22345674ca26ecf5e3cc3ff14577.js?ver=14577
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30331b6386e546d54b1d5f1b9c175f64509a5ae05277ca64cad1a5e0ad73efd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 16 Oct 2021 20:53:01 GMT
server: cloudflare
etag: W/"54b-616b3bad-320b6e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TK6t2vKtw0V4bTY0spyd0BAylLV3Ga1hq7Cc5LS%2BYGqWCE8saPvbI9ozriObX43WYhlxtEu2N%2Bq8DIPs%2BlkMCol7yGBZiNZb1q1o1puffqv0lUKSd5Bs4nosxZ%2B0pi7OX9jB%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a4a797b1f225c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 21 Oct 2021 06:16:18 GMT

GET
H3 200 async-ads.js Show response
cse.google.com/adsense/search/ 149 KB
54 KB 37ms
22ms Script
text/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/cc267ab8871224bd/cse_element__en.js?usqp=CAI%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

sffe /

Resource Hash

033a62c08e4b855f411f7fe882591c6c91145b626472952619bcaaa76dcd9709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
server: sffe
etag: "8041207837564183157"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
expires: Wed, 27 Oct 2021 08:15:05 GMT

GET
H3 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 44ms
14ms Image
image/png 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/cc267ab8871224bd/default+en.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/cc267ab8871224bd/default+en.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 02:46:58 GMT
x-content-type-options: nosniff
age: 451687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 22 Oct 2022 02:46:58 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
149 B 41ms
6ms Image
text/plain 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f10.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
149 B 72ms
16ms Image
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
415 B 45ms
15ms XHR
text/plain 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-115192652-2&cid=3661310.1635322505&jid=1824248233&gjid=1296015400&_gid=733644631.1635322505&_u=YEBAAUAAAAAAAC~&z=1442476008

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.u-pull-it.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Oct 2021 08:15:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.u-pull-it.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
610 B 40ms
16ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.u-pull-it.com&callback=_gfp_s_&client=ca-pub-1957707705603006

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1957707705603006&plah=www.u-pull-it.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a65dd40fccb78506c5c4042afc5048fe86f16b16270e7b25756b017d12608f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
716 B 38ms
17ms Script
application/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 39ms
15ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 08:15:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9FE 273 KB
61 KB 629ms
613ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&adk=1812271804&adf=3025194257&lmt=1635322505&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.u-pull-it.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505338&bpp=3&bdt=253&idt=186&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5037794300929&frm=20&pv=2&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

103660051d4ddfcd56b3669adcba5ceeecc9c8558cae9d9c2c0848f74a6bbf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 62857
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AFAD 82 KB
27 KB 740ms
739ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70fb138ab09426e8a624ed9d4170a3cbdf0087c01bd683ca287d587582448696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 27349
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
38ms Image
image/gif 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-115192652-2&cid=3661310.1635322505&jid=1824248233&_u=YEBAAUAAAAAAAC~&z=1498051970

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
472 B 54ms
31ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-115192652-2&cid=3661310.1635322505&jid=1824248233&_u=YEBAAUAAAAAAAC~&z=1498051970

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF80 89 KB
29 KB 616ms
616ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ee7a2b2c4b7313b4baf2afa4a8e1630f092477794114dae23716df65f43b959

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 30084
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3DF4 62 KB
18 KB 534ms
533ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505390&bpp=1&bdt=305&idt=273&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=995&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CggsXOXkI7&p=https%3A//www.u-pull-it.com&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77f9b4001d5826c90dee5b26f47522909d63e5beb26e691602d6ca6072a4b295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 18453
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/ 143 KB
52 KB 27ms
27ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110200101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a92f4e0e6359374bf1da61525973ba062952489af08cc7cb2a32fe693f757d7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 52847
x-xss-protection: 0
server: cafe
etag: 14086096054196716776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 3DF4 18 KB
8 KB 31ms
7ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505390&bpp=1&bdt=305&idt=273&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=995&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CggsXOXkI7&p=https%3A//www.u-pull-it.com&dtd=276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:13:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3DF4 8 KB
1 KB 40ms
16ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 07:27:07 GMT
server: ESF
date: Wed, 27 Oct 2021 08:15:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame 3DF4 14 KB
3 KB 42ms
6ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 23:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 21 Oct 2022 23:15:49 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/ Frame 3DF4 353 KB
122 KB 42ms
7ms Script
text/javascript 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

sffe /

Resource Hash

c39f8588079e72fbf6af0e9c8f25cfe8367a233950984638ff6f8f8c5416ac21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 125199
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 10:37:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Fri, 21 Oct 2022 09:19:07 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 3DF4 14 KB
6 KB 31ms
7ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:04:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
17ms Script
application/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 60ms
25ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.u-pull-it.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/ Frame 56DC 10 KB
5 KB 7ms
6ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Oct 2021 15:13:15 GMT
expires: Tue, 09 Nov 2021 15:13:15 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 61311
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/ Frame 0575 10 KB
5 KB 7ms
6ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1437cdd25532919299784f840c613a46dbcf783903d558bcf5386defd7cceb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 26 Oct 2021 15:13:15 GMT
expires: Tue, 09 Nov 2021 15:13:15 GMT
content-type: text/html; charset=UTF-8
etag: 15765991816257340444
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4703
x-xss-protection: 0
age: 61311
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fc1a83b05116a3404e5ea11a6cf94b59.js Show response
www.gstatic.com/mysidia/ Frame FF80 7 KB
4 KB 30ms
8ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc1a83b05116a3404e5ea11a6cf94b59.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056220caa42baa199898a53a29b2ae6ac682c388dc2b9d6c5d6837dac2a9492c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3265
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 20 Jan 2022 08:09:26 GMT

GET
H2 200 b2db7898b7f1b584d1a212b8dce47919.js Show response
www.gstatic.com/mysidia/ Frame FF80 8 KB
3 KB 36ms
14ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2db7898b7f1b584d1a212b8dce47919.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ec480bd89e160fa31d6851ad01df733db86eaa51a1e90e25a5870823709a7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3408
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 02:08:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 09:38:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FF80 3 KB
580 B 29ms
15ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 07:22:08 GMT
server: ESF
date: Wed, 27 Oct 2021 08:15:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FF80 2 KB
912 B 15ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:03:25 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 56DC 4 KB
635 B 27ms
15ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 07:46:46 GMT
server: ESF
date: Wed, 27 Oct 2021 08:15:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 56DC 205 B
493 B 33ms
15ms Image
image/png 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 14:47:20 GMT
x-content-type-options: nosniff
age: 235666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Oct 2022 14:47:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 56DC 604 B
696 B 33ms
15ms Image
image/png 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 24 Oct 2021 16:08:40 GMT
x-content-type-options: nosniff
age: 230786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 24 Oct 2022 16:08:40 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/ Frame 56DC 18 KB
8 KB 49ms
25ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3108a595755e4b68a8c9af8465be4462d8d3479043a586bfd3bc18c97c06fe6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 07:00:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7873
x-xss-protection: 0
server: cafe
etag: 16040667361225943213
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 07:00:46 GMT

GET
H2 200 fc1a83b05116a3404e5ea11a6cf94b59.js Show response
www.gstatic.com/mysidia/ Frame 0575 7 KB
3 KB 24ms
9ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fc1a83b05116a3404e5ea11a6cf94b59.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

056220caa42baa199898a53a29b2ae6ac682c388dc2b9d6c5d6837dac2a9492c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 08:09:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 432340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3265
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Thu, 20 Jan 2022 08:09:26 GMT

GET
H2 200 b2db7898b7f1b584d1a212b8dce47919.js Show response
www.gstatic.com/mysidia/ Frame 0575 8 KB
3 KB 30ms
15ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b2db7898b7f1b584d1a212b8dce47919.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ec480bd89e160fa31d6851ad01df733db86eaa51a1e90e25a5870823709a7fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3408
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 02:08:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 09:38:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0575 3 KB
580 B 24ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 07:42:37 GMT
server: ESF
date: Wed, 27 Oct 2021 08:15:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0575 2 KB
912 B 48ms
28ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:03:25 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame 0575 18 KB
8 KB 42ms
22ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:13:22 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0575 3 KB
1 KB 34ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:12:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0575 120 KB
37 KB 53ms
28ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame 0575 14 KB
6 KB 36ms
17ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:04:31 GMT

GET
H2 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame 0575 27 KB
11 KB 22ms
9ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 09:36:35 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame FF80 18 KB
8 KB 37ms
21ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:13:22 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FF80 3 KB
1 KB 15ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:12:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF80 120 KB
37 KB 58ms
36ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame FF80 14 KB
6 KB 35ms
18ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:04:31 GMT

GET
H3 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame FF80 27 KB
11 KB 22ms
7ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 09:36:35 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 3DF4 0
298 B 46ms
13ms Ping
image/gif 216.239.32.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kv98spjh&c=1298881080190&slotId=649440540095&qqid=CLPQrYiT6vMCFdaHgwcdIbcIEA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.3 Los Gatos, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3DF4 15 KB
16 KB 31ms
6ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 484729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3DF4 15 KB
15 KB 32ms
10ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 139649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 17:27:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DF4 0
20 B 41ms
40ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CCaijiQp5YfPnKdaPjuwPoe6igAGI6-71ZdzFnvrVDv_LvfzHARABILiK9VdglQLIAQWoAwHIA5sEqgTyAU_QG3bx3arF4aUQV9W_cgdQGH5iwoCDWKQ87d6vXqZH61NuW8K4mIusXm_3DJ8lDQWMH6pW6iLnn476iHY3XyoB8aZUHrQhFZYcBCAbe9RVVfGAAfwlybnmw5Ivhy7IOSYrxZ-S_rXDnJT4FUT7AUYriSSWdFcD58CiS2H-ixE5m5yvVIhoD8A5WF0LKTQuZc3ONTG7ZwZvNVC_TusJmv9P0O-xIA5VyyRZtJPxahJlGZLP0YhS7Q_XjMOB9EI73I5eSsr_UWuXOm_tULy1A9_7aBHR19OOjwREDM-GbIFcWj5gtIScvP-0BuWD5d1-fQLAwATfhMH37APgBAOQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbAT6cf6DMgTkJvO3gPQEwDYEwqIFDDYFAHQFQGAFwE&eventType=clickstring&clientTime=1635322506322&ai=CCaijiQp5YfPnKdaPjuwPoe6igAGI6-71ZdzFnvrVDv_LvfzHARABILiK9VdglQLIAQWoAwHIA5sEqgTyAU_QG3bx3arF4aUQV9W_cgdQGH5iwoCDWKQ87d6vXqZH61NuW8K4mIusXm_3DJ8lDQWMH6pW6iLnn476iHY3XyoB8aZUHrQhFZYcBCAbe9RVVfGAAfwlybnmw5Ivhy7IOSYrxZ-S_rXDnJT4FUT7AUYriSSWdFcD58CiS2H-ixE5m5yvVIhoD8A5WF0LKTQuZc3ONTG7ZwZvNVC_TusJmv9P0O-xIA5VyyRZtJPxahJlGZLP0YhS7Q_XjMOB9EI73I5eSsr_UWuXOm_tULy1A9_7aBHR19OOjwREDM-GbIFcWj5gtIScvP-0BuWD5d1-fQLAwATfhMH37APgBAOQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYX4AKAcgLAeALAYAMAbAT6cf6DMgTkJvO3gPQEwDYEwqIFDDYFAHQFQGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3DF4 24 KB
14 KB 68ms
38ms XHR
text/xml 74.125.206.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A-bcaTsB8kXQuHNWFlhA0m-cJWKLKPX7qUXcuV1BzCp3S5z4d8OpzGkHXLJvBF44LMcYIihDm6Xwr-c_rM9IjQqCxaAw&cry=1&dbm_d=AKAmf-CWywsHox2fPyL0JMx62lrVvGx4CqJiOcOXkzdrmoJ-jPOF_URb90QTXMkB7oVdyYGumANwRXI6uV8jMGVghR-QVv6alCdQn8ygJL0qen-_uZsI8p2heqyM9S7KN-cGK5VsTIuBNt2I3SFnUJ-Gtdwbqis7lEibCoIMq7mZRwXlF_wpFWudCjLrC3OeoEZEhWKHQFQv-lwDcC9zWbDHt04ADtcdhYFcHafUObyBmc3pjhg-qaxrB_sEulsxA11CoFpY0bKVJFtT63-Fy4ewkO6a4hzHBp6dbFXUbtH8zCnzAQaZb5x6DRJvm4lu5fBcdUTJblCp0ib81I8hc0CzhvLLpK0wD17EzoJeOaGd-2qGrE8uj1KBlC2FlcoYF0fnjmnpHkPlTWp820XPzehffetKWb7Uhh7u51IhF2QmJdncB6C6TDbPsSKBzLw4JMEE0WegTel4BrKcrFA6Po1UDTYZCfQSSFET5fysexktCAXothaoyuncM1UEe0zgAid8lz4rXJOFzEosJOsppMIEA7HUiDxLsSQQJwLKU01Wgciz6QEe6MXUTb58_aDxaUNymNSgZvJPitJqL7dgWpLstyRksQ7RBGRmovc151pI2aKPBPFsARf3iwJBWV6v4euRslP63uAyEaRW6_9r0HjNaXccDJd0lwlcR0yTb-ycsdQKAx-vBkFWbPAZkt_pcUR8vMMslUXEs89lDfUNctxdSYgVdivlxmJ8Q4yGalFBVNf-w74THXStWqHVSqg5tqz9suN5Znpqxsv6XmPjHiMEefFQmIAsqY6xsWd2yB-Opz73ffWM_SPHyg-nmSJ5-qWk2s19Zkp1dtJO3is93qoLXlXEChzjrD2bnzxgY3S1_IKVjZWkwtJQ1IgBvxp0PKpHwBEdbTiMw0ctFj3T29ZRchDrpmY6nxBky-6_rYW2NLBvmKEE9kIu3ZX6bsyu8kESkS0ht135m8T9tEBFzijBvbDOhOC3EqEjYcHEQKGkDye0n-rynyYMMHLxwUpLSyRl0nNybo8kFl468_WT1l-bVkEwjLG3RQ26r5GAYPsuYFz5nUGUZgBQu7tM_E8YxOAq_09fYcSYku8EVvK-XCQgFzKyxoeVuVC63wIfLe6IbLUaFeIfXV5yhUYuZiDnK3jYlwqNSGC1YJJe182qBOgxj9MiPlWWFxAuvcKE9hQpPsJa0oIwvXhhQcr8E0iilqBqvNuvM2-x7XqkAGZQzIASJXpEJwwZqpQMBNATT-_JrocirY0tXngKWI_0K7M6Ynd5eYQiRY7otx9W6gqJBvVd012gXEcHMvUTBP4ClLU7dKMk1pBImdWdGjz9Z3ogZhnHih24R6ogjH6eH2I0l-VrgLeo19OD3v0wB6NE6mOlFKT5R9mFIzotvqRlDr_A_iLhf5n6N9_muxHgxCHaDknXhGzf18sq2Qg2qaOwvjI6Yl-si-AMIyoXjuIqywnGPmkgVAaVsHJ3kl9AoGUnxU4Svc7pORfTQftiMlJojJTYHgJKHWY7PfE_3mBtj6pdMWID8yHNVOaT1eyb1naeSSzelGdJ70e40VW-EkVGaSbL-S-vzm0pMFktQoAAkmkqQxhkNy49v2XL7KRq1g2Zly0gwiTaG4JSJNDMq7GvxMWRz6a_K0APj5zMj2bjuzMKBS45an0FeHq_NVfWcJ0UP8AVa9xHJ5BdfwGqxEESMxC3Qo-67XEnqJ_gpHj2ijClWrVPs-jQH8rDDz-lhgDw9XtPCLmwOa73XxHSmRjzx5JhjARo0Re3QPdWjv5se_2I2LCrylILzdw7KzQWsUfuZqENPseY8S6_0u1-PBcpvyDaJf9FGi_iRoqU0IYe_-oAX7MGffJl28rVVDixrGAd8nOYWp4IBGZBFrYhWb1nhxPgp3I2kdbOYc0bB6ZJyo6y1lfIkRD80H9b5GeL0y_4qT6vLu621kUI8DbrDWxNkkSVkwA8NvmdRlUpqFUW_o4zdr2aYLsYwyQ0qjtBhGrwK5jN_8x4X2Z0DwmjtQqTeQ958kqsTkNlCW0urEJV8rUjmbQy4nKuJ1Xb-VZcbGLkx111NuW0ufXHg6nmVPWs-l1NJ6L4oeBgWoivHPXlyZQ2ITHLFnQCOMEAvLsoxnFEMN_RKnqIyZ7xm16imfdTGCd3kg5mEocZVuHLIj7hqC557qXg7zns7tBafhz1dyEC8r467HM2yTQBzUxy2X57xqvMuqgD-tRWeZxDhDfDmPafDwJPhmcLj7JEQSKV_mNHwlah00mkM1MzRHEPfFLYyvO9zT6_gYITbjOwpvpHJ4rVQA6BMJJLxUjKIzBQy-JozyD9kkXT9laqtk9HelF-Wt80WWX1jthetPrQ0X43D8XJZcBd0cD7jB4wC4oQODZnL0X0LtuJILTqcSkKsSKoXKj3VoCMFL7kbym0atT6dywCBmANdbovM_fVhUA28JJd5SzK2llYBrI04Q7U5SrHbqdWKBS6oSyK0seNEqPAGmfGpEbQ8tRdmlxyCuNmreV6LL0y8Wnh2Ux993UkPk2PDvfuT5LX2M6ppBQQEofTFprDzJocM34ZG6NgKlczHGw9Pi96Ol5as97hnCPqC8iVC-V75fWif__cJSQgGk3WULcJb9S4qnPGfpiGK2NZv51j3sh8rtD7bVpHAYxFBVCSjtXyNRA_0DkDCHXx-Yz111DI-qp0fZJ8vdrBXPvUR3Wkazo9QNlAKp5eNX1IMqGKUTZMhPE0naVShDMzQYJZN2TCo2HXy35xQK7GJ2iv-UG2NH_s1yBmA65sx6a-xQTD_dlxxsd0I0O5_V-WQjLIDM7PEvuua007A5rtyyu2Hbo15dhAa7PM7f3oJ5uh-Ha2zHVWPzj-Um3MXqdINLj4xWCjXhLTD39Iu9j5xd-KrkqfLD0FbBKi4djDKymyx1I9GWrKtWbv-vDHOHs-s3P59EKytIMi_QJrWUpb0AKHYveQKPswo119j3bwkbSvDe5F7epHIwaUzEHZgO48YRWH4_gMwytA-3R_AuRCigecGh_fPBfb6HPVjWkY8UD3rngeQVBpCQxC3zGpZOVUrO_uWxeLKasEHfG_j9mtJQjSbnUp94N54VOIV9RBPZ4eDZeuonw8Xocus2DXINADUbs37b5_s0WAey_XnsdRBGJP7aeYBoIHWYnkftnFCE60i_sBsmVd-uKQ7jTOgm_WqMneCvAPu8PUMnoX--NxBYEhFENGwLxHSjpF32wFOeJ5YyGJbPNC6jr4eDe6xtMgmE1osGy8DWmzmzF2_WxHzWtEQY0FIHL5cGfKVf8pfahFHUj0l0JHWdq2cWX8krkSqZQ0uQlJtf7IltgJPy-XQN3LiwY6pu0bicOsQsU5ZA&cid=CAASBORofrE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f156.1e100.net

Software

cafe /

Resource Hash

21556e2080f8bab57647191cd754db09202be4a090b42e152fe2cc983549fe43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13271
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3DF4 0
0 44ms
44ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CsrJliQp5YfPnKdaPjuwPoe6igAGI6-71ZdzFnvrVDv_LvfzHARABILiK9VdglQLIAQWoAwGqBO8BT9AbdvHdqsXhpRBX1b9yB1AYfmLCgINYpDzt3q9epkfrU25bwriYi6xeb_cMnyUNBYwfqlbqIuefjvqIdjdfKgHxplQetCEVlhwEIBt71FVV8YAB_CXJuebDki-HLsg5JivFn5L-tcOclPgVRPsBRiuJJJZ0VwPnwKJLYf6LETmbnK9UiGgPwDlYXQspNC5lzc41MbtnBm81UL9O6wma_0_Q77EgDlXLJFm0k_FqEmUZks_R0FMnWdveH7dm9O9vkaD5glyhHDHKFBKgx0rbwOVimtv-y2027DOqHRJ4r0S12YjPe04o65geUWJOwoDABN-EwffsA-AEA4gF4dO58jeSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4mR068CqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKENeLYRjTw5O4AdIICQiA4YAQEAEYX4AKAcgLAbAT6cf6DMgTkJvO3gPQEwDYEwqIFDDYFAHQFQGAFwGyFxwKGggAEhRwdWItMTk1NzcwNzcwNTYwMzAwNhgA&sigh=-9SZMCP20Tw&uach_m=[UACH]&cid=CAQSGwCNIrLMMwd6x26CCmBpjCvYxSKBMslDhKrFew&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=2108774078&adf=4050763930&pi=t.ma~as.4651459360&w=370&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=370x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505390&bpp=1&bdt=305&idt=273&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280%2C750x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=995&ady=1173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=CggsXOXkI7&p=https%3A//www.u-pull-it.com&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Oct 2021 08:15:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
DATA 200
OK truncated
/ Frame 3DF4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07a84d7bbbd12f11d037087779b1f36333a80d9ec30d3e7a457bb1e40fa05d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame AFAD 3 KB
580 B 16ms
15ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 07:46:43 GMT
server: ESF
date: Wed, 27 Oct 2021 08:15:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AFAD 2 KB
912 B 15ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:03:25 GMT

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame FF80 43 B
1 KB 63ms
20ms Fetch
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=14662612683&extCr=127832573472-546269510764&cb=1581090544

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Cologne, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mi, 27 Okt 2021 08:15:06 GMT
Server: Microsoft-IIS/8.5
Date: Wed, 27 Oct 2021 08:15:06 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FF80 0
0 50ms
50ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CntffiQp5YdC-KNji3wP3iq7ADdOp2ptlt-zSpsIO2tkeEAEguIr1V2CVAqAB4LnfvgHIAQGpAvZ11puxdbM-qAMByAPLBKoE1AFP0LLCn31w9KmzYBQwnho5GK5S_PnD6FCJpvhieJgu2PTI_zGGGwc0vhq_EMhChp_-w2PGaZj0gfud77tWmbwq2ssmCfEsWN-mBPQKnde9JLmarCN36k_M-6FDSNCgJkNFlazZ83Dfqv2tOsjEuEA-782U4KoY8WC4xVEkRK-uuqOUs59LTG_QWfUtbgd6baXk6525ScKWJUhuLnDsDEu_PxH6hi3FN-E2CQeYoGzw0PCiL3Tj-HH_Qnr2Q8lyQkFosOSzbdbP0C40Ka5TIHeDc-cwVsAEoIypm9wDgAeIxqDBAqgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDm2hjSCAkIgOGAEBABGF-ACgHICwHYEwOIFAHQFQGAFwGyFxwKGggAEhRwdWItMTk1NzcwNzcwNTYwMzAwNhgA&sigh=TJ2Ylb7FybI&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Oct 2021 08:15:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame AFAD 18 KB
8 KB 15ms
14ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:13:22 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AFAD 3 KB
1 KB 16ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:12:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AFAD 120 KB
37 KB 38ms
22ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame AFAD 14 KB
6 KB 15ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:04:31 GMT

GET
H3 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame AFAD 27 KB
11 KB 7ms
6ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 09:36:35 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17366183229394563236/ Frame AFAD 46 KB
46 KB 16ms
16ms Image
image/jpeg 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17366183229394563236/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84a28d0195d44bbf58a00850edd07a14f9dbc6c606e43c87e6544ac5e35702ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 22:47:45 GMT
x-content-type-options: nosniff
age: 34041
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47374
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 09:09:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Oct 2022 22:47:45 GMT

GET
DATA 200
OK truncated
/ Frame AFAD 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame CF25 3 KB
580 B 16ms
15ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 07:47:32 GMT
server: ESF
date: Wed, 27 Oct 2021 08:15:06 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CF25 2 KB
912 B 14ms
14ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:03:25 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/ Frame CF25 18 KB
8 KB 15ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64f935ff5fca279f250a216623f16404cabd9fb67ed5659f0ac089990652e159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:13:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7700
x-xss-protection: 0
server: cafe
etag: 14378044041589781240
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:13:22 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CF25 3 KB
1 KB 16ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
server: cafe
etag: 18061233391346882222
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:12:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF25 120 KB
37 KB 26ms
24ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Oct 2021 08:15:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/ Frame CF25 14 KB
6 KB 16ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211020/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2698e1ed89c87280fe92182e5297140eda834b052703156646719cd5e90fc29a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6286
x-xss-protection: 0
server: cafe
etag: 17196531676875957370
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Nov 2021 08:04:31 GMT

GET
H3 200 9a3fbb06dccc6bd708ce8a7c18eecc3a.js Show response
www.gstatic.com/mysidia/ Frame CF25 27 KB
11 KB 8ms
7ms Script
text/javascript 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a3fbb06dccc6bd708ce8a7c18eecc3a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfb5f646e583b7f7566b512d01ad4fe7a8bb81b83d8225cb31efe8375c1aa7ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 513511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11281
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 08:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 19 Jan 2022 09:36:35 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE05 143 B
163 B 7ms
7ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 07:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AFAD 0
0 49ms
49ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE9G6iQp5YfnqI8T83wOjz5HQAYiT0YNloYerpM4O2uDS4LIBEAEguIr1V2CVAqAB2pH3oALIAQmpAvZ11puxdbM-qAMByAPLBKoEzQFP0FfPi9rW2S138V3YCTMymZ9Ee8RcbmVpMH9XjLyfYWzkdwmPXZnsNg7rBCgOsDgWx6EF1iHNqa_9zamDosxbvBRICFI9CaVad3ulJhkLCbi-58jvlf4rZ59yX0iprqCvIrM6-hrzhUisA6VHqlNuWPp464jXeRaWpfudCq5e6GVV92-uYnTxb1O4BbFheYrQ8pOow4zpllxa63Ocl3gYuJlQWeaHgjs6JLQgLAJdhYDf0tQcZ74hbWHejMoqedqO30swkbT7qEYh8HLtwATblPy91QOSBQQIBBgBkgUECAUYBKAGLoAHju6I3wGoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQuoAU0ggJCIDhgBAQARhfgAoByAsBuBOIJ9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xOTU3NzA3NzA1NjAzMDA2GAA&sigh=WNyNdH_PWF0&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Oct 2021 08:15:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FF80 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaf77c02c1fcb8d4139fd87632a8d4d33309793dcdca585b2a288afabf9d5312

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3DF4 41 KB
15 KB 15ms
15ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211013_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f10.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 09:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 514558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 21 Oct 2022 09:19:08 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3DF4
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r4---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

79ms
16ms

Fetch
video/mp4

74.125.104.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/15BDB231749DE3B743826297FE28B6D7B8A720E5.1B2CD292CEFC158437E1998405B44A6D99D2287A/key/cms1/cms_redirect/yes/mh/lq/mip/216.131.114.84/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1635321628/mv/m/mvi/4/pl/24/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

74.125.104.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 27 Oct 2021 08:15:06 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 10183541
Last-Modified: Wed, 20 Oct 2021 01:45:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 27 Oct 2021 08:15:06 GMT

Redirect headers

date: Wed, 27 Oct 2021 08:15:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/15BDB231749DE3B743826297FE28B6D7B8A720E5.1B2CD292CEFC158437E1998405B44A6D99D2287A/key/cms1/cms_redirect/yes/mh/lq/mip/216.131.114.84/mm/42/mn/sn-2gb7sn7k/ms/onc/mt/1635321628/mv/m/mvi/4/pl/24/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0575 0
0 46ms
45ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxW-ZiQp5YaimI5b33wPDm7hQ3rXy4mSb8rf95wzAjbcBEAEguIr1V2CVAqAB_7-s_wPIAQGoAwHIA8MEqgTLAU_QyUnEa3PV8VVy4wKowx6B3Oy93EylEWkNYxxrQ94x6Ao-CYDi5mEMg9sb8bnMwKo9rzA8APpCUgUXMPUeB0sTtBx-X5vIFG7mbbBpHD-r22BVuk2EZce6oAbkOuov6leHg5h37uHdmZGUcSSsFdkQtaLhKBpUncn_9ynuU-OaWW7rv0QcxsaSPC_zDp-NM45xuKnt7DOg8l1ZLBVoExPbE_rezz22GhE9rNwFqvAZhQMxfaY9NjQBJx2CgFUGtV0-GaDA-ng9gitpwASG9dybqQOSBQQIBBgBkgUECAUYBKAGZoAH6b9TqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPfhe9IICQiA4YAQEAEYX4AKAcgLAdgTC4gUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xOTU3NzA3NzA1NjAzMDA2GAA&sigh=v-evNOL9iBw&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 27 Oct 2021 08:15:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40DD 143 B
163 B 7ms
6ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 07:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0575 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38509c6b8998ac5ddfd62ecd79ba68bc847b06f9b7a503f93b64db52bf185a3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AFAD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f016bd9d5819c74285d68af8086f1ae2879738614d1a0a737fbc501f14a65b8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AFAD 21 KB
21 KB 21ms
7ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 466175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:45:31 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame AFAD 21 KB
21 KB 23ms
9ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 468238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:11:08 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame CF6D 23 KB
9 KB 15ms
14ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Thu, 21 Oct 2021 23:51:44 GMT
expires: Fri, 21 Oct 2022 23:51:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 462202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97E9 143 B
163 B 7ms
6ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 27 Oct 2021 07:43:06 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1920
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FF80 21 KB
21 KB 7ms
6ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:45:31 GMT
x-content-type-options: nosniff
age: 466175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:45:31 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame FF80 21 KB
21 KB 7ms
7ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 468238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 22:11:08 GMT

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame CE0B 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=3845584887&adf=3466629865&pi=t.ma~as.4651459360&w=1130&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=1130x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505351&bpp=3&bdt=266&idt=200&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=247&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=l6ZqGX5UQG&p=https%3A//www.u-pull-it.com&dtd=216

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:14:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EE05
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

69ms
68ms

Document
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame DCF4 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1957707705603006&output=html&h=280&slotname=4651459360&adk=1643172156&adf=697320281&pi=t.ma~as.4651459360&w=750&fwrn=4&fwrnh=100&lmt=1635322505&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.u-pull-it.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1635322505386&bpp=1&bdt=301&idt=256&shv=r20211020&mjsv=m202110200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1130x280&nras=1&correlator=5037794300929&frm=20&pv=1&ga_vid=3661310.1635322505&ga_sid=1635322506&ga_hid=1811602816&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=235&ady=1802&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062423&oid=2&pvsid=926797604323600&pem=807&ref=https%3A%2F%2Fwww.u-pull-it.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=1FXaSWcEOe&p=https%3A//www.u-pull-it.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:14:17 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40DD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

104ms
104ms

Document
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame EDDB 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f10.1e100.net

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:14:17 GMT

GET
H3 206 file.mp4
r4---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3DF4 320 KB
0 31ms
14ms Media
video/mp4 74.125.104.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 27 Oct 2021 08:15:06 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-10183540/10183541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 10183541
expires: Wed, 27 Oct 2021 08:15:06 GMT
last-modified: Wed, 20 Oct 2021 01:45:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 97E9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
62ms

Document
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211020/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 27 Oct 2021 08:15:06 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 27 Oct 2021 08:15:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame C4E6 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:14:17 GMT

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame CF6D 35 KB
13 KB 6ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:14:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF6D 0
20 B 43ms
42ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BNPDQigp5YYq2F-KpmLAP5Z-fsAoAAAAAOAHgBAI&bg=!NTalNnLNAAbUs_yW1LM7ACkAdvg8Wu7YibJHi0xNtG7j-HMtVi7jdyu4o2i2M8p2j0sgmfJ_KlrdlAIAAABjUgAAAAtoAQcKACn6NEC-gH0fDqqoWLErCwgWN77alLPWSkXUno3Ukuea4Uy2eAEkECy38JkCrHqlMyZhRvRu2mv6iAjOLKJD1bYh-rVMWafHFevxKrJ1g-rB0LC75LHf6zMOhN9mxk8wRMRVNW6Jxo0_NWfkf01jqUXFh1blSxrdy8fmRVipaNvyJ061178O6IQXKiJ5IdVjUgqJevhiXwWHWCZ5LMFzuq5VCi-Cre7ZCUM_Gt3rhyiqxMGNTMfHynq3NDIQRt6iHbX44UjlGLg4Z1rTDAHY8hV-Q_EpZJgdD_cVc_PBcT-XEgLuqHiMG4vi8GYKm3mwGY1syQkTsjNn0KNR6uLE5EmjaWt4eO7-HlR7Ljxkdw9DTiYqkx5lVoyTnt_VKmUosvJsejgoKje82UNw7FIuBWvKSt-ZO9CIKj9leJlJT5jackjN5HyKM4KoxclFYMbitUaq5esjr1ihP578YRsvmmi-WZAi9O6VX777y3JRH4kHn4UHhOlnw16Wo1A5uJmSyQxpnrzsPBE5Sv-qLoiGPX5nEqoWyg0oKTA2cvuwkfc9w_X0FC9wxrWouv6S0wEBW7LkKzHodiGFERqWGFoGqbT_Odv7gZERsYnJN7Zi-76aNZ8J7Vqd_RFUBnz2WvZagrPTJqG3Zj3NzkaVsO2tZT-od79eY053eaz8KxoAVVwIYeV7ukGyF56SNikftAu_rfeAwti7CzOU_2mqyrQbHcBe6V4o7Gq1GqAu3FXEBsBDjzJb4D_yfp53ldtT3S5MmBxLHaEKsHEMWtQA6fQCpHYTz81s6_SGQEcerNOuW4LOT4b3AG20-S0uoIkcn355edY6D10x3sZSmQf4jf5qjlB_WGllSj5OsDMZHxDW1s0l04OrcQ4hdUMRFOEMISIxVqf_yf4QJjpJ4Yo6_1Y2dodhiCk2vE5TYAcnZnQ95ZZwkYXR34jaLdti1Kk9b6KY29ZiHteGCEviGw

Requested by

Host: www.u-pull-it.com
URL: https://www.u-pull-it.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 55ms
34ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211020&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s07-in-f10.1e100.net

Software

cafe /

Resource Hash

148b8b786f7171cd290a9ef60faae253d0165581f7d1173849d08c3b719478b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Oct 2021 08:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8672
x-xss-protection: 0

GET
H3 206 file.mp4
r4---sn-2gb7sn7k.c.2mdn.net/videoplayback/id/9a389ce8446ad2d7/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1666858506/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 3DF4 127 KB
0 20ms
19ms Media
video/mp4 74.125.104.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.104.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=327680-

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
x-content-type-options: nosniff
Content-Range: bytes 327680-10183540/10183541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 9855861
expires: Wed, 27 Oct 2021 08:15:07 GMT
last-modified: Wed, 20 Oct 2021 01:45:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 LKQ-Pick-Your-Part-U-Pull-It-Fort-Lauderdale-Inventory-385x221.jpg
www.u-pull-it.com/wp-content/uploads/2020/03/ 32 KB
32 KB 102ms
102ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/03/LKQ-Pick-Your-Part-U-Pull-It-Fort-Lauderdale-Inventory-385x221.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1803331ac1ae7310264f16b1f099e80fb7152e4cfc11fd3f77fdfa230e41dead

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:09 GMT
server: cloudflare
etag: "7f5f-615a2e01-305262;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BXs5JhXBK2UzVSMVYgDbdZvZwdcYDRv4QKpgHRpKg1DXEJe8olTO02te3omtdoVjgbk1FnowVsuPHTTkq5eW2vs%2BAKJnB02A1E1kDjfIoV14DiT4dGM8EGKCvKwcAtwitP7FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a325c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32607
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 LKQ-ATLANTIC-PICK-YOUR-PART-6000-Dyer-Blvd-Riviera-Beach-Florida-33407-1-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 2 KB
2 KB 101ms
101ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/LKQ-ATLANTIC-PICK-YOUR-PART-6000-Dyer-Blvd-Riviera-Beach-Florida-33407-1-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98fc59738581a7df8d5413d21dee9fedb220242d44ae93cf29e8bddd3c99fc66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "789-615a2dff-304837;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wANk6vwi7Q2VDWLjConVyMxhJOrkYcG9ht0b6oKY0L%2B%2FUIhC9AWy%2FH9C%2FmDkFeVhEOH8UOWNuB4LpUovQHkFmfuiIxMeelh7nhsjSQL6LLoWfWB%2FWOMpEMWn3gHyflroNfxurg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a345c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1929
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 LKQ-ABC-Pick-Your-Part-451-Benoist-Farms-Rd-West-Palm-Beach-Florida-33411-1-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 2 KB
3 KB 94ms
93ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/LKQ-ABC-Pick-Your-Part-451-Benoist-Farms-Rd-West-Palm-Beach-Florida-33411-1-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0f48018f5d8a496e151fb7e24002bd01d51775e48f3f6553e857912f11fcb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "802-615a2dff-3048be;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1lZSYqZjZ4o5f%2BNL8F%2FDFb%2FVEaGf07zaSbxcSjqmaPVgtTYT0oUJ8jqBymqsCnB2gMwvjF8g8Bn%2BQZixsh3UH2nLTDjZ560tVrh93ct%2BH0wv2JwDuEkCd1szGqgefsNXVaDZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a365c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2050
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 LKQ-Pick-Your-Part-%E2%80%93-Denver-6100-North-Federal-Blvd.-Denver-Colorado-80221-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/04/ 2 KB
2 KB 57ms
57ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/04/LKQ-Pick-Your-Part-%E2%80%93-Denver-6100-North-Federal-Blvd.-Denver-Colorado-80221-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35fca37817b60e72f52e777a987cedc8cbf8afa78807f18bbcaba7fc032efc25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:08 GMT
server: cloudflare
etag: "79b-615a2e00-304c8f;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCctPm9mZJGCMwmfggJ2Rx1KZ%2F5OKCqhFDXKX2ZVj8mQZvc17MzWQEZqpDQB9nilXqqcZYBPyWe7PJIkuKmqaSvMfoTivq6HyN8ox3OZdpqA8Lds2TZPxmTjOGFsW2xa4yHyNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a385c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1947
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 LKQ-Pick-Your-Part-%E2%80%93-Aurora-11602-E-33rd-Ave.-Aurora-Colorado-80010-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/04/ 2 KB
2 KB 93ms
92ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/04/LKQ-Pick-Your-Part-%E2%80%93-Aurora-11602-E-33rd-Ave.-Aurora-Colorado-80010-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832719a2b492702de18ee3f1a05acf2cbe3741f8e7f00cfa8d4f0c78009c47fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "6fb-615a2dff-304b4c;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIQImMzbOmYv8fXEEAclUYLXzw%2BYMSJyKLlXVWT0SGvPoYLizrW3jy8pPqZNzL6R6jRCqOPjGtRTsXdOMs%2FvTs5XsJGwllyHglf9AWO%2B8hxbhOk%2B7wKI7FUHwIJQa0PeQiyesg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a3a5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1787
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 LKQ-Pick-Your-Part-%E2%80%93-Wilmington-1232-Blinn-Ave.-Wilmington-California-90744-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/04/ 2 KB
2 KB 102ms
101ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/04/LKQ-Pick-Your-Part-%E2%80%93-Wilmington-1232-Blinn-Ave.-Wilmington-California-90744-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff71ef72c3d5249b5cdf00ad11dfaf01920f6890e4a4e319601ce01b53c5c72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:08 GMT
server: cloudflare
etag: "77a-615a2e00-304c09;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6d9QmbQ%2Bekzt1jff9xv4jeJlAEP3ILiR9A7UCUKfe49C05v8yenuS1UmGnk0ToNq9TuqpumZshKeWidIpiEKPCzv8XbIrnDzDqTkIXJHEELhg1xywjBGkV1ZgpH1OwNGvGc%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a3b5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1914
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 Best-Used-Auto-Parts-Junkyards-in-Houston-Texas-385x257.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 24 KB
25 KB 54ms
53ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/Best-Used-Auto-Parts-Junkyards-in-Houston-Texas-385x257.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d8a7ef498fd336004d7f2a4691a0606a66d736fdad20e243eb200b88d82ab3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "61ce-615a2dff-304909;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZceLg2VOnO%2FusW%2Bm%2FfFEbNrs4Iuqo%2BVPptc2MGxoH73xT8C8xijw14SnN4IGrDk4DgWgR7phMD14jkRkNOxi8VaW0mGbif5ycswFJAoEXGfUywpLjNdF4L7qNIl%2BpP%2Be6Edw%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a3e5c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25038
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 LKQ-PICK-YOUR-PART-UPULLIT-FORT-LAUDERDALE-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2020/10/ 2 KB
3 KB 100ms
99ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2020/10/LKQ-PICK-YOUR-PART-UPULLIT-FORT-LAUDERDALE-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 187d646d0fbfbe3eaaef6b16b8c4cfea7c06db887b953da5e4fbf811eb355ff9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:26:07 GMT
server: cloudflare
etag: "84e-615a2dff-304875;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1WoRgc%2BRYuPq%2BHbKBujHJqNoajHPMjbQYs0TkzCdJqNqLA6EocvGjw4i3cxx0ljwb1T6UuSTa028b%2FiCNS70nqcjsIBtrvMYwKuSpHuZkqsE3NFz76rWa4zkcNG%2FKg819UMvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a415c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2126
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 PULL-A-PART_INDIANAPOLIS-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2018/12/ 2 KB
3 KB 98ms
98ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/PULL-A-PART_INDIANAPOLIS-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f0b7b0e4fa443fd16c3c3a2d42cf4094177283c51c596305038990ec27282da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "866-615a2dec-302294;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuafLEPKRKYk7LH1LvLHL2ef7xvtruX76jkOpDkRHX0rWKZn2Lqhf5nN0%2BK%2FXE63aD872SfYuVavllV995%2BstnWYiFvyeDT21yaEafDCHFvfBfCTP9l8KHTf96h9tBqAncBImA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a425c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2150
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 u-pull-and-pay-houston-55x55.jpg
www.u-pull-it.com/wp-content/uploads/2018/12/ 2 KB
3 KB 108ms
107ms Image
image/jpeg 104.21.15.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.u-pull-it.com/wp-content/uploads/2018/12/u-pull-and-pay-houston-55x55.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.15.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d884759d3ded477757e1a0b4bbccaa4ebdf88f83e5dbf1f6aa260f3bbbb9cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 03 Oct 2021 22:25:48 GMT
server: cloudflare
etag: "88b-615a2dec-30227d;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9W18MU1ANzOhB1PUeQjGiEc9ZQqDo5O2FcpXTdV2Q3QUIpFEtBMIRAlYRdtRN1YVtviBcyT3coMgR8NoExq7is8oMZUbOKP4DfDwEjEOtnyWjIXwrdRmnx8skdxHaoSyQPmsQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=43200
accept-ranges: bytes
cf-ray: 6a4a79858a455c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2187
expires: Wed, 27 Oct 2021 20:15:07 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:15:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 27 Oct 2021 08:15:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C2FE 12 KB
5 KB 15ms
15ms Document
text/html 172.217.18.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 27 Oct 2021 08:14:17 GMT
expires: Thu, 27 Oct 2022 08:14:17 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 50
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1922 783 B
536 B 24ms
24ms Document
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

105cef526742f94411ca47bc91b0ae123ca16ed06363d89dcdebfdb377416bdf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1hYn0ZVVtxdiIbWUpx5GzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 27 Oct 2021 08:15:07 GMT
date: Wed, 27 Oct 2021 08:15:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1hYn0ZVVtxdiIbWUpx5GzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1922 0
0 42ms
42ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211020&jk=926797604323600&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js Show response
pagead2.googlesyndication.com/bg/ Frame C2FE 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/DIeR_ChadNgTBsCXk9stWB0bjB2ydD9ZwSTjhZMF6xA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8791fc285a74d81306c09793db2d581d1b8c1db2743f59c124e3859305eb10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 08:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13408
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 13:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 27 Oct 2022 08:14:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211020&jk=926797604323600&bg=!vr2lvfnNAAbUs_yW1LM7ACkAdvg8WoOj51WqIHMylvV2twJ1lFJ1LfE2nRCZdwiNLEwm4s9r9g-dbAIAAABhUgAAAApoAQcKAFlmwBmLe_MEe25xUFHxLMNEpL_lHXtaR46RRYyKr2upVn7iVhbcoUAVMhZY3BjbL2NIKnZ8UE2lhxDqCRU8nB3E_QdzHg695n66HEXEaTsKdwj7q4xFXTYtkJkCii3dMU0z0B2iMeTAJvy9H5OFPmX-RArbHZNKES1DUVJhSJlrrjkpwaFV2QGCEbUirx465Ris_YuFd8ivfyMpwKhcTixqeKbYDB0mmOuEiOvcq1mNJ9iGdsioC2OhI51x11-JjdUY-AwSYXD4iZaBbCI5_iCbI78tBqn204MzXcztIlbFb9BsrNQfSvGw_CGzqXFhirLIR6UfxxvT9yiO0SIHfT6BouSWOjddWskBWfNQ6O2utgxHkc1iHF8y87hnB47LeUEogcd9L3J2lBn2jUVcg2ZaRuMD0NKly0ELUaQB8mnDZBfKe2bK0zw7x3R0MASz9QdwUwdDDnngS3OmLsSkWboxSn_0lsfuHEWWF_FGntI5EYY_eAhSVTo80PkFAuluQ_0NYboq3YV4kDMGwYxSpgXoAvc1ShRpNkolmAkW4r0XCuUIBO6vE6jzxxpARn4zPvOvSlt2WshgHgJuFjKr3Sqe8Xf4Hd26jMhp0DCl8rBekIWWPI7IXmg39vQCw610492bj10wom7Zd-XhEm3qTWVdEMucRU475E9v89nZe4gAmxJzKGKBN9bCTUWIMeyzp_W-m79oqNiX85SIUMzZonxoV7m7EbkFyyDPEQmD5RzTSW-TBDn4Sb3hSfiWzyB7i4qyw5g2-8emmTvGwirJDLGMK5dV9jMYfNFdPZmUNHEoGarRx4NnFAMDxEPfIKhyxgF6AImbCOUOmRMPvLxDpGozXerlLePGAcfLEpJP8ErirxKe8Tj8rllkfDM_WGutkkAqaWJhS1poAl6TpgmedOt1iM5ouGS0XFMaCX3LWVkoDAL18GIWtXsFaAG8mzQ_0dIDVgieR0oYh213-GAAvbxUgcLxz_wv

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.u-pull-it.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AFAD 42 B
64 B 49ms
49ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv435vp4wF7N5uHDB9M3UZb4deuvqF7bEgaIUjwhj9JVa9vWEaLwrL85h6xOnxrNN-4Uowymy4vNIwwRzi4AwLDqeffNaxu5CQcjXLbVbIfE--8XAF4jw&sai=AMfl-YRb6r3Rn5jTXH8NLMR5CvesW8dxc-HsERo5_AQ4t0XEu6fPGdVdIzgh9TA3EK3mV9Az8vadv8XiWNLd&sig=Cg0ArKJSzK2Y7CVViPPOEAE&id=lidar2&mcvt=1000&p=0,0,280,1130&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3845584887&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635322505568&rpt=1035&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Oct 2021 08:15:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0575 42 B
64 B 49ms
49ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaejXQkhmwTKC3PQXgVOVGsVZ2QFK_GR8rj8BuaquFT9rSL7TJtQGd6GpM2JBNXJFQJJ4HRhPxwergsTFnkYrK0plV1UKi3FlCcapgW7WM-WFv8e2gag&sai=AMfl-YTBaHZ2-v_wzGVWYYxPuTsFm0mInAvHDgJobJIjb1Gmdv4ywBOdG1t2lkcB_MLoWAJxsC63CGvGAYz_&sig=Cg0ArKJSzNYjw1WRk1EiEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=88,759,1000,1005,1005&tos=88,671,241,5,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635322506254&rpt=385&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS