www.erweiteredeinwissen.de Open in urlscan Pro
89.107.184.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.erweiteredeinwissen.de/
Submission Tags: @phish_report
Submission: On October 08 via api (October 8th 2023, 12:08:00 pm UTC) from FI — Scanned from DE

Summary HTTP 153 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 23 domains to perform 153 HTTP transactions. The main IP is 89.107.184.138, located in Germany and belongs to TELEMAXX, DE. The main domain is www.erweiteredeinwissen.de.

This is the only time www.erweiteredeinwissen.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	89.107.184.138 89.107.184.138	12843 (TELEMAXX) (TELEMAXX)
43	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8 10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 7	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
12	78.46.23.46 78.46.23.46	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
3	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	13.43.154.56 13.43.154.56	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
4	23.56.205.163 23.56.205.163	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.47 18.239.50.47	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	46.4.10.47 46.4.10.47	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.56.171.192 52.56.171.192	16509 (AMAZON-02) (AMAZON-02)
4	138.201.84.245 138.201.84.245	24940 (HETZNER-AS) (HETZNER-AS)
1	35.156.64.200 35.156.64.200	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
153	31

24 89.107.184.138 (Germany)

ASN12843 (TELEMAXX, DE)
PTR: xa0.serverdomain.org

www.erweiteredeinwissen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.27.193 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.215 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal900011.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.130 (France)

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.43.154.56 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-43-154-56.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.56.205.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-205-163.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-47.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.4.10.47 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.10.4.46.clients.your-server.de

hal90002.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.56.171.192 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de

hal900025.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.64.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-64-200.eu-central-1.compute.amazonaws.com

t23.intelliad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	459 KB
25	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 187732 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 286096	78 KB
24	erweiteredeinwissen.de www.erweiteredeinwissen.de	578 KB
23	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 41903 hal900011.redintelligence.net — Cisco Umbrella Rank: 386054 hal90002.redintelligence.net — Cisco Umbrella Rank: 364733 hal900025.redintelligence.net — Cisco Umbrella Rank: 345434	353 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	4 KB
6	gstatic.com fonts.gstatic.com	88 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 261	4 KB
4	awin1.com www.awin1.com — Cisco Umbrella Rank: 18074	3 KB
4	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 51750 medialead.de — Cisco Umbrella Rank: 51384	2 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 118 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 33897 api.webgains.io — Cisco Umbrella Rank: 91885	18 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1584	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 547	418 B
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164332	6 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	154 KB
1	intelliad.de t23.intelliad.de — Cisco Umbrella Rank: 145417	557 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 354180	401 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 109006	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 59583	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 270642	931 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	610 B
153	23

	Domain	Requested by
32	pagead2.googlesyndication.com	www.erweiteredeinwissen.de pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
24	www.erweiteredeinwissen.de	www.erweiteredeinwissen.de
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900011.redintelligence.net hal90002.redintelligence.net hal900025.redintelligence.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	hal900025.redintelligence.net	hal9000.redintelligence.net hal900025.redintelligence.net
4	www.awin1.com	googleads.g.doubleclick.net hal900025.redintelligence.net
4	hal900011.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900011.redintelligence.net
3	hal90002.redintelligence.net	hal9000.redintelligence.net hal90002.redintelligence.net
3	fonts.googleapis.com	hal900011.redintelligence.net hal90002.redintelligence.net hal900025.redintelligence.net
3	pv.medialead.de	hal900011.redintelligence.net googleads.g.doubleclick.net hal90002.redintelligence.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	8019191.fls.doubleclick.net	1 redirects www.erweiteredeinwissen.de
2	cdn.retailads.net	1 redirects futalis.de
2	adservice.google.com	5994599.fls.doubleclick.net 8019191.fls.doubleclick.net
2	www.googletagmanager.com	adv.office-partner.de www.googletagmanager.com
2	5994599.fls.doubleclick.net	1 redirects www.erweiteredeinwissen.de
1	www.google.com	tpc.googlesyndication.com
1	t23.intelliad.de	googleads.g.doubleclick.net
1	futalis.de	hal90002.redintelligence.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	medialead.de	1 redirects
1	track.webgains.com	www.erweiteredeinwissen.de
1	adv.office-partner.de	hal900011.redintelligence.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
153	33

This site contains links to these domains. Also see Links.

Domain
www.kreisimkerverein-paderborn.de
de.wordpress.org
de.support.wordpress.com
support.google.com
www.facebook.com

Subject Issuer	Validity	Valid
www.erweiteredeinwissen.de R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
pv.medialead.de R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
adv.office-partner.de R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.futalis.de R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.intelliad.de Thawte TLS RSA CA G1	`2023-07-31` - `2024-08-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 26 frames:

Primary Page: http://www.erweiteredeinwissen.de/
Frame ID: F3E4382EA64395247995EC90E962DFC8
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 1C0FC39945910C443327FACE8DAD0992
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286
Frame ID: 6F8AD0F08FB27786360E582848214175
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Frame ID: D1895A207878FBA2917C1A9C3E2F1E69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335
Frame ID: 153A7D7D84D87A5D8F03FE834F2727FE
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&adk=1812271804&adf=3025194257&lmt=1696759676&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1696766875820&bpp=2&bdt=294&idt=321&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280%2C300x600&nras=1&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=12&uci=a!c&fsb=1&dtd=339
Frame ID: E14E5CDC50BDA3789A06F5C19B967362
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUAPxGGgchiwvRATwUFA9f2IizDXvKOdTl7su8MQ6B5JLFqHh6tjRS_P9VvrMEo8gZVRCIf89xvh9HMc_i-ohsK6qatoMPTaYmQ9d5YtRFdKIQRRJ0ixU3U3ptXHmrZm5rfkbci6G9y8H_Xpcm43vB2yyRP-1paXCc7XiruYuqzGp9bUIo
Frame ID: 71FF7311B748D56084ADF9998CD9D077
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7C4C86733390FE90BA2C17FEBC3AF0EA
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ADA29B801F0C19BA8CF00768A99A0902
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A7229FDF731A572020238FF61D4E7069
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: D784E9808CEDFEEC8FC237C2B5B48B07
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936
Frame ID: D24CDD2E3B582419C8A23559534559AB
Requests: 2 HTTP requests in this frame

Frame: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
Frame ID: 1BECB51E34513091CA9369C5A2FDC02E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUHH2eLnE1AEUZfblfT5CqsgXkl4iLUKpaT6JxYR47k-KvYvJMHKiBk_05TrOuApzdXzrMY5N7wiOijknj9JFPur9gUOw3-MBsuZF3FVzbSvqc-WT-to_CBQZBBzOW6UcbzFgw_1Aa_oMGKfp9ss3Z4KBz1FzsGC4KdpJPQN8IQlqgEs5w
Frame ID: 2E8403F54DC24BB1ABFB7B095A012477
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7A2C7B3AA068BD71D48B7B1D25EBDB2A
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C5290FD819FD75E41A162D77464B51B5
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3171492383
Frame ID: 70215537B76CF9392F05D6EA8885F53B
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=59647800060621104444994012471002&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: D63499B36745EBE65FA8EBB7B655E005
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001
Frame ID: D3E3BAEC72712C30602D7EC5BF19A4CE
Requests: 2 HTTP requests in this frame

Frame: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
Frame ID: E178460B8835EC16E0DEA1185EA0B3A4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUEtxxLMr6yhioajkN0l6gjlOICAqjDTLTaS3bMNtUeRjqN-7EzO_ZSkrNLf-J-wN0qULvGXLIuKuF_FEfq_Iqo0kXQUay5m66xHKeL1Le9d3MFjak21Dxx5BtMzlwZCP_jCTV_y0ZBTskKsZ4zF3Gjx_pzAn191E5x9Z0ooW9HfMjz5_s
Frame ID: 9EE6ED2650C7ECDE6F982764D7C2011B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9B5CACC42A9E04EDEB704A79366C12DC
Requests: 3 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2329635&v=16160&q=356171&r=296283&pref1=88085700049203304444978012471025&pv=1
Frame ID: 88617C8A0B662FD5B67BA092203A948A
Requests: 1 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Frame ID: ED53E91F2D87081FA83C4FCB87925D92
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CDC47CAEFF49744F5D5B7153F5FA4790
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 46A34AD82F940583559F3EB25C12AF48
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Erweitere dein Wissen - Alles das, was du wirklich wissen solltest!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

153
Requests

77 %
HTTPS

35 %
IPv6

23
Domains

33
Subdomains

31
IPs

6
Countries

1924 kB
Transfer

3998 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.kreisimkerverein-paderborn.de/
Title: Imker im Kreis Paderborn

Search URL Search Domain Scan URL

URL: https://de.wordpress.org/
Title: Stolz präsentiert von WordPress

Search URL Search Domain Scan URL

URL: https://de.support.wordpress.com/cookies/
Title: Zur offiziellen Webseite

Search URL Search Domain Scan URL

URL: https://support.google.com/analytics/answer/6004245
Title: Zur offiziellen Webseite

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policies/cookies/
Title: Zur offiziellen Webseite

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

Request Chain 44

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSKbnN5bJ398c1qYfo1iuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1

Request Chain 46

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D

Request Chain 54

https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 59

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936

Request Chain 61

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

Request Chain 80

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSKbnN5bJ398c1qYfo1iuQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

Request Chain 81

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1

Request Chain 82

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D

Request Chain 96

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=59647800060621104444994012471002&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3171492383

Request Chain 98

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIitsd2ukkDoM79iGZRQ1u0&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEP1pN1gSH79aA3fuZclnne4&google_cver=1

153 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.erweiteredeinwissen.de/ 77 KB
23 KB 245ms
183ms Document
text/html 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx / PHP/8.0.29
Resource Hash: df751bea5f361bbb78b39cce1838a561bdbe9544606bfa091e7ee9788e04a65f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 23477
Content-Type: text/html; charset=UTF-8
Date: Sun, 08 Oct 2023 12:07:55 GMT
Link: <https://www.erweiteredeinwissen.de/wp-json/>; rel="https://api.w.org/"
Referrer-Policy
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/8.0.29

GET
H/1.1 200
OK selection-sharer.css
www.erweiteredeinwissen.de/wp-content/plugins/selection-sharer/css/ 7 KB
3 KB 23ms
14ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/selection-sharer/css/selection-sharer.css?ver=0.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: bdf601f8148de797c84344e7c3b5bab384c195b7c7ac227c27cb0e05e491edc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Fri, 09 Sep 2016 19:47:43 GMT
Server: nginx
ETag: "1a62-53c186b70f5c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2646

GET
H/1.1 200
OK style.min.css
www.erweiteredeinwissen.de/wp-includes/css/dist/block-library/ 102 KB
14 KB 29ms
20ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Wed, 09 Aug 2023 07:33:05 GMT
Server: nginx
ETag: "19824-602787d828d1c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13841

GET
H/1.1 200
OK dashicons.min.css
www.erweiteredeinwissen.de/wp-includes/css/ 58 KB
35 KB 35ms
25ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-includes/css/dashicons.min.css?ver=6.3.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Thu, 15 Apr 2021 11:59:02 GMT
Server: nginx
ETag: "e688-5c00196ea2c38-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35730

GET
H/1.1 200
OK plugin.css
www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/css/ 38 KB
4 KB 46ms
35ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/css/plugin.css?ver=6.3.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 33d25acdc309b65d9e9765c857336bd5778c4863ae22eb45b0fa7296bbead21b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Tue, 11 Oct 2022 19:32:46 GMT
Server: nginx
ETag: "983f-5eac75739febf-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4188

GET
H/1.1 200
OK font-open-sans.css
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/ 12 KB
1 KB 47ms
36ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 5413b9abd9873717a33c3e8e2e62e451aa24fa3169ec2abd6b65b9ba1d6400cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "31ac-5fbaa7ceb7726-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 930

GET
H/1.1 200
OK style.css
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/ 37 KB
8 KB 52ms
41ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/style.css?ver=20230328
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 204cbf4250c91f3763248a0bfedc11ba38f22ce2522734e16c55dde9be2b866a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "93d8-5fbaa7ceba606-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8253

GET
H/1.1 200
OK blocks.css
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/css/ 10 KB
2 KB 53ms
31ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/css/blocks.css?ver=20230213
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: f8c3a6e7ebd68b4425f7a3978b12d453b0dbf95d7232469f47a63969d42e99f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "2962-5fbaa7ceb7726-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1872

GET
H/1.1 200
OK jquery.min.js Show response
www.erweiteredeinwissen.de/wp-includes/js/jquery/ 85 KB
30 KB 64ms
27ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Wed, 09 Aug 2023 07:33:05 GMT
Server: nginx
ETag: "155ba-602787d85c93c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30343

GET
H/1.1 200
OK jquery-migrate.min.js Show response
www.erweiteredeinwissen.de/wp-includes/js/jquery/ 13 KB
5 KB 135ms
87ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Wed, 09 Aug 2023 07:33:05 GMT
Server: nginx
ETag: "3509-602787d85c93c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4872

GET
H/1.1 200
OK tarteaucitron.min.js Show response
www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/ 92 KB
15 KB 134ms
86ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/tarteaucitron.min.js?ver=6.3.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 75a67cef5c9d66090b657e56c2fad7cb73592ba027517662dbd57bd49e2cf33b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Tue, 11 Oct 2022 19:32:46 GMT
Server: nginx
ETag: "16e3e-5eac7573a1dff-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15075

GET
H/1.1 404
Not Found 250x960_header.jpg
www.erweiteredeinwissen.de/wp-content/uploads/2015/04/ 2 KB
2 KB 229ms
228ms Image
text/html 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.erweiteredeinwissen.de/wp-content/uploads/2015/04/250x960_header.jpg
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx / PHP/8.0.29
Resource Hash: d3efbf11b592bc6d9b147fc08997b0d7eec4c5814bb6ea75ab90cb41b200c208

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Server: nginx
X-Powered-By: PHP/8.0.29
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Link: <https://www.erweiteredeinwissen.de/wp-json/>; rel="https://api.w.org/"
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 broetchen_by_kai-Stachowiak_pixelio.de_.jpg
www.erweiteredeinwissen.de/wp-content/uploads/2015/05/ 122 KB
123 KB 101ms
52ms Image
image/jpeg 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.erweiteredeinwissen.de/wp-content/uploads/2015/05/broetchen_by_kai-Stachowiak_pixelio.de_.jpg
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: fb7951d13336ff6007ed34dba0b4e63ed5578859a4cff06914c2fdd140253ebd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:55 GMT
referrer-policy
last-modified: Mon, 25 May 2015 14:08:58 GMT
server: nginx
etag: "1e99d-516e88d09b280"
content-type: image/jpeg
accept-ranges: bytes
content-length: 125341

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
54 KB 67ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62dac85168cb5b86259e99da94d9e849f560875cbd8b6d1e92384d6054773873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 54773
X-XSS-Protection: 0
Server: cafe
ETag: 6785210705899859144
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600, stale-while-revalidate=10800
Timing-Allow-Origin: *
Expires: Sun, 08 Oct 2023 12:07:55 GMT

GET
H2 200 brotmix_by_angieconscious_pixelio.de_-e1432563100223.jpg
www.erweiteredeinwissen.de/wp-content/uploads/2015/05/ 94 KB
94 KB 16ms
15ms Image
image/jpeg 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.erweiteredeinwissen.de/wp-content/uploads/2015/05/brotmix_by_angieconscious_pixelio.de_-e1432563100223.jpg
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: d3d7dee54876baaaec926d3b42b27a2f7d60d4ca11e30116a9ac684704c6f14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:55 GMT
referrer-policy
last-modified: Mon, 25 May 2015 14:11:40 GMT
server: nginx
etag: "176b4-516e896b19f00"
content-type: image/jpeg
accept-ranges: bytes
content-length: 95924

GET
H2 200 bienenhilfe_warbe.jpg
www.erweiteredeinwissen.de/wp-content/uploads/2015/05/ 148 KB
148 KB 15ms
15ms Image
image/jpeg 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.erweiteredeinwissen.de/wp-content/uploads/2015/05/bienenhilfe_warbe.jpg
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 99efce4c542b9e28fafd4f80eef335818be68c6053c2746ec3d8358a6e804d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:55 GMT
referrer-policy
last-modified: Thu, 21 May 2015 23:59:29 GMT
server: nginx
etag: "24e47-516a055865a40"
content-type: image/jpeg
accept-ranges: bytes
content-length: 151111

GET
H/1.1 200
OK navigation.js Show response
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/js/ 2 KB
978 B 12ms
12ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/js/navigation.js?ver=20141205
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "610-5fbaa7ceb9666-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 656

GET
H/1.1 200
OK selection-sharer.js Show response
www.erweiteredeinwissen.de/wp-content/plugins/selection-sharer/js/ 9 KB
3 KB 12ms
12ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/selection-sharer/js/selection-sharer.js?ver=0.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 04ea9714d2e845a02edcf1e3fafb76025674c880b42fa902f48f76b2d21ef045

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Fri, 09 Sep 2016 19:47:43 GMT
Server: nginx
ETag: "2276-53c186b70f5c0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2772

GET
BLOB 200
OK b830ebb4-d247-46c1-aee0-82f88448c270
http://www.erweiteredeinwissen.de/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://www.erweiteredeinwissen.de/b830ebb4-d247-46c1-aee0-82f88448c270
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK open-sans-latin-400-normal.woff2
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/open-sans/ 16 KB
17 KB 19ms
19ms Font
application/octet-stream 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/open-sans/open-sans-latin-400-normal.woff2?ver=34
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Request headers

Referer: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Origin: http://www.erweiteredeinwissen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "4164-5fbaa7ceb86c6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16740

GET
H/1.1 200
OK open-sans-latin-700-normal.woff2
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/open-sans/ 16 KB
16 KB 16ms
15ms Font
application/octet-stream 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/open-sans/open-sans-latin-700-normal.woff2?ver=34
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72

Request headers

Referer: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Origin: http://www.erweiteredeinwissen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "3ff4-5fbaa7ceb86c6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16372

GET
H/1.1 200
OK open-sans-latin-400-italic.woff2
www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/open-sans/ 17 KB
18 KB 16ms
16ms Font
application/octet-stream 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/open-sans/open-sans-latin-400-italic.woff2?ver=34
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31

Request headers

Referer: http://www.erweiteredeinwissen.de/wp-content/themes/twentytwelve/fonts/font-open-sans.css?ver=20230328
Origin: http://www.erweiteredeinwissen.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Referrer-Policy
Last-Modified: Sun, 14 May 2023 17:15:42 GMT
Server: nginx
ETag: "459c-5fbaa7ceb86c6"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17820

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.erweiteredeinwissen.de/wp-includes/js/ 18 KB
5 KB 13ms
13ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Wed, 29 Mar 2023 19:34:52 GMT
Server: nginx
ETag: "4904-5f80f11eb4240-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5039

GET
H/1.1 200
OK tarteaucitron.css
www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/css/ 16 KB
3 KB 15ms
14ms Stylesheet
text/css 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/css/tarteaucitron.css
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/tarteaucitron.min.js?ver=6.3.1
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: e4c72ab605ac9da28fc1b921b62a0b19b6f67f3aa1725dccfffa3164e3342220

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Tue, 11 Oct 2022 19:32:46 GMT
Server: nginx
ETag: "40ab-5eac7573a0e5f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3260

GET
H/1.1 200
OK tarteaucitron.de.js Show response
www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/lang/ 3 KB
1 KB 13ms
13ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/lang/tarteaucitron.de.js?v=323
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/tarteaucitron.min.js?ver=6.3.1
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: 219e090bf9d7dc675781afdde55227697683a45391a8f8ea47e94127e7d146d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Tue, 11 Oct 2022 19:32:46 GMT
Server: nginx
ETag: "b9f-5eac7573a0e5f-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Content-Language: de
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1184

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f31df3545a3dbd5c6f919c99ecb73f9e1837f1d987917093a68a84f2ac3107a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2caa0ed2d3622d9969bf2ffada067adc6194aed5d87ed36ca352b313d5c54910

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 376 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 399f8348cc63a4853d4ff0536a5e7ec0f3c1e7fb6ab5d837db6ea4858b872f4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK tarteaucitron.services.min.js Show response
www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/ 24 KB
6 KB 12ms
12ms Script
application/x-javascript 89.107.184.138
TELEMAXX

General

Check archive.org

Show headers Download Go to

Full URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/tarteaucitron.services.min.js?v=323
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/wp-content/plugins/dsgvo-all-in-one-for-wp/assets/js/tarteaucitron/tarteaucitron.min.js?ver=6.3.1
Protocol: HTTP/1.1
Server: 89.107.184.138 , Germany, ASN12843 (TELEMAXX, DE),
Reverse DNS: xa0.serverdomain.org
Software: nginx /
Resource Hash: cb292bb777ce1cfe4bb7f7408d99f7d51b349787b93fad205cad054441cbb4c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:55 GMT
Content-Encoding: gzip
Referrer-Policy
Last-Modified: Tue, 11 Oct 2022 19:32:46 GMT
Server: nginx
ETag: "5efc-5eac7573a1dff-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5420

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/ 391 KB
133 KB 113ms
79ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9373112202773231&plah=www.erweiteredeinwissen.de&bust=31078673

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71b6ed25cbee72506b12b1666a5975bd441a234521b1174bedf721744d48b00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135753
x-xss-protection: 0
server: cafe
etag: 12139110959250032945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 1C0F 10 KB
5 KB 32ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84087
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Sat, 21 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 411 B
610 B 43ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.erweiteredeinwissen.de&callback=_gfp_s_&client=ca-pub-9373112202773231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9373112202773231&plah=www.erweiteredeinwissen.de&bust=31078673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1038fae229162658e6794da1b9c6af276167b75fd66e5a4fe09e416beb73f1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F8A 28 KB
11 KB 969ms
968ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13a64337e67f32b34a04330ed1b646e6d53ef6c7ababbf140f18a5e78713585a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Sun, 08 Oct 2023 12:07:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D189 29 KB
12 KB 548ms
548ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0c4c7d61e19c284d77fa6fc073e930d8ed2113e6065a43d8543226e41c12993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11631
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:56 GMT
expires: Sun, 08 Oct 2023 12:07:56 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 153A 24 KB
10 KB 1520ms
1519ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e502d0f6d247686918ddf77c79bc8d65599af36db83b6db035c973bd9bfd1275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10712
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Sun, 08 Oct 2023 12:07:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E14E 0
19 B 224ms
224ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&adk=1812271804&adf=3025194257&lmt=1696759676&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1696766875820&bpp=2&bdt=294&idt=321&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280%2C300x600&nras=1&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=12&uci=a!c&fsb=1&dtd=339

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:56 GMT
expires: Sun, 08 Oct 2023 12:07:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=tarteaucitronAlertBig&cls=tarteaucitronAlertBigTop&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 71FF 624 B
246 B 55ms
54ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUAPxGGgchiwvRATwUFA9f2IizDXvKOdTl7su8MQ6B5JLFqHh6tjRS_P9VvrMEo8gZVRCIf89xvh9HMc_i-ohsK6qatoMPTaYmQ9d5YtRFdKIQRRJ0ixU3U3ptXHmrZm5rfkbci6G9y8H_Xpcm43vB2yyRP-1paXCc7XiruYuqzGp9bUIo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:56 GMT
expires: Sun, 08 Oct 2023 12:07:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7C4C 89 KB
31 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:56 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7C4C 3 KB
2 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 578
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 11:58:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7C4C 20 KB
8 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81256
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C4C 187 KB
59 KB 60ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4C 42 B
63 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AA9FpGYmVugohuNv94s0hnimcpcfCd44IXYUdeP6YiRp9N9CFO5Pnb6CxmHeJuVjXzvq8KWo5uYx1dDBdKEIXpA-kusTMCW9n3XaaX1r23RJxdfT4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4C 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3480415348921846463&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 71FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

43 B
342 B

28ms
28ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUAPxGGgchiwvRATwUFA9f2IizDXvKOdTl7su8MQ6B5JLFqHh6tjRS_P9VvrMEo8gZVRCIf89xvh9HMc_i-ohsK6qatoMPTaYmQ9d5YtRFdKIQRRJ0ixU3U3ptXHmrZm5rfkbci6G9y8H_Xpcm43vB2yyRP-1paXCc7XiruYuqzGp9bUIo
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OiCurbt7qgwGV1JamzAkxdfGy%2BinY%2FS0S8OWXA0nA%2FUrpnDaaRjsK%2FdUgxVn7jtbHRQkC9OaT9I4Vmo5%2BXf18LS9uZ%2B2ktexvKrDfG%2FVI2BBnoBLWmFTHEu6XOsHRJn7IQVEbLUj26u1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812e44340e8918e4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 71FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSKbnN5bJ398c1qYfo1iuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

43 B
767 B

56ms
56ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUAPxGGgchiwvRATwUFA9f2IizDXvKOdTl7su8MQ6B5JLFqHh6tjRS_P9VvrMEo8gZVRCIf89xvh9HMc_i-ohsK6qatoMPTaYmQ9d5YtRFdKIQRRJ0ixU3U3ptXHmrZm5rfkbci6G9y8H_Xpcm43vB2yyRP-1paXCc7XiruYuqzGp9bUIo
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdARHm3C2FvhyIofdtnrRKif0H8W09u4hkh8wyiNKsv0DJEIWTu57En6K3n%2F5TIg6u4yfcq5x%2FnXmSiKER3ZIUepUzOOGJ4TbroXYpc4FeoF4e9%2FqOUkNpUhOuiuPDLUeMRcDVw8r0txAw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812e4434494ebb47-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 71FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1

43 B
840 B

20ms
19ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUAPxGGgchiwvRATwUFA9f2IizDXvKOdTl7su8MQ6B5JLFqHh6tjRS_P9VvrMEo8gZVRCIf89xvh9HMc_i-ohsK6qatoMPTaYmQ9d5YtRFdKIQRRJ0ixU3U3ptXHmrZm5rfkbci6G9y8H_Xpcm43vB2yyRP-1paXCc7XiruYuqzGp9bUIo

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
an-x-request-uuid: 760d2b0c-ed8a-4724-b1c4-63320008a1aa
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.202; 80.255.10.202; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 71FF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
an-x-request-uuid: 9d0b1576-3a25-42fb-a691-458e13d67645
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D
x-proxy-origin: 80.255.10.202; 80.255.10.202; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4C 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6350241604943&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4C 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6350241604943&version=m202309260101&ct=77&x=1&cor=3480415348921846300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C4C 16 KB
12 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axe4L5ID_DRVE9Ld5XzkTCjBHoP56FuaU8jU02P6M2eGkYbWqc3E9v29pFiZQVnRh20kAVJ7e3HoLXfna_oYgBVl_F4r7ZBuBLVRReJRgKEyuo5ucCxENi7ZrgtPxxxTmgZe1OVfjK_hQ-KKVPcJJ5J-dF6cu96fiJ4od2oHIWemgrrLk&cry=1&dbm_d=AKAmf-DxX5ggBoAu-8MaQaiO7d2CP227BQUS5P3t9jQyYdJ9Gz9GJtNkvCuz_-5ZDYN0aynXKTRUw0TnGDZqR4fBSwjUvJBuPgdt6ZewauFqFid5lC3J9mCBfBoBAN8VxNbjhK8E0jjBiziJ9BGG8SAELEQIpry_ck34XdrvCCqrSIDOpy2waI7iurLSqKWQPVl7jo_jTkBuiVEoYhAgM_BV3TY1DydPyitXIX5h_wod2VQ7sTliZxjbcJEDo-WhlmbsKP5-1aWqd__VeL7tcEzivcN7hyf6vzg1tN7DvwOHtuuKbLSCt1ZM_wSXus4U1o0o1wo3pSA5EOvJVVB1wDRCBjraG5OBZCqgp6sL1JqXURJl_Eagu1Y-Cf6swu7Eciv_kFAYXa0eY6jK4t52ae9KrWlJ50C09i-aBq4gepcSR3-M5ve6IKXReGnIEln-IrJAHVn5O5jcWvbfdqeaJiJNekdsi1yyNeHGZ-Zq8eVRzuHcChbIhBkBZiEf2Wyn_0nYPTt2nIHFXigZHWHkDSkGOEd1zWXSJhdTtwQlyWSL3u6GEojK4CFV4nl0zKS8F4iNOjN07DE78b7XGgm2SXcEC7zQQykOFXB-2YmgEQRQnOnuCfK1D5u96UqLM-E7ZkenozzJbqXB-mPKo-eKsNibzhNHqeOxBbbkyQsfPekx8zY-_ZnooKys6cRtm8REGp0jd_drcK8Q4Kk0Kie0lX5GyerkmcbjrPqe8fi0iLFIMSCh551wMZSg85SflXIId2T64kQhgpe37dO9NsbBvCr8AABYmFai3KqDpK-QTjj1qsSe6kYnuGf6sq70W_UCi-DCHuxuZf-Ds3pKAoyp7sAkv4DVirvvICIJG6ekVOag0eWqbsJsN7tfZlPpDIEKkT9MbG6z45823DY_UUCHfWhyqf9fDhUgDHp5sE_4tQmc5QSXGRTKcunLrPL2W_9KkBYuTyyZzno3PofMoWzcEmnVFe9p-i_D3Q05_kJM7fLnhYGCU1BHX7gN0on3b1FkNWU12BwBousbipeF_eNHxNrnq3BRB3jSyYIVu-D6mpxxy6A-defTbVq1c-T-Xs88hr78KuzUpTRRI5wHYGEuDHN15pylTuVf6IhDEPoqu_E2ahaBw9aGXI4tDAbXaA6xyc2S9on8tOrY4V5m6z2oC8cbxj4EWyOcGsrHrpvqTkVihE94j-9uVZXoKPu7eV36Ab_SxZPNkNtf65BYMqda5YAaZMUBRMIQCM7ngbeus2E3_YXnDaORDZamjR7LBngxjncg7h1fsMY5B4TwYkobxlG27a9t20Zn4Q7iqpp5wPY6U-1LFYQzwufNwE_iCdLLt9AGJQ2oMK1zi71K9IKdqhv9xnjHYhpKyDn9DpwIi-r_LvlqxU_G1-QK_ANdvHfbebzmLYrVGt_9YLR9tA7ZqTGT9QP3REnF3ScS9PWslvHCXJH-OwRTPQ4rkcLSpRiPIMYkv-0Wb71SgtHSzfcD0C81ICnETdfiYVjhnzUjaDzPnR5jsMjawuprsJ5YJutibsqJ78uFhQFjXWKUdak8WGvUKL9MUzTsfynFl92OMteeqDZJyTC0r8MIVFmGfPT-7QQdZVj0J0V2VuzvfUYpEfLdxNyg4hRM_70Zm3yPwgqNZXnnJVfkSX3nQb9F6yRGcLHq0K4le_XJkQmuhroCTWcZQgAcImgqsUx0SJ1j2MWraRqAOq0AT3_tBqIav2_V02N4DGf0y71wxbhdlx5R7njKGAN-QRaYkg2ltxy5k2cojCngKuYMS68cZkoDbUI1MLgOnUke4hmVAM5GMXy9FfPKGbGjhhkEX59r9hgVbfum0J5oUQPZg3kWaBRUENjuxF9gCyy2tdYYZGZcBoPKfYEqNBmlNr05Y9hf-CHIwKdnecZJ6YNFBDgS2t8oeDOI9ApBFeCr2cdlX0QmOy8mKu3q3bBGlKzLuIgQYzoiJoSEAn0O9efLNmk2HHpkFWj6x_Ad4kjlZavFIABznrmpP5IA4PezcGmSG8YjRR7rHt48XOk-vZYN4cSSN05FEGWg79z2t-K8PuoCE8tU41cat9NqgphEcbqvCWTw1XbWY3J_oUWt06KH1Sm0_J6rXxv7mK1h-ANqO_ZnlBLhr2wntqYvOlsg6CR2_QeJIjFq_stsTqkmCDxyY9N-xXJCZvXWyXX2LKCK9mTz7LDOZIMiWZ0BMMC1QtpQqpgRbU1iNLrQlRmyjYuQ0-bDUnzAgW8q8TYfNF5TMwYTorD35OG91xDkYPkKETIjNjlyD3RkMqYIST4_cpzybr0e1lE1LClPC6pKiPMBHmurIRrrscXXiE8Vc4RHK6Wyn7ZCg-f-zGECMD1dXsk40K7FRhwepFPzpHXRTFaOByF8IULB2CIQi9OsQlxHEccWScXwDjGe1HyDigv3wwMUQjW2Mj3N2hiMbk_gFfollWxcyl-R6Pt-Yw14pstfHbRAmZ0nEAy60mwQXdlELwuEInLF6VAqyPSEy6tWlYC3F4LnpWBnZQIicDxuWSnxspbrGxYuEUZYbgxzECsHAE7FywTCTwFFAIpnCfFcwibbCGSmiVlpLcVe6pwPamUIHol7suBX4rlf7ooLprAJXDLpCubWC4tPTYAmU7XK5RXaAT8umdko4Yf1BGNIMBYS2MIMxTk2g2I-_SZTeV4fMou8ny0aKF08gfa77y3T1uyC096l7NYOD9w5y4ox5dHTLOLqDPUblyxjxCmUpp60qxFZDWI8eA1_u7mNJXdP-LspuqsNWz0GnvHFbv-X3AKZu8GhxdJcaOMO4QDAIBz9riVcdxjxnr6BRCT79GMDVzaPAt7JWhSLIUZGYVU6TUMIXAWaJyMBKbqp0dunzx1-CeX6MQOTeRyyNYTf0-jv7TrJDePi0lCLcQFHuP2Y3qGscKrPLQSSioQxMZpEam2rz5mzaIZq7I1mTTBa2iMWpBWGgGZUe2gh-BbDP8VZSdY88ZWqn1P5eJGBeNMBmsV2QKW1H5NIIPyW8_oMkvROZ4hNIr7iCedG-7HBtU6jINoO8WRkVlNUaZtNsAVf6zrbXgfxql30pUUt8QIxRorlIVUhig-AvKJ3QISLm6yfai2vfAhUYgyozEJcMS2zXYw2sWoiVlbUT2-OWJk0S3awXVgHYunYRIeu9VL8bMi2AGPALCLUtZc7QmdreTLEgVwpn-kIbRj3h2S4nXGIEHqQmgPCQGgmc_zhAgo8NEmEl-S1zyQCqVkgktXAkZxaJGazBIXph-lijSLz6M8Hah4chVf_a9XEi0bCjnpqLdnCcD68TXbG3E1aS0kKGoF-ntQeSsYDMh4T1vuz03wt1GRA0Eq5_lgM4zWoxVklZmD8emj341Dbdn0I0AhdD-XTZ_w6kCPZpQkF804qcsnGJuThiMbvfA4ogPBcd1oKC0MvDnjUXXLF6y2uCW5dxYaHFjqXRngvAZHG_MBxo-OggOHEckLLJtYmxpEWwkKGfVJkioeSg4JXXLCyb_tH4XQCty01z4xOSXBeAYD21dnsXLBCHGz3ZeCEMXrDw2_eki9b0cZhfWt9PhjE3JEEkeK10busoSysMapjZy0TcIzInl77SWllRKPERAfoQae8mwQZguc2MKbzSvv5cdtwcYojJt7_eOb70sPxXLm4lqjUoBVtIpLN0m7v4zPap6Im4n-l5Lj1tvYn-YxSGq1ZohEv5YMNIZw5cRqCOSKEQm-6yaGxR9GnS9qj2yncacUt2l6xDMRnm0dZCyVS2mqLR0OWn6UWkgpvm7anyTeVfcMe_LdooCI9FqcM5ha6XX8QE4RQtPD0N7J61Af3-ij20ioV75fo_nQkwwBLjcmtwqjcw7lcACy36ZmVoLHyzBMdtfpQqUsNggiKugmcjlUN19CV00su4vbQmd8EdaU4Y-rWwqA3wuD_TeW64UxrwZzavgJj-KOIUeDGkrUYRsDtmd7I1OoFsF83UXk&cid=CAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ds=l&xdt=1&iif=1&cor=3480415348921846300&adk=2124396030&idt=104&cac=0&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9074cb893136e65b52d08c898fcf8f9005d65c0725d6c4045ec4cc1cf1b75f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12435
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C4C 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Axe4L5ID_DRVE9Ld5XzkTCjBHoP56FuaU8jU02P6M2eGkYbWqc3E9v29pFiZQVnRh20kAVJ7e3HoLXfna_oYgBVl_F4r7ZBuBLVRReJRgKEyuo5ucCxENi7ZrgtPxxxTmgZe1OVfjK_hQ-KKVPcJJ5J-dF6cu96fiJ4od2oHIWemgrrLk&cry=1&dbm_d=AKAmf-DxX5ggBoAu-8MaQaiO7d2CP227BQUS5P3t9jQyYdJ9Gz9GJtNkvCuz_-5ZDYN0aynXKTRUw0TnGDZqR4fBSwjUvJBuPgdt6ZewauFqFid5lC3J9mCBfBoBAN8VxNbjhK8E0jjBiziJ9BGG8SAELEQIpry_ck34XdrvCCqrSIDOpy2waI7iurLSqKWQPVl7jo_jTkBuiVEoYhAgM_BV3TY1DydPyitXIX5h_wod2VQ7sTliZxjbcJEDo-WhlmbsKP5-1aWqd__VeL7tcEzivcN7hyf6vzg1tN7DvwOHtuuKbLSCt1ZM_wSXus4U1o0o1wo3pSA5EOvJVVB1wDRCBjraG5OBZCqgp6sL1JqXURJl_Eagu1Y-Cf6swu7Eciv_kFAYXa0eY6jK4t52ae9KrWlJ50C09i-aBq4gepcSR3-M5ve6IKXReGnIEln-IrJAHVn5O5jcWvbfdqeaJiJNekdsi1yyNeHGZ-Zq8eVRzuHcChbIhBkBZiEf2Wyn_0nYPTt2nIHFXigZHWHkDSkGOEd1zWXSJhdTtwQlyWSL3u6GEojK4CFV4nl0zKS8F4iNOjN07DE78b7XGgm2SXcEC7zQQykOFXB-2YmgEQRQnOnuCfK1D5u96UqLM-E7ZkenozzJbqXB-mPKo-eKsNibzhNHqeOxBbbkyQsfPekx8zY-_ZnooKys6cRtm8REGp0jd_drcK8Q4Kk0Kie0lX5GyerkmcbjrPqe8fi0iLFIMSCh551wMZSg85SflXIId2T64kQhgpe37dO9NsbBvCr8AABYmFai3KqDpK-QTjj1qsSe6kYnuGf6sq70W_UCi-DCHuxuZf-Ds3pKAoyp7sAkv4DVirvvICIJG6ekVOag0eWqbsJsN7tfZlPpDIEKkT9MbG6z45823DY_UUCHfWhyqf9fDhUgDHp5sE_4tQmc5QSXGRTKcunLrPL2W_9KkBYuTyyZzno3PofMoWzcEmnVFe9p-i_D3Q05_kJM7fLnhYGCU1BHX7gN0on3b1FkNWU12BwBousbipeF_eNHxNrnq3BRB3jSyYIVu-D6mpxxy6A-defTbVq1c-T-Xs88hr78KuzUpTRRI5wHYGEuDHN15pylTuVf6IhDEPoqu_E2ahaBw9aGXI4tDAbXaA6xyc2S9on8tOrY4V5m6z2oC8cbxj4EWyOcGsrHrpvqTkVihE94j-9uVZXoKPu7eV36Ab_SxZPNkNtf65BYMqda5YAaZMUBRMIQCM7ngbeus2E3_YXnDaORDZamjR7LBngxjncg7h1fsMY5B4TwYkobxlG27a9t20Zn4Q7iqpp5wPY6U-1LFYQzwufNwE_iCdLLt9AGJQ2oMK1zi71K9IKdqhv9xnjHYhpKyDn9DpwIi-r_LvlqxU_G1-QK_ANdvHfbebzmLYrVGt_9YLR9tA7ZqTGT9QP3REnF3ScS9PWslvHCXJH-OwRTPQ4rkcLSpRiPIMYkv-0Wb71SgtHSzfcD0C81ICnETdfiYVjhnzUjaDzPnR5jsMjawuprsJ5YJutibsqJ78uFhQFjXWKUdak8WGvUKL9MUzTsfynFl92OMteeqDZJyTC0r8MIVFmGfPT-7QQdZVj0J0V2VuzvfUYpEfLdxNyg4hRM_70Zm3yPwgqNZXnnJVfkSX3nQb9F6yRGcLHq0K4le_XJkQmuhroCTWcZQgAcImgqsUx0SJ1j2MWraRqAOq0AT3_tBqIav2_V02N4DGf0y71wxbhdlx5R7njKGAN-QRaYkg2ltxy5k2cojCngKuYMS68cZkoDbUI1MLgOnUke4hmVAM5GMXy9FfPKGbGjhhkEX59r9hgVbfum0J5oUQPZg3kWaBRUENjuxF9gCyy2tdYYZGZcBoPKfYEqNBmlNr05Y9hf-CHIwKdnecZJ6YNFBDgS2t8oeDOI9ApBFeCr2cdlX0QmOy8mKu3q3bBGlKzLuIgQYzoiJoSEAn0O9efLNmk2HHpkFWj6x_Ad4kjlZavFIABznrmpP5IA4PezcGmSG8YjRR7rHt48XOk-vZYN4cSSN05FEGWg79z2t-K8PuoCE8tU41cat9NqgphEcbqvCWTw1XbWY3J_oUWt06KH1Sm0_J6rXxv7mK1h-ANqO_ZnlBLhr2wntqYvOlsg6CR2_QeJIjFq_stsTqkmCDxyY9N-xXJCZvXWyXX2LKCK9mTz7LDOZIMiWZ0BMMC1QtpQqpgRbU1iNLrQlRmyjYuQ0-bDUnzAgW8q8TYfNF5TMwYTorD35OG91xDkYPkKETIjNjlyD3RkMqYIST4_cpzybr0e1lE1LClPC6pKiPMBHmurIRrrscXXiE8Vc4RHK6Wyn7ZCg-f-zGECMD1dXsk40K7FRhwepFPzpHXRTFaOByF8IULB2CIQi9OsQlxHEccWScXwDjGe1HyDigv3wwMUQjW2Mj3N2hiMbk_gFfollWxcyl-R6Pt-Yw14pstfHbRAmZ0nEAy60mwQXdlELwuEInLF6VAqyPSEy6tWlYC3F4LnpWBnZQIicDxuWSnxspbrGxYuEUZYbgxzECsHAE7FywTCTwFFAIpnCfFcwibbCGSmiVlpLcVe6pwPamUIHol7suBX4rlf7ooLprAJXDLpCubWC4tPTYAmU7XK5RXaAT8umdko4Yf1BGNIMBYS2MIMxTk2g2I-_SZTeV4fMou8ny0aKF08gfa77y3T1uyC096l7NYOD9w5y4ox5dHTLOLqDPUblyxjxCmUpp60qxFZDWI8eA1_u7mNJXdP-LspuqsNWz0GnvHFbv-X3AKZu8GhxdJcaOMO4QDAIBz9riVcdxjxnr6BRCT79GMDVzaPAt7JWhSLIUZGYVU6TUMIXAWaJyMBKbqp0dunzx1-CeX6MQOTeRyyNYTf0-jv7TrJDePi0lCLcQFHuP2Y3qGscKrPLQSSioQxMZpEam2rz5mzaIZq7I1mTTBa2iMWpBWGgGZUe2gh-BbDP8VZSdY88ZWqn1P5eJGBeNMBmsV2QKW1H5NIIPyW8_oMkvROZ4hNIr7iCedG-7HBtU6jINoO8WRkVlNUaZtNsAVf6zrbXgfxql30pUUt8QIxRorlIVUhig-AvKJ3QISLm6yfai2vfAhUYgyozEJcMS2zXYw2sWoiVlbUT2-OWJk0S3awXVgHYunYRIeu9VL8bMi2AGPALCLUtZc7QmdreTLEgVwpn-kIbRj3h2S4nXGIEHqQmgPCQGgmc_zhAgo8NEmEl-S1zyQCqVkgktXAkZxaJGazBIXph-lijSLz6M8Hah4chVf_a9XEi0bCjnpqLdnCcD68TXbG3E1aS0kKGoF-ntQeSsYDMh4T1vuz03wt1GRA0Eq5_lgM4zWoxVklZmD8emj341Dbdn0I0AhdD-XTZ_w6kCPZpQkF804qcsnGJuThiMbvfA4ogPBcd1oKC0MvDnjUXXLF6y2uCW5dxYaHFjqXRngvAZHG_MBxo-OggOHEckLLJtYmxpEWwkKGfVJkioeSg4JXXLCyb_tH4XQCty01z4xOSXBeAYD21dnsXLBCHGz3ZeCEMXrDw2_eki9b0cZhfWt9PhjE3JEEkeK10busoSysMapjZy0TcIzInl77SWllRKPERAfoQae8mwQZguc2MKbzSvv5cdtwcYojJt7_eOb70sPxXLm4lqjUoBVtIpLN0m7v4zPap6Im4n-l5Lj1tvYn-YxSGq1ZohEv5YMNIZw5cRqCOSKEQm-6yaGxR9GnS9qj2yncacUt2l6xDMRnm0dZCyVS2mqLR0OWn6UWkgpvm7anyTeVfcMe_LdooCI9FqcM5ha6XX8QE4RQtPD0N7J61Af3-ij20ioV75fo_nQkwwBLjcmtwqjcw7lcACy36ZmVoLHyzBMdtfpQqUsNggiKugmcjlUN19CV00su4vbQmd8EdaU4Y-rWwqA3wuD_TeW64UxrwZzavgJj-KOIUeDGkrUYRsDtmd7I1OoFsF83UXk&cid=CAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ds=l&xdt=1&iif=1&cor=3480415348921846300&adk=2124396030&idt=104&cac=0&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191372
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 7C4C 12 KB
4 KB 38ms
8ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1696766876128310&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 77104334ccb063ab8f00776cb4abb404f0dcdfb0ad0240aacbc00ed8b8272427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:56 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4247
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ADA2 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 253104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame ADA2 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 13:22:57 GMT

GET
H/1.1

200
OK

request.php Show response
hal900011.redintelligence.net/ Frame 7C4C
Redirect Chain

https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

92ms
79ms

Script
application/x-javascript

138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Protocol: HTTP/1.1
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 8a275ebc507646c845f3787cb91ef529125718b737d67a77d3109bc90e3e8b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 43688000054454904444994012471011
Connection: close
Content-Length: 1330
Expires: Sun, 08 Oct 2023 13:07:56 +0200

Redirect headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:56 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sun, 08 Oct 2023 13:07:56 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ADA2 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BydnpnJsiZeiPMsiH1PIPnbmI4A0AAAAAOAHgBAI&bg=!LC-lL2DNAAYMG8UMLBs7ADQBe5WfOJlP6r5CBzWTgIiDroxN6N6h1tbxVFjt0AOHyrEBJVH8P_g0MbIVqoQHb3uLFJqIAgAAAD1SAAAAB2gBB5kDFJpAV4tv83S9QLcRVLVQOfSiU_seniAohrMU0Db0RCzI7ZGUkG7zFl4UFTvAU-cItBFozr3TI4q2sNay58Y1X_OaSCRe9kj1oPUAJCcz2qQIQY-f63NQ6Kj0baYWfD0TpzP7Vkml5gT0MayAhiMEIkrCc9NXjLrGZnWQ-3d6YAVL5zfDhSAWD1O3dyxmZ6AuLeDBU5yMpIY0i967lnSfpUIi5PqKbTXl1wDzaaHuB62scnQgbDXIBpfYUHhSKnOKoX4YznB0Xd_5X5NOQQPJ4BDs7D_F72JcBbdqOTz_0FOEO1NdxyUEOdDlfR-bDwXbtX_Baw9vTp_iUO91iHS2uclkW6xawtbMwGu0rnmmFT_Gvnkvdu5ugggogyUVexGfX133WnLkVAdFMHj0JN_N5ozhWhWZPEiYHQsNjgK79oFwD-cjnikyh1M50tiZBLOjWGRCMb0yKNrLyRSy7cdZDzgvz1wXM7it20NDSrYhGEIczw7Nd_dzxPuMC1tYKS3P8zyXl5f75CbPZSC63Rn7AdL4ijDuvdSD5lPKi8e9j50NUDjiHZRHAhMkcMN5YcQSh-gAl_dA9kVwIrEFP78HeinX3u3f0UWpKZEYmVmCH5HTVtd0ZlMBETK6TH2dWzYOQz4MkbiFWydScliSIJklOUMe_o-Rh_hn-42hTnER9WOiV10RZsR65pGkP8N2MZQCuKFfIE3PcukzPfvTrB9uLbpOi8XYW9Tdyls9-npmZ1a9PMVXZH8DPy8cwl7S12kbQZsQzarPk27MesO5mccItm_YN0xqtNF0xhgERTtdPJvBtmTrdA5DWsised5Wd_p2jWHa7IdLJDL4aAKRZjkTV4jnYwfqhFm8XIxBp_DaPnQ8nw9dRM-or2BsW0jCKFJ9kkmbdJQhcsd_jnAyMYyz8mTDjuih_rKVAvQPlvJu4RJUiUVoXv6ErnNu7-q3z0BkLM9SXUBXrHWPgElF5r3FqNIZS035NGnZ578dnMVApI1wJ5fre7QgVxTEXBRGag7kbftY821apiTA1Iwue3sqwL5dNlu8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame A722 0
465 B 99ms
58ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 08 Oct 2023 12:07:57 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40028
x-iplb-request-id: 50FF0ACA:E5A6_91EFC182:01BB_65229B9D_EEBF62:27FE4

GET
H2 200 / Show response
adv.office-partner.de/ Frame D784 930 B
931 B 98ms
10ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sun, 08 Oct 2023 12:07:57 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sun, 15 Oct 2023 12:07:57 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 7C4C 2 KB
2 KB 133ms
60ms Script
text/html 13.43.154.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=43688000054454904444994012471011&nw=1
Requested by: Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.43.154.56 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-43-154-56.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 1baab2759edfdc5653f1fdbedeeea0c0b5236216144b773344c5a2f9f0c833f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
last-modified: Sun, 08 Oct 2023 12:07:57 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sun, 08 Oct 2023 12:08:57 GMT

GET
H2

200

activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936 Show response
5994599.fls.doubleclick.net/ Frame D24C
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936?

391 B
327 B

52ms
51ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936?

Requested by

Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

f79158309e344fb8db21c609d95180a4154855780dc799696f9e793c11212cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Sun, 08 Oct 2023 12:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900011.redintelligence.net/ Frame 1BEC 7 KB
2 KB 21ms
7ms Document
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=f949f09f8c&subid=&uid=7f75fb3c06013e7d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7a_pnJsiZbbqB9n1twfynYjAAqblvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QyvJctYKasyI27EVGOMs4AR4B3FkfIN36L1ZdaWewWgyb2wvWbdrDhQ64LFvDRFYUKbxfvoyD5OVC74a3JUSF5QQ4x3uWNwqPwa2-Wqm9B6i3Vc3axwCwPCPDbUs5WfLJrNVEaWhWANSA6GDIO9ga7JrI6txnWukr1KnATAT5vSc9avvkMgCoSufWaBv1RJtvbvmdRt2ru2iQfJrIn-O97yRk_s8kbNS0dhxsHuIn8ZK0ASj-eHK_2JMdiA_R57gM2KA6t7QBSgNPvkHJqsqJGAlK4fFzCd44n0-dCMC_mfgM52F4PDdL6NaNs3YhVqgZXUcMnjGJ6KxVBo2vKfbm2AgU3Tu9TYf5VXSwZFpWqZ08_gjqrFwAzdmYIcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMItqisl7XmgQMV2frtCh3yDgIoEAEYASAAEgIMA_D_BwE%26num%3D1%26cid%3DCAQSSwDICaaNIRHk_HWZDx_qJlY8dmlLagck1nekgQ-p9JloxjhMjhhIr9zEBDj2z_oWMYoWcC5gH0wBXvhQjZoZsHLM9CKrClO1OzIMihgB%26sig%3DAOD64_3wve7TcaYZK1ZzXv2kE9uZqfL0Og%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-DnniNsTE1DEOUkkSzSzqENDGzLOE8gDPEOXQCLZ8BhShHtwV3tSSeeY-XP_9Qkc4_v3Cd5ynWLRNd_xdwWObls0yHWoE1SOPnee3qlVe4Y5r7zwUNM8LBcl_x2a6GU6n-OxoJcKxUWjv3n2hbUH4x6w97cHirC79EDadtWHbqnjSV9OTw%26cry%3D1%26dbm_d%3DAKAmf-Bkn6Gmhhwy8gIp7K_clBmIx0rmiiYkiClHDIMeADi0FYlO3GCEo6Vswa44czccqWK8v_cBE9qg-azYH0PXAU7Q7m404NcDCf03PYFQ7-jDBWgOUsKwRslD7unY8OZclbLlqWnISHCcWBrDuhciLjSO4hQMRHwtPZXvfo7RJtp1PDRM8tUpwGsOkKUTNhABqI6rgnGixiYrZa2hp3gq5bS6zg1LHU0wUbVyuI_kUczPf5Pw6H5pysiumugkykR-AOLCKyv-JZa5_cQ_PmmH_JwYTTQ4moD-Jf09p53ch-lLnqkSAeZXrFfz6eeuIwdn2fQqWZofl65edNSi2yofVRv_smP0GPuviaY51OmDGSGiknCN5b5aVOuypky0wt8TQtQV5WRH-Lbu5jZTHdML-RKgV7p5zDpA2e0wI0HqT_2vo23hyeab6rpEYT3OqBySi9ILhgNlhW9m_kzNb7nayS9Yr6j3kKwvzjLRnWR-9FX2EclNMOnW1r_PxUsk4MhdEAdwaQmZ2DeaYVNV-H1AIxwMPABnRUgqr2kFy_Zwr5acL1uoG5o%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D3646330520%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875799%26bpp%3D1%26bdt%3D273%26idt%3D294%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D625x280%26correlator%3D2812134470218%26frm%3D20%26pv%3D1%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D2740%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26dtd%3D298&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=4979209747955&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d0f5cc6a1a39b13b0f4ffecb18f7acc875c78563b2c8c1a4e1076650495f446d

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2097
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Oct 2023 12:07:57 GMT
Expires: Sun, 08 Oct 2023 13:07:57 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 7C4C
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
481 B

101ms
73ms

Image
image/gif

145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
strict-transport-security: max-age=15768000
server: nginx
host: pv.medialead.de
x-iplb-request-id: 50FF0ACA:E5A8_91EFC182:01BB_65229B9D_ED5AE9:1D8B7
x-iplb-instance: 40027
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=43688000054454904444994012471011&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Sun, 08 Oct 2023 12:07:57 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7C4C 43 B
702 B 76ms
45ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=43688000054454904444994012471011&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:57 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 7C4C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2455ef0ef89c2f6597bb0708d5ffcd46a23236a447724b8156ec0715cde6b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 1BEC 5 KB
1 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 10:27:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1BEC 17 KB
17 KB 24ms
8ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 3a8b5ccce8fd43a92602797a55867382d70a78a4e094527182536fd8249b19cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16984
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1BEC 11 KB
11 KB 25ms
8ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d2756e3960846bb5d48b792d93069c0846da68da363d45744931b00dacf1ec78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10944
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 1BEC 16 KB
16 KB 27ms
11ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 15ecdfdf293d58bae515bdc06e21b04cae487b05e8d7041c4fe1c5bd4f6a6156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16511
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2E84 624 B
245 B 51ms
49ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUHH2eLnE1AEUZfblfT5CqsgXkl4iLUKpaT6JxYR47k-KvYvJMHKiBk_05TrOuApzdXzrMY5N7wiOijknj9JFPur9gUOw3-MBsuZF3FVzbSvqc-WT-to_CBQZBBzOW6UcbzFgw_1Aa_oMGKfp9ss3Z4KBz1FzsGC4KdpJPQN8IQlqgEs5w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Sun, 08 Oct 2023 12:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A2C 89 KB
31 KB 57ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7A2C 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 11:58:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 7A2C 20 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A2C 187 KB
59 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A2C 42 B
63 B 44ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSpyNV7eaNCzos7VkteyhneRAcJuEJQJfIKcDkV7dRsaQbhDsJT9t78MVFSfcjOR92Yokv7SYP_OhrwfbCLbiGGKco0aKM-jBqTQK56mI81UcwPP8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A2C 0
20 B 44ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11789341358796150139&x=1&ct=77

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900011.redintelligence.net/ Frame 1BEC 0
150 B 22ms
8ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900011.redintelligence.net/viewability?s=43688000054454904444994012471011&a=a544b6f0&vb=m
Requested by: Host: hal900011.redintelligence.net
URL: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900011.redintelligence.net/request_content.php?s=43688000054454904444994012471011&a=785046b9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1BEC 14 KB
15 KB 31ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 243852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 1BEC 15 KB
15 KB 32ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900011.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 183900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 09:02:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame D784 174 KB
63 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b805c516073369453d8e385df77cb10c0b68d3405792a99655561f89cdc845d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2E84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

43 B
734 B

27ms
27ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUHH2eLnE1AEUZfblfT5CqsgXkl4iLUKpaT6JxYR47k-KvYvJMHKiBk_05TrOuApzdXzrMY5N7wiOijknj9JFPur9gUOw3-MBsuZF3FVzbSvqc-WT-to_CBQZBBzOW6UcbzFgw_1Aa_oMGKfp9ss3Z4KBz1FzsGC4KdpJPQN8IQlqgEs5w
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3YYtQNgpUU4x0foLc85pHg6mE1u5Uc1uprVUahgGPDJD7mZIe4cD0oXpE%2FjbFvEMJh%2Fl51WqGKXFuRuNOtZ%2BXMuG7prB7yCHYARSLmBclkoWqqqoPhrXbWIY3zhi0qXo%2Fo4Mt%2BiicJbV1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812e44367c38bb47-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2E84
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSKbnN5bJ398c1qYfo1iuQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1

43 B
730 B

34ms
34ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUHH2eLnE1AEUZfblfT5CqsgXkl4iLUKpaT6JxYR47k-KvYvJMHKiBk_05TrOuApzdXzrMY5N7wiOijknj9JFPur9gUOw3-MBsuZF3FVzbSvqc-WT-to_CBQZBBzOW6UcbzFgw_1Aa_oMGKfp9ss3Z4KBz1FzsGC4KdpJPQN8IQlqgEs5w
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY7TDAv591zTvctfJOH663edm1MuY6Gk7x48VaRqDiHKnAoHg9mnu6gama0BbjAe23n9mjEt8%2BqTouX4hT1LiNj0E40ylVpdkeiujo8RLutC4MoF7C2VUMb%2F0veqwq4SU4%2Bkho4pGLmk%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 812e44369c5abb47-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL62he5bt44uy2MtT_zNJSk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 2E84
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1

43 B
840 B

7ms
7ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUHH2eLnE1AEUZfblfT5CqsgXkl4iLUKpaT6JxYR47k-KvYvJMHKiBk_05TrOuApzdXzrMY5N7wiOijknj9JFPur9gUOw3-MBsuZF3FVzbSvqc-WT-to_CBQZBBzOW6UcbzFgw_1Aa_oMGKfp9ss3Z4KBz1FzsGC4KdpJPQN8IQlqgEs5w

Protocol

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
an-x-request-uuid: 3334b811-bc9d-43d5-b61d-a98c6ccc276f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.202; 80.255.10.202; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFcQlSGKQ31LSL8lkLDJJvk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2E84
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
an-x-request-uuid: d519ba07-6244-4495-b45c-8964ea1a287a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzY5MTkwOTgwNjQ4ODUxMzM4MQ%3D%3D
x-proxy-origin: 80.255.10.202; 80.255.10.202; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A2C 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=890059663945&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A2C 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=890059663945&version=m202309260101&ct=77&x=1&cor=11789341358796150000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7A2C 16 KB
12 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMHoPydg9lCF2GbRS4bPF6jcUsOL8Ufjxq2d3FYIgL8KYpMQ1neTH4nHPz21tJ4kS-APt2ZDDNISG_v2Nv0fgCP_R0GBWrCO0Kg-tPFz0bD2tAZ3-kFov2Z_kMp6KgNMk-yl_hrNHxBUZHdm5yj5rwdSfx03jgfQIiKucntY0ts76KulU&cry=1&dbm_d=AKAmf-BIyAzPrJ-O7rlyBD33U9sOMfdbyTQuK6ONHo6HTcmtCt_xx2F84P4RiK1egjGuc35EOwb_S46eL3554eqe1_tBXV4wf3IRiVSmesE7oUB1bzhXfS4zag22LKrDH3AUjcuMRZ8-TFcAjrskLqfiSOGs5-H7zpaQRth1JmK0EEvLUv0gpeB5ZcWAJJ5Ubchh5UKQyG7OCXiOljLyDitu20-tYe-3yfF3HPnvf7aC9jTxZLc8qUwribAmYfCft-P6r5_OhgB9aH6obBG-Z27ZBIgbDtmAUq0XP9j4iYH6tnuA4N9HB30dfrMko7nu034k5ODxgcZsjvJjJDIyEoZjgahnr1FUTfekcU01nCbjipCILy0WNH3FWm8sLV16zt1rsEjJnSrIEk1Hn2Ir5Xdy82Ma14U0XO_ptGB75ketpuZrt2lIAHFjZ5Zf9yMAnn9tzR0TJymMrkLgcgX0FKU1aF7bN3Ox9Iw7vP7aEeQsbTZrhfqpDvfa49Rz-AYp4JHWBL1OO1dgFYGTLfuOw4H9wCQ7upVtk81Jmv55sildIdQbdw07UfyTxKwb9qOueMJxoipjAj_9aQ8iN8j8dC9bmO985GZDrWt-2uKzpboYslM9RRCpjsNWpqbMp5Jj9XOytsIBI-qkYAx7ihoTdHb1V_nP7Xe-m3bS4dBlSyhZ3nkBTm2QqTaGLQw6AqIoJV5kgfgdxLmbJKIgG-s4t4cKA028odP4ebThwmRlAoEm1zSRu0SuTUNev_wrd46d_M6RXNSucgBU4z8eWuOZXvCHff6qzguwlUHv8APz05-WOJ2v-Uy3sFJGo12w2ry1INzm4bcPCdxjs9JjEsjaWuGklJGY3xUlVgU8_U2uTcomvihJt662JH54SfhqBds5C7FRggPRWu-ghaVrNYKGDMQasU-CFveUr6mQpVT4sKFiqiFNi3PgEnxAghayVhiqOLWZqxfA79QNEHcfYnfpAP_IuIyWA-rC0rYJktgFqc9YMryMIu8C9PqhqcsKQ6rJOSM0xWKAlkaMTqXrIzItTL3b4XlAiosQCsynbrjFrFw3WpMc-K3Y7soa0Y54w3O8Sn8oX2vSFKmrGjALDTzLvGx03MeIImzRMgrZpT2OsodjTyYwQfnqLzw0rfq4_gQtNTlQw0g0YezmIFweUq8pWDdtFY4b0ZiuFeezi721pq5pc6oQqUaj6B-fwxGH6htrlEFyjO3mcvVNAcffAxwBnEo2cZLEyaV9bbIZdl-YWNkoCE98XIhPWQebXBGh1BU6uaUnkrTo7X-X79PEztxwp8-LauDvD_iE258u-BHISgzzRu7s4rkEXuLkgdVM1x7DNZoE5NWhiIgkEV363WW8LIZpDd9Qq_Xb9-kkpVE-yeplhFRxw1P5_KFBtQ_J4fEI58-Qzxsn1kVLCBNjf-yklHNvY-33VhN6VRV6TftZDPWEihNeg9v4u4szBZgegHNtSd9Xa6RWtFM9QjY3wNiN73O10cPrJAeiMCEW5lo4tuvHTNd8kaDqGUVYM-zwBHCGXtyuiIDGtm_-SV1TPGNdc4rD-OroZvEzaUhgGDG0s3rb-Nq838ctlvQ1DvVDlVGwwF9BglICP7v2Z1X8gO7HV2E6WryJng0baXvWwfZ94sCyIQ5_ZOKvvGMwBhP_6HkQm8ZWARj7fuYkJDlGBfc79eLQsB_bretl90nd5mFpq4BmAxGpZrHI08FIxIsAyi0IJOc7nZA9dhi2qH6AVFac3Yy8ETARxE6K4hHOxG26WNnXv-GJ7uayPolcw3-EKWWdrrv1K5teeZC6k0mO0q02SWx16kCVkBYh-HpKSU4eD13w_Jtd4e4SzHrOay8qRTNDeqgq92G0f-bkuPuWF6sJOLFophomck-xxVMfgmopr40QQ67fRtrfsHC8mJLMR0CJ9mJ6mpx57_-Nvzkt7UUKSi3YyQRQZIOWHvr5h58vves708vu6aQ9RVRAWpDRgNjyzvPgU3JL1JBr52xIHUSYefDdRdanyam8gmuYaPK7w_yHQzwfV2cc_pnf_JppuYrF8eoV5aSfwE2atm6GdjKhMnD9n5fgWGKuQFq-qEN5_u8OPHFHoRrtVcSoNjvfK9ysCntsQZHnvK4Y4esF6o6RtdIpoI1Ab0hRvHMUoYtwAfR6WJGns0EcVG0BQEFXPmyMbYdA5N3P9egdJczsppjhXqbLuNuuDC9kkv-sOcUU7-pIvLXMYID_m5Tqmvb5Ayk4haH6sebwMm562JvxWNUlNEon_GXJATq0CaMSQEfFrciaEPB0R-3s4I5Zq5Uw9emqOtYQrJDKOAqk5qEYrLlSgd28aaNAns2IgmwTmsdhvMjzAaNF52O4d2JTFbWVSmPDZss39Riv9C1l6GL60XWgrOSGC_F53FSO9u0g-XB2PgVb2Tg7pLqhrRDCqJMqUlRx6R0ZxqNiFmOSXTHPzFCwuXM5zcwmO8n354VJHzYJycIjiQ-tjQMy-5CJlCtGEEFfwLbid-eMmFvzIeE3bRiIvZE50kj4PCPYNgZxiDcj_kVcQhQZfNaQ57LyLCD6Y6SyAtx_IzyPnvDWG53NnKxrvQM8Zaqlx0pCE5Ky_AK1SKapEXc5a8Y5A4xQPuJCpdP8MO07ZAeRK5g6OlGJT2jrGwl2f6itqVMHj2M3Nf7NjeG1gLxceciscrduGjXh8qBum8X0WTx-UQgkMWe6RF2PzmM5MK2PCa487en8FOiXYwFO5ivi4BuZPQgQeuEWBSoE61Vj8cm1i_nsfnUWJmZRVuFqIqYzfJctMl5vgvprhTIgTp_-S5FOoeramT91r5lYBzlInaGqkM8U6MII6DTCxckJvPkf7XfLV2JrwWCyHKVa7xWF3VY5ZcQE6onORkGlAO_yFx4ICO36I_lYtECpbbA1zbu_xuldPp9gd1wjMfxv87_nWC-zI4DJQO--sRP_si1jMYy2xPh4F50XR67Mzit_FOCls8KFivsxwnc3fqnfydsC3LUrnYPAbNrHxzNUG2zSdbwhe25NJ91YMt1tprfzHhgU3csXyyXhU3ITW3lIgJduddJQCLDIfrjO95-9z-fQ_oo5GNbFHmjmDtMz3wqsYJDIYsvqHB_9eZN0F0uD23gG-b0YufgZUxxs6G42b37h6MtTNBsNC5fzgkNDcJ476Zu4v7q4eUXzKT43DKtKA9MHhdYvo-8dUsE_JJWZbHu7k7swQBi_ggjfQRdB-cUiPVMXxZdfccxRV3qfAPVl0xTOebUGk0AJuSkpfSD3jPSc9zNTV630Shl_cOzClAn0vK8tFF32dQhlUFxGur1wcOp9Pfn8UPyhIDOI1D7awqFMHaRFd10EYvu7nYJIckKxXvAmIq6gLQyNhfUCrzAuVAwHi6WkbbgysJ5c2e58ckfweMNJD1bbTEOlrUto-_ASs6tnCmE1V7oXkcyE2YccrKAIoaxkgzaM__RHjDmXa6I0DF1_wUpmVonDkFgcBSnZEpy9ZeKrtYS36Nl8jOImQyiwBCXtTV9yEWsVMP0csxAeW5RfayGlLelqyaUSgqUBonqs1z8SOh2EF5x1A6NV4dkWyyGHowDyJ1VY_K4cjAnLo7JaVfLgT1D5UuwIqAWhBJZQfN6kapBqkerN8pgOujqprD961j8109kfsV5f-bPuaXXaZQTxL0DNruZ5ZbSdfwOTrm5XzK35-WyW2srVTQkGbXV0FwURb4SgBnQm0wZDO3pnlE1Z5XYG8H7Eb6JNcLEzvulbTCqjwnhfGQfvR5_LdIumycHdtzhpBOkBsetHsTu7gESrZHSut9vhUT818YeJdeY0xOjk764Rx1__PBVORQQglckfCOr-eM6rYLKyBoEJ5EN4qM4ct-Nsz2kgBvXcYsI1CbX-IMO2wkkM9kE6C480nzWk7QChbiO9OaVAPaQb4koLLWL4zcLieGmxrHcyo1sccA&cid=CAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ds=l&xdt=1&iif=1&cor=11789341358796150000&adk=2307692975&idt=62&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb5af5b868d7774ddcdd2e1c9c050c97cc109dc7bbcbf0096a3f5c89efb644b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12086
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 7C4C 52 KB
18 KB 77ms
9ms Script
text/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=43688000054454904444994012471011&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 01:18:34 GMT
content-encoding: gzip
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 14:06:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 38964
etag: W/"2c13a74e288a2942ad3d2af9bad52cdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 6bof0xdgQRLC5iZw7bn-quncBt2laOdTS0dLfTOQ65crqv4LomQMZQ==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 7C4C 3 KB
3 KB 55ms
13ms Image
image/png 18.239.50.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1696767177&Signature=G7cb5oOa6ZyTeArq9hMlAIh8EhT7SMwcVl38zmTUTGSKi6lkEp6SffLSLovpxNJnW2EaUPtKnr39~a1ah-WqK3vgZzpqvyqxx7Ig48KbDuPY6YjZBzRT8dBBbHNEgx49iobld-vpFic8Nzdz2JpG0v7bbA5RkOFbhxSLHbI1ant07cgSJDl0i2uRRaXkQmxRUhQznrhlc7c5Ig0D1k0TmTHDhchfdjMqo8ZaJuT3dYZrrsemC~-e2T7x2ICwneuPKsfM485PxuT9lck9z9027n7QjuwzxYGNAAchevf6j0Hyw4rhKuQ6yfK5H4URrFcq6yukD2WztxwRFUl4AbOO2w__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=3646330520&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875799&bpp=1&bdt=273&idt=294&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&prev_fmts=625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=2740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-47.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: null
date: Sun, 08 Oct 2023 05:24:51 GMT
via: 1.1 b744839339b269ebb49818cc6c300b6a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 24226
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: lTJmjpUxJRQaZh1ffmJeTDf-LSgLU6BrIdD7rILmO7smHrFTl_wTBA==

GET
H2 200 dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936
adservice.google.com/ddm/fls/z/ Frame D24C 42 B
401 B 69ms
47ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeX6pe15oEDFUQNogMdS5YKYA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4722186379710.936?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame D784 272 KB
91 KB 1235ms
1235ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f16e1b9e3ca61b977c00e7773bace4ce91b69a33f2e186f9993d9850fc12b019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 12:07:58 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A2C 41 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMHoPydg9lCF2GbRS4bPF6jcUsOL8Ufjxq2d3FYIgL8KYpMQ1neTH4nHPz21tJ4kS-APt2ZDDNISG_v2Nv0fgCP_R0GBWrCO0Kg-tPFz0bD2tAZ3-kFov2Z_kMp6KgNMk-yl_hrNHxBUZHdm5yj5rwdSfx03jgfQIiKucntY0ts76KulU&cry=1&dbm_d=AKAmf-BIyAzPrJ-O7rlyBD33U9sOMfdbyTQuK6ONHo6HTcmtCt_xx2F84P4RiK1egjGuc35EOwb_S46eL3554eqe1_tBXV4wf3IRiVSmesE7oUB1bzhXfS4zag22LKrDH3AUjcuMRZ8-TFcAjrskLqfiSOGs5-H7zpaQRth1JmK0EEvLUv0gpeB5ZcWAJJ5Ubchh5UKQyG7OCXiOljLyDitu20-tYe-3yfF3HPnvf7aC9jTxZLc8qUwribAmYfCft-P6r5_OhgB9aH6obBG-Z27ZBIgbDtmAUq0XP9j4iYH6tnuA4N9HB30dfrMko7nu034k5ODxgcZsjvJjJDIyEoZjgahnr1FUTfekcU01nCbjipCILy0WNH3FWm8sLV16zt1rsEjJnSrIEk1Hn2Ir5Xdy82Ma14U0XO_ptGB75ketpuZrt2lIAHFjZ5Zf9yMAnn9tzR0TJymMrkLgcgX0FKU1aF7bN3Ox9Iw7vP7aEeQsbTZrhfqpDvfa49Rz-AYp4JHWBL1OO1dgFYGTLfuOw4H9wCQ7upVtk81Jmv55sildIdQbdw07UfyTxKwb9qOueMJxoipjAj_9aQ8iN8j8dC9bmO985GZDrWt-2uKzpboYslM9RRCpjsNWpqbMp5Jj9XOytsIBI-qkYAx7ihoTdHb1V_nP7Xe-m3bS4dBlSyhZ3nkBTm2QqTaGLQw6AqIoJV5kgfgdxLmbJKIgG-s4t4cKA028odP4ebThwmRlAoEm1zSRu0SuTUNev_wrd46d_M6RXNSucgBU4z8eWuOZXvCHff6qzguwlUHv8APz05-WOJ2v-Uy3sFJGo12w2ry1INzm4bcPCdxjs9JjEsjaWuGklJGY3xUlVgU8_U2uTcomvihJt662JH54SfhqBds5C7FRggPRWu-ghaVrNYKGDMQasU-CFveUr6mQpVT4sKFiqiFNi3PgEnxAghayVhiqOLWZqxfA79QNEHcfYnfpAP_IuIyWA-rC0rYJktgFqc9YMryMIu8C9PqhqcsKQ6rJOSM0xWKAlkaMTqXrIzItTL3b4XlAiosQCsynbrjFrFw3WpMc-K3Y7soa0Y54w3O8Sn8oX2vSFKmrGjALDTzLvGx03MeIImzRMgrZpT2OsodjTyYwQfnqLzw0rfq4_gQtNTlQw0g0YezmIFweUq8pWDdtFY4b0ZiuFeezi721pq5pc6oQqUaj6B-fwxGH6htrlEFyjO3mcvVNAcffAxwBnEo2cZLEyaV9bbIZdl-YWNkoCE98XIhPWQebXBGh1BU6uaUnkrTo7X-X79PEztxwp8-LauDvD_iE258u-BHISgzzRu7s4rkEXuLkgdVM1x7DNZoE5NWhiIgkEV363WW8LIZpDd9Qq_Xb9-kkpVE-yeplhFRxw1P5_KFBtQ_J4fEI58-Qzxsn1kVLCBNjf-yklHNvY-33VhN6VRV6TftZDPWEihNeg9v4u4szBZgegHNtSd9Xa6RWtFM9QjY3wNiN73O10cPrJAeiMCEW5lo4tuvHTNd8kaDqGUVYM-zwBHCGXtyuiIDGtm_-SV1TPGNdc4rD-OroZvEzaUhgGDG0s3rb-Nq838ctlvQ1DvVDlVGwwF9BglICP7v2Z1X8gO7HV2E6WryJng0baXvWwfZ94sCyIQ5_ZOKvvGMwBhP_6HkQm8ZWARj7fuYkJDlGBfc79eLQsB_bretl90nd5mFpq4BmAxGpZrHI08FIxIsAyi0IJOc7nZA9dhi2qH6AVFac3Yy8ETARxE6K4hHOxG26WNnXv-GJ7uayPolcw3-EKWWdrrv1K5teeZC6k0mO0q02SWx16kCVkBYh-HpKSU4eD13w_Jtd4e4SzHrOay8qRTNDeqgq92G0f-bkuPuWF6sJOLFophomck-xxVMfgmopr40QQ67fRtrfsHC8mJLMR0CJ9mJ6mpx57_-Nvzkt7UUKSi3YyQRQZIOWHvr5h58vves708vu6aQ9RVRAWpDRgNjyzvPgU3JL1JBr52xIHUSYefDdRdanyam8gmuYaPK7w_yHQzwfV2cc_pnf_JppuYrF8eoV5aSfwE2atm6GdjKhMnD9n5fgWGKuQFq-qEN5_u8OPHFHoRrtVcSoNjvfK9ysCntsQZHnvK4Y4esF6o6RtdIpoI1Ab0hRvHMUoYtwAfR6WJGns0EcVG0BQEFXPmyMbYdA5N3P9egdJczsppjhXqbLuNuuDC9kkv-sOcUU7-pIvLXMYID_m5Tqmvb5Ayk4haH6sebwMm562JvxWNUlNEon_GXJATq0CaMSQEfFrciaEPB0R-3s4I5Zq5Uw9emqOtYQrJDKOAqk5qEYrLlSgd28aaNAns2IgmwTmsdhvMjzAaNF52O4d2JTFbWVSmPDZss39Riv9C1l6GL60XWgrOSGC_F53FSO9u0g-XB2PgVb2Tg7pLqhrRDCqJMqUlRx6R0ZxqNiFmOSXTHPzFCwuXM5zcwmO8n354VJHzYJycIjiQ-tjQMy-5CJlCtGEEFfwLbid-eMmFvzIeE3bRiIvZE50kj4PCPYNgZxiDcj_kVcQhQZfNaQ57LyLCD6Y6SyAtx_IzyPnvDWG53NnKxrvQM8Zaqlx0pCE5Ky_AK1SKapEXc5a8Y5A4xQPuJCpdP8MO07ZAeRK5g6OlGJT2jrGwl2f6itqVMHj2M3Nf7NjeG1gLxceciscrduGjXh8qBum8X0WTx-UQgkMWe6RF2PzmM5MK2PCa487en8FOiXYwFO5ivi4BuZPQgQeuEWBSoE61Vj8cm1i_nsfnUWJmZRVuFqIqYzfJctMl5vgvprhTIgTp_-S5FOoeramT91r5lYBzlInaGqkM8U6MII6DTCxckJvPkf7XfLV2JrwWCyHKVa7xWF3VY5ZcQE6onORkGlAO_yFx4ICO36I_lYtECpbbA1zbu_xuldPp9gd1wjMfxv87_nWC-zI4DJQO--sRP_si1jMYy2xPh4F50XR67Mzit_FOCls8KFivsxwnc3fqnfydsC3LUrnYPAbNrHxzNUG2zSdbwhe25NJ91YMt1tprfzHhgU3csXyyXhU3ITW3lIgJduddJQCLDIfrjO95-9z-fQ_oo5GNbFHmjmDtMz3wqsYJDIYsvqHB_9eZN0F0uD23gG-b0YufgZUxxs6G42b37h6MtTNBsNC5fzgkNDcJ476Zu4v7q4eUXzKT43DKtKA9MHhdYvo-8dUsE_JJWZbHu7k7swQBi_ggjfQRdB-cUiPVMXxZdfccxRV3qfAPVl0xTOebUGk0AJuSkpfSD3jPSc9zNTV630Shl_cOzClAn0vK8tFF32dQhlUFxGur1wcOp9Pfn8UPyhIDOI1D7awqFMHaRFd10EYvu7nYJIckKxXvAmIq6gLQyNhfUCrzAuVAwHi6WkbbgysJ5c2e58ckfweMNJD1bbTEOlrUto-_ASs6tnCmE1V7oXkcyE2YccrKAIoaxkgzaM__RHjDmXa6I0DF1_wUpmVonDkFgcBSnZEpy9ZeKrtYS36Nl8jOImQyiwBCXtTV9yEWsVMP0csxAeW5RfayGlLelqyaUSgqUBonqs1z8SOh2EF5x1A6NV4dkWyyGHowDyJ1VY_K4cjAnLo7JaVfLgT1D5UuwIqAWhBJZQfN6kapBqkerN8pgOujqprD961j8109kfsV5f-bPuaXXaZQTxL0DNruZ5ZbSdfwOTrm5XzK35-WyW2srVTQkGbXV0FwURb4SgBnQm0wZDO3pnlE1Z5XYG8H7Eb6JNcLEzvulbTCqjwnhfGQfvR5_LdIumycHdtzhpBOkBsetHsTu7gESrZHSut9vhUT818YeJdeY0xOjk764Rx1__PBVORQQglckfCOr-eM6rYLKyBoEJ5EN4qM4ct-Nsz2kgBvXcYsI1CbX-IMO2wkkM9kE6C480nzWk7QChbiO9OaVAPaQb4koLLWL4zcLieGmxrHcyo1sccA&cid=CAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ds=l&xdt=1&iif=1&cor=11789341358796150000&adk=2307692975&idt=62&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 06:58:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 191373
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 06:58:24 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 7A2C 12 KB
4 KB 23ms
8ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1696766876110405&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq4IFnJsiZcXeBtbItwf6v5HgCablvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSaAk_QQe65OesN7jlD3TyLjBeFyMTUX91UK31Dvo6A-t23W6f-0_X9L2xMQGM7iKfiw4_xsUJ-RxWqv8N7uVS8L3qKDcmC8UJlzAebxI1UpJF31dyzp7Iz8bt-qBS_rkiCrPe2sWMBCEtmn5N2PxJzzYnJ6-akzeNOm8obL1YGA-_mDl8yxg5MxlFrSMcd_51szpPuTQ8UhlpaWiOzt7smKVhVdIPqpQABWrKBOHFAUW0CiVdEStxPSgstpyC9UxupVD4a6YfBilnjF4xCMnl_owGcOAaLiTPzG8CK9OD6XO4qRSdD6mEclXCFgsybj4BQ208whdWlwQaWG7KyCSmZjiCqAsvQh7CFsBg4n9nGsk9Mq-LmLAtZWNLEcMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIxZyrl7XmgQMVVuTtCh36XwScEAEYASAAEgL35vD_BwE%26num%3D1%26cid%3DCAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB%26sig%3DAOD64_3WvkLt4OEQLZgsyWlx0SpmlI9CAA%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AUwNcFesVIoT5gcx_n-3ouKDiQnCx8I0m-9adqKgplSmpZ1xSv_T43DoAQdFWZE1X5STMBFW7LauQcEbdVWCPd7qfWWR08EmcHs1sxdnXntyMxWO4FD9vIF99l-2g1kSqk1VHYBBCpLYaipjOz7Rswi6AMPgtq7B7Q6GHDrQTdDI6qcgw%26cry%3D1%26dbm_d%3DAKAmf-CvvM_N2D0aCJRl_9CG6Vj6O27kVv79S8ts2z6Kz8MFBCtYRbF15hWtFAgKyIYwHhzU2ZNDhO9wp8GSiHtteCfYcqb7wSKUIkpx_vz3afTwLhYvaIxmcHqq2V8rN58Fy3_kDA2oTVY5aE_3Mabq6TNs2YeB-gGbWerpjo4lDPqDwwZxphMyEBEI8E-dRTqWKqVxztQVn80iJvTTBezkAA9nyy0RliquqV6SQ-nKpBpa5afLYASpa4Y9xjwJ0PXjcr1V_jIhBuwXGKCZmlq67ELg6pY__Zyov3f5XZXPkK7LsRXHf6uVs-BLzLMtuEjlk7S52eg5vK9BOfP71TctVU9ASXvLDHLQcC0ji0l_NdkUNwH3PDiULHU5N7srtkMthtXj4s_rQRVO2qbfRPssdDewasumvFEGBf643lmiy4vlj3b05Va5TFYlzvoMSk8su3t3Po1XAN3jDpcRrWYkDkTygt34aFMk6ESpqxzyggiUc-wQmq0Mkgf-tBzrE4C9VByRjZVpY0LuGOotJeV_w0-tH_9eLBkiA5gGvhx4j0S7h-oKG_8%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d7a91423f366716a9d051921f50a007201c13b33923abe88939c3e8a70c53434

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4245
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C529 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 253105
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:49:32 GMT
expires: Fri, 04 Oct 2024 13:49:32 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal90002.redintelligence.net/ Frame 7A2C 3 KB
2 KB 109ms
80ms Script
application/x-javascript 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=4166d3e4f9&subid=&uid=5b4b0609e73bd95e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq4IFnJsiZcXeBtbItwf6v5HgCablvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSaAk_QQe65OesN7jlD3TyLjBeFyMTUX91UK31Dvo6A-t23W6f-0_X9L2xMQGM7iKfiw4_xsUJ-RxWqv8N7uVS8L3qKDcmC8UJlzAebxI1UpJF31dyzp7Iz8bt-qBS_rkiCrPe2sWMBCEtmn5N2PxJzzYnJ6-akzeNOm8obL1YGA-_mDl8yxg5MxlFrSMcd_51szpPuTQ8UhlpaWiOzt7smKVhVdIPqpQABWrKBOHFAUW0CiVdEStxPSgstpyC9UxupVD4a6YfBilnjF4xCMnl_owGcOAaLiTPzG8CK9OD6XO4qRSdD6mEclXCFgsybj4BQ208whdWlwQaWG7KyCSmZjiCqAsvQh7CFsBg4n9nGsk9Mq-LmLAtZWNLEcMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIxZyrl7XmgQMVVuTtCh36XwScEAEYASAAEgL35vD_BwE%26num%3D1%26cid%3DCAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB%26sig%3DAOD64_3WvkLt4OEQLZgsyWlx0SpmlI9CAA%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AUwNcFesVIoT5gcx_n-3ouKDiQnCx8I0m-9adqKgplSmpZ1xSv_T43DoAQdFWZE1X5STMBFW7LauQcEbdVWCPd7qfWWR08EmcHs1sxdnXntyMxWO4FD9vIF99l-2g1kSqk1VHYBBCpLYaipjOz7Rswi6AMPgtq7B7Q6GHDrQTdDI6qcgw%26cry%3D1%26dbm_d%3DAKAmf-CvvM_N2D0aCJRl_9CG6Vj6O27kVv79S8ts2z6Kz8MFBCtYRbF15hWtFAgKyIYwHhzU2ZNDhO9wp8GSiHtteCfYcqb7wSKUIkpx_vz3afTwLhYvaIxmcHqq2V8rN58Fy3_kDA2oTVY5aE_3Mabq6TNs2YeB-gGbWerpjo4lDPqDwwZxphMyEBEI8E-dRTqWKqVxztQVn80iJvTTBezkAA9nyy0RliquqV6SQ-nKpBpa5afLYASpa4Y9xjwJ0PXjcr1V_jIhBuwXGKCZmlq67ELg6pY__Zyov3f5XZXPkK7LsRXHf6uVs-BLzLMtuEjlk7S52eg5vK9BOfP71TctVU9ASXvLDHLQcC0ji0l_NdkUNwH3PDiULHU5N7srtkMthtXj4s_rQRVO2qbfRPssdDewasumvFEGBf643lmiy4vlj3b05Va5TFYlzvoMSk8su3t3Po1XAN3jDpcRrWYkDkTygt34aFMk6ESpqxzyggiUc-wQmq0Mkgf-tBzrE4C9VByRjZVpY0LuGOotJeV_w0-tH_9eLBkiA5gGvhx4j0S7h-oKG_8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D4007130386%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875795%26bpp%3D4%26bdt%3D270%26idt%3D270%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D2812134470218%26frm%3D20%26pv%3D2%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D1131%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D286&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=3025932289093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1696766876110405&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq4IFnJsiZcXeBtbItwf6v5HgCablvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSaAk_QQe65OesN7jlD3TyLjBeFyMTUX91UK31Dvo6A-t23W6f-0_X9L2xMQGM7iKfiw4_xsUJ-RxWqv8N7uVS8L3qKDcmC8UJlzAebxI1UpJF31dyzp7Iz8bt-qBS_rkiCrPe2sWMBCEtmn5N2PxJzzYnJ6-akzeNOm8obL1YGA-_mDl8yxg5MxlFrSMcd_51szpPuTQ8UhlpaWiOzt7smKVhVdIPqpQABWrKBOHFAUW0CiVdEStxPSgstpyC9UxupVD4a6YfBilnjF4xCMnl_owGcOAaLiTPzG8CK9OD6XO4qRSdD6mEclXCFgsybj4BQ208whdWlwQaWG7KyCSmZjiCqAsvQh7CFsBg4n9nGsk9Mq-LmLAtZWNLEcMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIxZyrl7XmgQMVVuTtCh36XwScEAEYASAAEgL35vD_BwE%26num%3D1%26cid%3DCAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB%26sig%3DAOD64_3WvkLt4OEQLZgsyWlx0SpmlI9CAA%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AUwNcFesVIoT5gcx_n-3ouKDiQnCx8I0m-9adqKgplSmpZ1xSv_T43DoAQdFWZE1X5STMBFW7LauQcEbdVWCPd7qfWWR08EmcHs1sxdnXntyMxWO4FD9vIF99l-2g1kSqk1VHYBBCpLYaipjOz7Rswi6AMPgtq7B7Q6GHDrQTdDI6qcgw%26cry%3D1%26dbm_d%3DAKAmf-CvvM_N2D0aCJRl_9CG6Vj6O27kVv79S8ts2z6Kz8MFBCtYRbF15hWtFAgKyIYwHhzU2ZNDhO9wp8GSiHtteCfYcqb7wSKUIkpx_vz3afTwLhYvaIxmcHqq2V8rN58Fy3_kDA2oTVY5aE_3Mabq6TNs2YeB-gGbWerpjo4lDPqDwwZxphMyEBEI8E-dRTqWKqVxztQVn80iJvTTBezkAA9nyy0RliquqV6SQ-nKpBpa5afLYASpa4Y9xjwJ0PXjcr1V_jIhBuwXGKCZmlq67ELg6pY__Zyov3f5XZXPkK7LsRXHf6uVs-BLzLMtuEjlk7S52eg5vK9BOfP71TctVU9ASXvLDHLQcC0ji0l_NdkUNwH3PDiULHU5N7srtkMthtXj4s_rQRVO2qbfRPssdDewasumvFEGBf643lmiy4vlj3b05Va5TFYlzvoMSk8su3t3Po1XAN3jDpcRrWYkDkTygt34aFMk6ESpqxzyggiUc-wQmq0Mkgf-tBzrE4C9VByRjZVpY0LuGOotJeV_w0-tH_9eLBkiA5gGvhx4j0S7h-oKG_8%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 3de7fc76e5009d57c09f9904e4bd0a66186148c27a3abf36e76be195ef5a1b65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 59647800060621104444994012471002
Connection: close
Content-Length: 1125
Expires: Sun, 08 Oct 2023 13:07:57 +0200

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame C529 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 13:22:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C529 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdTpUnZsiZabODIr1gAeNw5ywBAAAAAA4AeAEAg&bg=!lJell9jNAAYMG8UMLBs7ADQBe5WfOOhs1EVhvT5NhGZsVjNiKeT-bcDFwtS6-9OMU6-cWHUHEtK4c6eI8E706uIEZjREAgAAADtSAAAABWgBB5kDEVrXUm94PVN97G-S1cpTYGX25EhBzNddqTtiM8H1ZkyU7tgL1-lZ9KZSOTUIOVyQeGWpC5u2szqGEMcO4s8KvrQcfcLEKJW9pt8S4_Vx8elb3h1Lfvd45lB0Krj5f6XfNbOBS8uGFJrVBqDPd79IS0oG9iA5XexePGl4K692Ap2WhRvrtXAg68Hrvm0UYe0iQAy4IlxVjH7cXGBvXp9nLcyo5j2fHDVXQIskE3RktkQpFrU3cuTUvGIxjLRizq8fxS6HpyWPVaKYBlL0eS1xHU1ohu7UZ3hfROHjhGGETbKl-96tR_U4YWO2dFUdDNJxgBrE29axlW72hzjBeAM0s3ePyobad58Y8lbvkkaEIT_kZ3aqUYsaUwCV2g_AWvjWDHgzibs0zhr9ufmYDRUwRGrp6N3Ae9FHA5_-89e7Ae7Qxj_cayeC3ETPNA9a5IvKkmagG2q5qaFVtHazncvbiR-c7Y28wHDcrY4e7GprIJyCYBR-DbWnfwWifkFtVwLy4bika_Gk3cotCqF4xDhyrd4IFi-D6qV0i1M_rqgNWCWXAsdB56c8nuoOl-NVC72xmV6xT_YYvjcy95nN9X1a1h5TLchffFr7nQLvJ5ytIqnPyT9OAH4sp8qqqgqypltVbr36TyGEilXsQYeXZ8vXb9z3UhT-ksRW5TUKPXLbJqvXQz-pL14fNDyi_aCvZDUaq3NBi2bJWYgsrkdclHhLYCzJajCdVozzCYvAvi9p7inm3F6U8xHweo1j5OfReBYlEKWYPkU9bGUEW9gicRlfzWY29D8532g2SpyRkMrgZ0fZg3Y2ZM1gWnkhN8nE4wfxe8BSK7lRaz-ojiMV2Y800d6vtRvb9FAPAuM7qxQFhPSn3pT0WlhSCfeICnSHxZDdWVYoTsbZRe1CNQw-JZyPom_x1PYXxd7hxDE25VH2Sc9fZpsETfSJbgywIRVXaYSYhkSAHzHJHlmZ9Obh8-MvfdEYIBji8MdPrDgWMPKZQjRmjUq3ZNMYN8wOFlCsF1Mityp2LBEx78aY2iqnVUog7XDT

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

htlp Show response
futalis.de/ Frame 7021
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=59647800060621104444994012471002&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3171492383

350 B
401 B

38ms
11ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3171492383
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=4166d3e4f9&subid=&uid=5b4b0609e73bd95e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq4IFnJsiZcXeBtbItwf6v5HgCablvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSaAk_QQe65OesN7jlD3TyLjBeFyMTUX91UK31Dvo6A-t23W6f-0_X9L2xMQGM7iKfiw4_xsUJ-RxWqv8N7uVS8L3qKDcmC8UJlzAebxI1UpJF31dyzp7Iz8bt-qBS_rkiCrPe2sWMBCEtmn5N2PxJzzYnJ6-akzeNOm8obL1YGA-_mDl8yxg5MxlFrSMcd_51szpPuTQ8UhlpaWiOzt7smKVhVdIPqpQABWrKBOHFAUW0CiVdEStxPSgstpyC9UxupVD4a6YfBilnjF4xCMnl_owGcOAaLiTPzG8CK9OD6XO4qRSdD6mEclXCFgsybj4BQ208whdWlwQaWG7KyCSmZjiCqAsvQh7CFsBg4n9nGsk9Mq-LmLAtZWNLEcMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIxZyrl7XmgQMVVuTtCh36XwScEAEYASAAEgL35vD_BwE%26num%3D1%26cid%3DCAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB%26sig%3DAOD64_3WvkLt4OEQLZgsyWlx0SpmlI9CAA%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AUwNcFesVIoT5gcx_n-3ouKDiQnCx8I0m-9adqKgplSmpZ1xSv_T43DoAQdFWZE1X5STMBFW7LauQcEbdVWCPd7qfWWR08EmcHs1sxdnXntyMxWO4FD9vIF99l-2g1kSqk1VHYBBCpLYaipjOz7Rswi6AMPgtq7B7Q6GHDrQTdDI6qcgw%26cry%3D1%26dbm_d%3DAKAmf-CvvM_N2D0aCJRl_9CG6Vj6O27kVv79S8ts2z6Kz8MFBCtYRbF15hWtFAgKyIYwHhzU2ZNDhO9wp8GSiHtteCfYcqb7wSKUIkpx_vz3afTwLhYvaIxmcHqq2V8rN58Fy3_kDA2oTVY5aE_3Mabq6TNs2YeB-gGbWerpjo4lDPqDwwZxphMyEBEI8E-dRTqWKqVxztQVn80iJvTTBezkAA9nyy0RliquqV6SQ-nKpBpa5afLYASpa4Y9xjwJ0PXjcr1V_jIhBuwXGKCZmlq67ELg6pY__Zyov3f5XZXPkK7LsRXHf6uVs-BLzLMtuEjlk7S52eg5vK9BOfP71TctVU9ASXvLDHLQcC0ji0l_NdkUNwH3PDiULHU5N7srtkMthtXj4s_rQRVO2qbfRPssdDewasumvFEGBf643lmiy4vlj3b05Va5TFYlzvoMSk8su3t3Po1XAN3jDpcRrWYkDkTygt34aFMk6ESpqxzyggiUc-wQmq0Mkgf-tBzrE4C9VByRjZVpY0LuGOotJeV_w0-tH_9eLBkiA5gGvhx4j0S7h-oKG_8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D4007130386%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875795%26bpp%3D4%26bdt%3D270%26idt%3D270%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D2812134470218%26frm%3D20%26pv%3D2%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D1131%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D286&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=3025932289093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 08 Oct 2023 12:07:57 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3171492383
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H/1.1 200
OK 89f7480c0afa0150827cf163f8728151 Show response
pv.medialead.de/trck/epv/ Frame D634 0
465 B 111ms
110ms Document
application/javascript 145.239.193.130
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.medialead.de/trck/epv/89f7480c0afa0150827cf163f8728151?subid=59647800060621104444994012471002&t=htlp&gdpr=1&consent=1&gdpr_consent=

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=4166d3e4f9&subid=&uid=5b4b0609e73bd95e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq4IFnJsiZcXeBtbItwf6v5HgCablvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSaAk_QQe65OesN7jlD3TyLjBeFyMTUX91UK31Dvo6A-t23W6f-0_X9L2xMQGM7iKfiw4_xsUJ-RxWqv8N7uVS8L3qKDcmC8UJlzAebxI1UpJF31dyzp7Iz8bt-qBS_rkiCrPe2sWMBCEtmn5N2PxJzzYnJ6-akzeNOm8obL1YGA-_mDl8yxg5MxlFrSMcd_51szpPuTQ8UhlpaWiOzt7smKVhVdIPqpQABWrKBOHFAUW0CiVdEStxPSgstpyC9UxupVD4a6YfBilnjF4xCMnl_owGcOAaLiTPzG8CK9OD6XO4qRSdD6mEclXCFgsybj4BQ208whdWlwQaWG7KyCSmZjiCqAsvQh7CFsBg4n9nGsk9Mq-LmLAtZWNLEcMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIxZyrl7XmgQMVVuTtCh36XwScEAEYASAAEgL35vD_BwE%26num%3D1%26cid%3DCAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB%26sig%3DAOD64_3WvkLt4OEQLZgsyWlx0SpmlI9CAA%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AUwNcFesVIoT5gcx_n-3ouKDiQnCx8I0m-9adqKgplSmpZ1xSv_T43DoAQdFWZE1X5STMBFW7LauQcEbdVWCPd7qfWWR08EmcHs1sxdnXntyMxWO4FD9vIF99l-2g1kSqk1VHYBBCpLYaipjOz7Rswi6AMPgtq7B7Q6GHDrQTdDI6qcgw%26cry%3D1%26dbm_d%3DAKAmf-CvvM_N2D0aCJRl_9CG6Vj6O27kVv79S8ts2z6Kz8MFBCtYRbF15hWtFAgKyIYwHhzU2ZNDhO9wp8GSiHtteCfYcqb7wSKUIkpx_vz3afTwLhYvaIxmcHqq2V8rN58Fy3_kDA2oTVY5aE_3Mabq6TNs2YeB-gGbWerpjo4lDPqDwwZxphMyEBEI8E-dRTqWKqVxztQVn80iJvTTBezkAA9nyy0RliquqV6SQ-nKpBpa5afLYASpa4Y9xjwJ0PXjcr1V_jIhBuwXGKCZmlq67ELg6pY__Zyov3f5XZXPkK7LsRXHf6uVs-BLzLMtuEjlk7S52eg5vK9BOfP71TctVU9ASXvLDHLQcC0ji0l_NdkUNwH3PDiULHU5N7srtkMthtXj4s_rQRVO2qbfRPssdDewasumvFEGBf643lmiy4vlj3b05Va5TFYlzvoMSk8su3t3Po1XAN3jDpcRrWYkDkTygt34aFMk6ESpqxzyggiUc-wQmq0Mkgf-tBzrE4C9VByRjZVpY0LuGOotJeV_w0-tH_9eLBkiA5gGvhx4j0S7h-oKG_8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D4007130386%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875795%26bpp%3D4%26bdt%3D270%26idt%3D270%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D2812134470218%26frm%3D20%26pv%3D2%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D1131%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D286&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=3025932289093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

145.239.193.130 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sun, 08 Oct 2023 12:07:57 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
strict-transport-security: max-age=15768000
vary: Origin
x-iplb-instance: 40027
x-iplb-request-id: 50FF0ACA:E5A8_91EFC182:01BB_65229B9D_ED5B00:1D8B7

GET
H3

200

activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001 Show response
8019191.fls.doubleclick.net/ Frame D3E3
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001?

391 B
239 B

52ms
52ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001?

Requested by

Host: www.erweiteredeinwissen.de
URL: http://www.erweiteredeinwissen.de/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

8c9bc64b1fd233c4226de6a0fea7e051719d2c1f4ac187e633fd8996580cf66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Sun, 08 Oct 2023 12:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90002.redintelligence.net/ Frame E178 7 KB
2 KB 22ms
8ms Document
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=4166d3e4f9&subid=&uid=5b4b0609e73bd95e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCq4IFnJsiZcXeBtbItwf6v5HgCablvaBpvZOcp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSaAk_QQe65OesN7jlD3TyLjBeFyMTUX91UK31Dvo6A-t23W6f-0_X9L2xMQGM7iKfiw4_xsUJ-RxWqv8N7uVS8L3qKDcmC8UJlzAebxI1UpJF31dyzp7Iz8bt-qBS_rkiCrPe2sWMBCEtmn5N2PxJzzYnJ6-akzeNOm8obL1YGA-_mDl8yxg5MxlFrSMcd_51szpPuTQ8UhlpaWiOzt7smKVhVdIPqpQABWrKBOHFAUW0CiVdEStxPSgstpyC9UxupVD4a6YfBilnjF4xCMnl_owGcOAaLiTPzG8CK9OD6XO4qRSdD6mEclXCFgsybj4BQ208whdWlwQaWG7KyCSmZjiCqAsvQh7CFsBg4n9nGsk9Mq-LmLAtZWNLEcMAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIxZyrl7XmgQMVVuTtCh36XwScEAEYASAAEgL35vD_BwE%26num%3D1%26cid%3DCAQSSwDICaaN0JVH1E36tefD3Q_24fE8G1-26uCm42F7Z9rpS03JkrStdxzPl3UM6Xd3U920fT_jW_-tHZDSnddSgoDuHfhbvPnU8GXYghgB%26sig%3DAOD64_3WvkLt4OEQLZgsyWlx0SpmlI9CAA%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AUwNcFesVIoT5gcx_n-3ouKDiQnCx8I0m-9adqKgplSmpZ1xSv_T43DoAQdFWZE1X5STMBFW7LauQcEbdVWCPd7qfWWR08EmcHs1sxdnXntyMxWO4FD9vIF99l-2g1kSqk1VHYBBCpLYaipjOz7Rswi6AMPgtq7B7Q6GHDrQTdDI6qcgw%26cry%3D1%26dbm_d%3DAKAmf-CvvM_N2D0aCJRl_9CG6Vj6O27kVv79S8ts2z6Kz8MFBCtYRbF15hWtFAgKyIYwHhzU2ZNDhO9wp8GSiHtteCfYcqb7wSKUIkpx_vz3afTwLhYvaIxmcHqq2V8rN58Fy3_kDA2oTVY5aE_3Mabq6TNs2YeB-gGbWerpjo4lDPqDwwZxphMyEBEI8E-dRTqWKqVxztQVn80iJvTTBezkAA9nyy0RliquqV6SQ-nKpBpa5afLYASpa4Y9xjwJ0PXjcr1V_jIhBuwXGKCZmlq67ELg6pY__Zyov3f5XZXPkK7LsRXHf6uVs-BLzLMtuEjlk7S52eg5vK9BOfP71TctVU9ASXvLDHLQcC0ji0l_NdkUNwH3PDiULHU5N7srtkMthtXj4s_rQRVO2qbfRPssdDewasumvFEGBf643lmiy4vlj3b05Va5TFYlzvoMSk8su3t3Po1XAN3jDpcRrWYkDkTygt34aFMk6ESpqxzyggiUc-wQmq0Mkgf-tBzrE4C9VByRjZVpY0LuGOotJeV_w0-tH_9eLBkiA5gGvhx4j0S7h-oKG_8%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9373112202773231%26output%3Dhtml%26h%3D280%26slotname%3D5297406221%26adk%3D1442442656%26adf%3D4007130386%26pi%3Dt.ma~as.5297406221%26w%3D625%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1696759676%26rafmt%3D1%26format%3D625x280%26url%3Dhttp%253A%252F%252Fwww.erweiteredeinwissen.de%252F%26ea%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1696766875795%26bpp%3D4%26bdt%3D270%26idt%3D270%26shv%3Dr20231004%26mjsv%3Dm202310030101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D2812134470218%26frm%3D20%26pv%3D2%26ga_vid%3D401643022.1696766876%26ga_sid%3D1696766876%26ga_hid%3D1687835822%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D320%26ady%3D1131%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44802212%252C42532335%252C44804782%252C31078301%252C31078673%252C31078601%26oid%3D2%26pvsid%3D2539810029932652%26tmod%3D100059771%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoEe%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D286&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttp%3A%2F%2Fwww.erweiteredeinwissen.de&random=3025932289093&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 1b8a19474c0f0fbfc3151b31517b1fe5f278aa705eb5aa86ce7dc66de526dca8

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2103
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Oct 2023 12:07:57 GMT
Expires: Sun, 08 Oct 2023 13:07:57 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7A2C 43 B
702 B 47ms
47ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=59647800060621104444994012471002&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=280&slotname=5297406221&adk=1442442656&adf=4007130386&pi=t.ma~as.5297406221&w=625&fwrn=4&fwrnh=100&lmt=1696759676&rafmt=1&format=625x280&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1696766875795&bpp=4&bdt=270&idt=270&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&correlator=2812134470218&frm=20&pv=2&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=1131&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&dtd=286

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:57 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 7A2C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72b9e1fe7675f4b21425a0d68646150f9b0b3bdbb4c0352920f902b90061bb64

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame E178 5 KB
755 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 11:58:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E178 13 KB
13 KB 22ms
8ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d38306273a18646de77aed11b497747888f8228f6c28c461cb157a6788dee582

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12996
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E178 17 KB
17 KB 22ms
8ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 7dc550545f837a2659f7250830fc3ed224e25859f3ded95d20006e64a5f69155

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16841
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame E178 13 KB
13 KB 24ms
8ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/50502/creativesup/Fyrst-1200x627.jpg
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 1587228dc3e608fa2778b1384f22955898d4bd18bb21adf4db4827a7ab556430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13285
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90002.redintelligence.net/ Frame E178 0
150 B 22ms
8ms Script
text/html 46.4.10.47
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90002.redintelligence.net/viewability?s=59647800060621104444994012471002&a=8f7eb7b0&vb=m
Requested by: Host: hal90002.redintelligence.net
URL: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.47 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.47.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90002.redintelligence.net/request_content.php?s=59647800060621104444994012471002&a=b1acaf14
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame E178 14 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90002.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 243852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:23:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame E178 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90002.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 183900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 09:02:57 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 7021 5 KB
5 KB 5ms
5ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3171492383
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001
adservice.google.com/ddm/fls/z/ Frame D3E3 42 B
107 B 46ms
45ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CP21_pe15oEDFYgPogMdQeUEnQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=873080428804.7001?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 153A 42 B
63 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkExJS57PIqPaV57rtALDUG3PW9Pb8-FWq8hZLWEZI9cuQ3MCTmKOK0q3x59sijle7nrZEWA97yMYiM9CvmvWfTqrfGUbiFoHAPOl6GdE1GnLpcXI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 153A 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16076828709430516781&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 153A 89 KB
31 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31491
x-xss-protection: 0
server: cafe
etag: 6167930392490353973
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 153A 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 22 Oct 2023 11:58:18 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 153A 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 13:33:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 153A 187 KB
59 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 12:07:57 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9EE6 640 B
265 B 48ms
48ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUEtxxLMr6yhioajkN0l6gjlOICAqjDTLTaS3bMNtUeRjqN-7EzO_ZSkrNLf-J-wN0qULvGXLIuKuF_FEfq_Iqo0kXQUay5m66xHKeL1Le9d3MFjak21Dxx5BtMzlwZCP_jCTV_y0ZBTskKsZ4zF3Gjx_pzAn191E5x9Z0ooW9HfMjz5_s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:57 GMT
expires: Sun, 08 Oct 2023 12:07:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9EE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIitsd2ukkDoM79iGZRQ1u0&google_cver=1

43 B
273 B

28ms
17ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIitsd2ukkDoM79iGZRQ1u0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUEtxxLMr6yhioajkN0l6gjlOICAqjDTLTaS3bMNtUeRjqN-7EzO_ZSkrNLf-J-wN0qULvGXLIuKuF_FEfq_Iqo0kXQUay5m66xHKeL1Le9d3MFjak21Dxx5BtMzlwZCP_jCTV_y0ZBTskKsZ4zF3Gjx_pzAn191E5x9Z0ooW9HfMjz5_s
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIitsd2ukkDoM79iGZRQ1u0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 9EE6 43 B
145 B 47ms
17ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUEtxxLMr6yhioajkN0l6gjlOICAqjDTLTaS3bMNtUeRjqN-7EzO_ZSkrNLf-J-wN0qULvGXLIuKuF_FEfq_Iqo0kXQUay5m66xHKeL1Le9d3MFjak21Dxx5BtMzlwZCP_jCTV_y0ZBTskKsZ4zF3Gjx_pzAn191E5x9Z0ooW9HfMjz5_s
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 9EE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEP1pN1gSH79aA3fuZclnne4&google_cver=1

23 B
163 B

55ms
33ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEP1pN1gSH79aA3fuZclnne4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUEtxxLMr6yhioajkN0l6gjlOICAqjDTLTaS3bMNtUeRjqN-7EzO_ZSkrNLf-J-wN0qULvGXLIuKuF_FEfq_Iqo0kXQUay5m66xHKeL1Le9d3MFjak21Dxx5BtMzlwZCP_jCTV_y0ZBTskKsZ4zF3Gjx_pzAn191E5x9Z0ooW9HfMjz5_s
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 08 Oct 2023 12:07:57 GMT
pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEP1pN1gSH79aA3fuZclnne4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 9EE6 23 B
163 B 74ms
34ms Image
image/gif 2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUEtxxLMr6yhioajkN0l6gjlOICAqjDTLTaS3bMNtUeRjqN-7EzO_ZSkrNLf-J-wN0qULvGXLIuKuF_FEfq_Iqo0kXQUay5m66xHKeL1Le9d3MFjak21Dxx5BtMzlwZCP_jCTV_y0ZBTskKsZ4zF3Gjx_pzAn191E5x9Z0ooW9HfMjz5_s
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 08 Oct 2023 12:07:57 GMT
pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 153A 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7381227065944&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 153A 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7381227065944&version=m202309260101&ct=77&x=1&cor=16076828709430518000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 153A 16 KB
12 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AF-DgKZwfLJSzKzE6zHs9i5crYDrdy0DhGPzrlo0tlZxSirggesNspLeDTf73S-xJwNyZPamTohgyRi2-F027FN7exiorLgNpZauXn6pv2Bi1K1_cITqOY8QsebislQQnr6daupcliXV22iSBdMxSbDCGlQljzdQVDLdZYPi0at5FK0NQ&cry=1&dbm_d=AKAmf-CxJ68hlK-EabLCeyrhj7Fn3uNSICMCf-b0UDs8yn0BQbwjacUdr4qC-QawYLnBVYrDTUCqqP7xYXI0sdqi_HMrJHZ-z2qUb_PXBPTbSkrDtPSuYMZNiG5mcUWFXJ2ew_CzwnsQWezBxFXXY6cw4YLUGv3O_8l7TpyHCpvBicshvxrXUmiTGfFyn0yvQlUIQOkfydLNbctllFo_bFGaEF2U-D29Wg6ofZ6e3hLouwvNboZ3iiGTjxH8pHrjAYWAeAm7Z-0oXEejjbDwywDHFA3w6bZWAg-nAHHPbeDnPYTVQjQI4Qg8Ud08K3gSSEUy9xGak7DwdgRzBVVPyNRRUYNDpeCaLxV6_waIm83HZltH6o1trIPKtv6eXVxEBHgZgrJDvDwpyUpUYw91XXstc5V-Q25zv52WPkWrW9NvFf_Vq6wxfpZp9wndzV91iKKHdFqxhA13OdyHSQ9njZX3GGcKmXsmeeOeuJQm-xpwBbeCEPesvVk4kuSJMwTgGCLnSj5MZuBs4GIHMmwsfygADnxsEJQP6RDZNLbD0hTTmREOLQUQ9-Q2cbFWj5es5pMN6GC9B611DBkLjbUgGEqyKptbFuIVbuhjQ2WPAzbRdEePt2CWqI5DbCxirVBTxlurM3K4r3IMgv944fSQGVZdVxmJViViQWjw0BPObRQieNI5r70aN-GNuILHdF5J2PNg9rA7hpQhQTAsyzDrR4EpV2a8jg2UsIeLJEpaLQ05XsyZJbvoHuiIGMeOVs82NJuPoT3akvBwQRsEImGwiWk-Z8jeJLJisOLH_Z7GHf5fr-9Dlxc_PkwxqGSSTUsP9Tp963BNrk9zLY38H6e1RB8EHrQK6Lq3XDFbhfW0Z2QLxSGQd00iCB2ctEJB8vbyHchd3LUdROuuNMt22n214WaxKoWZ8mZm_THEq7L530BitPam_l_fB5tpR5j_OeUzEhFcwLTGG7xnYw6u-v6NUPrzeWsMi-BJpdcWEgqJuVvcjzsDxNcE6-WqHgmNgR427rVNo3PCpQHV8R0o0jhqH5GxmQio_UCWd4D51SwWGZF1pMFOfXaFKqIvRbo9dYzfGQEalWOj9rLGwAun9lGjjqRWTrkMywcKQkkV2JrUh-85PyBMbOe1eGmWeodVBNejMfHLXyXfZT7blJOsbUUFgev6N3N1JPQQ-k_gIVoozGgA8kQq4l1qASgq7w__EC5Q1FsLXOs5L3YukB_NTVeM9CPdf9n2vx-UDVhc-9oYX6YvIoHFY4Kqy2vkSFhiOWUjkjsOPpK-x2p_P8w2euLFFbXev4UXNY_qJa4d02pXhV-uXKtgjrSs4lLVxAzJjlc0KKLGWUqj5F_Nxr34iJwwQTVQ1M11KXRs_JrD_YcHLw4X9mhNWjR4dvwBcqgpAlsCRrEjjDHw0On42MiNyDSSqpHRvUlVrfBqqxscfUFjTcc_fzC_OvlJkICWCDA61pxL84WF12bOtoTYriaYOAud54KqOOxOWr_GTaKOn_OEDo3gnfLVxGmEHbNpMQxG7Ue-Pw-SEPetGPnptB7EBpZKZbHX-COlEi2RUjYTunBxTz23E_yoFpsinhFOD3tE8spt36pw8YN2qt46QekrUG7dl0rknQWd_epLOnUFlD1fzsPUrx18uzbN52WceMosU2bmM1FygO-IpeNapgv4jEjvZJARW2c_dsRDguHYfAV7vtdqFmSR1XR1EjCBJu42oy6zqJnU0f98ntpmFPi45g46gsLQDVm2dckgJqNAJthzLk3tX6XhPCirnikfdC676un42Gn6a9edv2ujGAvmzyr0shU3IQ2Fs6N95eUyrMyXgUgSl03wy1AByZQaVEJPpyZrh1JuSzllthTOH6RGn3q8f-fG1BC6-jJLoNHHEwbm2s0mhm7GrOpuymWzRMcJ5d4MjhFyZmogqzxE31IVhxw8gJrCL-skJq-Xixd-gmyV1kQj9mrLoUyfcF3jS3ebcdR_xRUbC_s2qu4sQ8zMfGRcMn3Ban0aeNSiir1-4_UcsrdHTi9oIA6MyoqxU0JyI6ddHOYA4hMMs2eAbFjiZ7v7RIcfFt2egacJkdpNBlhYF6kHiMLoD4LfRalBJgoUUdey29nNUtkQSga0X_ZY0QtxXkzgoLNNQDZkbrEKroqtMEna-ahaL8REqKafA2sN5wjg-0xyptzgrPBUv9xGBq6yB1jd9f5zkYQw_bKKPlbvnQstoQtv0fIL4tHhYMDchRe7IRIJDcenzIlV98T1YvBCIC9LDGyAlqUud1s4GR3pWiu-RXijOiouAUVBn7kpBLr4o7_zDD0R9tm3NMiFLgxJjJgQHLZ7sSvbG24clULslHDhCs2o4Q7VTP01EVfm7tGpF45dGHLM4YM5gy7iGdtd_6Tx88-A3N7uePBGCuyZrhcLgGg_5W27dqNbAlaqx4IaGVhZYaBbz2Pv1k23MI30wSgwFo4xAUqU4uD4Fday-tgTzGPIDV_CPkMqXhgvOy-Fd9aQbUuts7Pz5kiLMm0yOL6PgTBzU48aMr2UU4HpODG03v_X-Tbi2kfm1RNsbxNRa8qz35-aq9CNxn5Dvzdbjvh1MpJsfjdjtc2cGcb3VRQfuM9NIs6vWuqFEwa-z6VIRsoNXWrZwSbG-sgGL9_PIjG5gX_jqPS1yuSGAZNgvL2m6MzlwEO6CIQGy-cczCml2FfGlvhSmeStp1m96ycPJhTfZsgYCqWTbB6Vdm7LkV8WcEoilURSHCOiuptQrnv1Gn3jkIsLwy_z0wOEGg2QZCrEHiWs3BqCCu5F0R97n_Bpd9htij2Tp5rV0xBJLH51_srFYGhy3KTi0Ix7rQ2FxK84pvXqAcMRblSOr_wSTwxNrGYHENSaK-dbhY1sfm7Xgp8edOBp1fNZIwM9OIQnGqrG8oCSNvL3DJ6W4mYm5U2bc1oO6C25xrVwOVWBkSrTF1b13MYTc6MYRLgnfkt2yTo_IfAZE5z_YlqEhajChihTvfaMxGcL90CJHUzh6Wku_nUDbJbWC-xpLTtt8HUwMTbaplobeJmbvRKczWytkNRJNBnyJNkpuuAQPCVauOZ_6S4Kz6-zIo5H_D2h8CnncLGq2ozG1T9VHSaiIgCl0xukww8EtuPOwnQ_dLTZZpImsPe-NXawGOk8cryRDYyhJ1ZWlmxglMvBGU_hKv-slv4sInUmgv-OeIedSmO9ll4ITmbsvT3SxZNOZhVJ9l5pP4vGaenxumu06E9Sf5fTUCt_lvhPst_DyqF4ZZFyDUfIwVgtNzUlx0wvK6_n4MSJWLGT2GlBlTsEHodk0Q3rLTXhkWZ1NKaRSPMhujOKd4tfG5ovUwxgslUcDA4JSnT9g42_-lSPUB5X_lKODScj4AhHzJt4MOVozIevKzhy8aeBMZ3S-ekIA8fwS_HabAGylyFCw8VgaoibCnZiiGkK0jLCEvxFzEVXMC-EoaQfXm9r1wO90rOpdrA11K7rcowSU_j-ada5prVh-N-f_heJSPiXad8-tXIRftKPD6djZ6jJCE2R5TsPONmAR_V9OOVRzdp9EfOqEz5l9_Ksn8E3lGp6o4-jQNzhtBtGJaBRonW8ToRBv_X1q3vecmMscuOre7jV3lIXQsxW1QjKexN9dPe7s0ZJROEYhPTB3bRRc5xbeXBNxAq-qNDGH_wpe8ubrm8MjFt76oFvUnLchXJnDNPi-QeaawKuKK2QwSJJIVLqIR1hT8vLP5uWtWuOgdP9KLHb4eWZc4a47g4s3AurjfnrMSYclNy8SSnaGnjK1vVYLhHbkqeb1VSKzWRM1XF1vFyOEVlxpbIJi2fO7Zf4kTTomDdiQInTSKqPctjSlSzqSCWCrM1wdPmGfwbyu8zQKpm52oExrUPPUey6ocbfTTr_LBS133TkP4Q&cid=CAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ds=l&xdt=1&iif=1&cor=16076828709430518000&adk=250412560&idt=95&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bad2540f4791c570d6c9f54cf033185ce58c7694d73a27b5838fe3c9577a9a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 153A 41 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AF-DgKZwfLJSzKzE6zHs9i5crYDrdy0DhGPzrlo0tlZxSirggesNspLeDTf73S-xJwNyZPamTohgyRi2-F027FN7exiorLgNpZauXn6pv2Bi1K1_cITqOY8QsebislQQnr6daupcliXV22iSBdMxSbDCGlQljzdQVDLdZYPi0at5FK0NQ&cry=1&dbm_d=AKAmf-CxJ68hlK-EabLCeyrhj7Fn3uNSICMCf-b0UDs8yn0BQbwjacUdr4qC-QawYLnBVYrDTUCqqP7xYXI0sdqi_HMrJHZ-z2qUb_PXBPTbSkrDtPSuYMZNiG5mcUWFXJ2ew_CzwnsQWezBxFXXY6cw4YLUGv3O_8l7TpyHCpvBicshvxrXUmiTGfFyn0yvQlUIQOkfydLNbctllFo_bFGaEF2U-D29Wg6ofZ6e3hLouwvNboZ3iiGTjxH8pHrjAYWAeAm7Z-0oXEejjbDwywDHFA3w6bZWAg-nAHHPbeDnPYTVQjQI4Qg8Ud08K3gSSEUy9xGak7DwdgRzBVVPyNRRUYNDpeCaLxV6_waIm83HZltH6o1trIPKtv6eXVxEBHgZgrJDvDwpyUpUYw91XXstc5V-Q25zv52WPkWrW9NvFf_Vq6wxfpZp9wndzV91iKKHdFqxhA13OdyHSQ9njZX3GGcKmXsmeeOeuJQm-xpwBbeCEPesvVk4kuSJMwTgGCLnSj5MZuBs4GIHMmwsfygADnxsEJQP6RDZNLbD0hTTmREOLQUQ9-Q2cbFWj5es5pMN6GC9B611DBkLjbUgGEqyKptbFuIVbuhjQ2WPAzbRdEePt2CWqI5DbCxirVBTxlurM3K4r3IMgv944fSQGVZdVxmJViViQWjw0BPObRQieNI5r70aN-GNuILHdF5J2PNg9rA7hpQhQTAsyzDrR4EpV2a8jg2UsIeLJEpaLQ05XsyZJbvoHuiIGMeOVs82NJuPoT3akvBwQRsEImGwiWk-Z8jeJLJisOLH_Z7GHf5fr-9Dlxc_PkwxqGSSTUsP9Tp963BNrk9zLY38H6e1RB8EHrQK6Lq3XDFbhfW0Z2QLxSGQd00iCB2ctEJB8vbyHchd3LUdROuuNMt22n214WaxKoWZ8mZm_THEq7L530BitPam_l_fB5tpR5j_OeUzEhFcwLTGG7xnYw6u-v6NUPrzeWsMi-BJpdcWEgqJuVvcjzsDxNcE6-WqHgmNgR427rVNo3PCpQHV8R0o0jhqH5GxmQio_UCWd4D51SwWGZF1pMFOfXaFKqIvRbo9dYzfGQEalWOj9rLGwAun9lGjjqRWTrkMywcKQkkV2JrUh-85PyBMbOe1eGmWeodVBNejMfHLXyXfZT7blJOsbUUFgev6N3N1JPQQ-k_gIVoozGgA8kQq4l1qASgq7w__EC5Q1FsLXOs5L3YukB_NTVeM9CPdf9n2vx-UDVhc-9oYX6YvIoHFY4Kqy2vkSFhiOWUjkjsOPpK-x2p_P8w2euLFFbXev4UXNY_qJa4d02pXhV-uXKtgjrSs4lLVxAzJjlc0KKLGWUqj5F_Nxr34iJwwQTVQ1M11KXRs_JrD_YcHLw4X9mhNWjR4dvwBcqgpAlsCRrEjjDHw0On42MiNyDSSqpHRvUlVrfBqqxscfUFjTcc_fzC_OvlJkICWCDA61pxL84WF12bOtoTYriaYOAud54KqOOxOWr_GTaKOn_OEDo3gnfLVxGmEHbNpMQxG7Ue-Pw-SEPetGPnptB7EBpZKZbHX-COlEi2RUjYTunBxTz23E_yoFpsinhFOD3tE8spt36pw8YN2qt46QekrUG7dl0rknQWd_epLOnUFlD1fzsPUrx18uzbN52WceMosU2bmM1FygO-IpeNapgv4jEjvZJARW2c_dsRDguHYfAV7vtdqFmSR1XR1EjCBJu42oy6zqJnU0f98ntpmFPi45g46gsLQDVm2dckgJqNAJthzLk3tX6XhPCirnikfdC676un42Gn6a9edv2ujGAvmzyr0shU3IQ2Fs6N95eUyrMyXgUgSl03wy1AByZQaVEJPpyZrh1JuSzllthTOH6RGn3q8f-fG1BC6-jJLoNHHEwbm2s0mhm7GrOpuymWzRMcJ5d4MjhFyZmogqzxE31IVhxw8gJrCL-skJq-Xixd-gmyV1kQj9mrLoUyfcF3jS3ebcdR_xRUbC_s2qu4sQ8zMfGRcMn3Ban0aeNSiir1-4_UcsrdHTi9oIA6MyoqxU0JyI6ddHOYA4hMMs2eAbFjiZ7v7RIcfFt2egacJkdpNBlhYF6kHiMLoD4LfRalBJgoUUdey29nNUtkQSga0X_ZY0QtxXkzgoLNNQDZkbrEKroqtMEna-ahaL8REqKafA2sN5wjg-0xyptzgrPBUv9xGBq6yB1jd9f5zkYQw_bKKPlbvnQstoQtv0fIL4tHhYMDchRe7IRIJDcenzIlV98T1YvBCIC9LDGyAlqUud1s4GR3pWiu-RXijOiouAUVBn7kpBLr4o7_zDD0R9tm3NMiFLgxJjJgQHLZ7sSvbG24clULslHDhCs2o4Q7VTP01EVfm7tGpF45dGHLM4YM5gy7iGdtd_6Tx88-A3N7uePBGCuyZrhcLgGg_5W27dqNbAlaqx4IaGVhZYaBbz2Pv1k23MI30wSgwFo4xAUqU4uD4Fday-tgTzGPIDV_CPkMqXhgvOy-Fd9aQbUuts7Pz5kiLMm0yOL6PgTBzU48aMr2UU4HpODG03v_X-Tbi2kfm1RNsbxNRa8qz35-aq9CNxn5Dvzdbjvh1MpJsfjdjtc2cGcb3VRQfuM9NIs6vWuqFEwa-z6VIRsoNXWrZwSbG-sgGL9_PIjG5gX_jqPS1yuSGAZNgvL2m6MzlwEO6CIQGy-cczCml2FfGlvhSmeStp1m96ycPJhTfZsgYCqWTbB6Vdm7LkV8WcEoilURSHCOiuptQrnv1Gn3jkIsLwy_z0wOEGg2QZCrEHiWs3BqCCu5F0R97n_Bpd9htij2Tp5rV0xBJLH51_srFYGhy3KTi0Ix7rQ2FxK84pvXqAcMRblSOr_wSTwxNrGYHENSaK-dbhY1sfm7Xgp8edOBp1fNZIwM9OIQnGqrG8oCSNvL3DJ6W4mYm5U2bc1oO6C25xrVwOVWBkSrTF1b13MYTc6MYRLgnfkt2yTo_IfAZE5z_YlqEhajChihTvfaMxGcL90CJHUzh6Wku_nUDbJbWC-xpLTtt8HUwMTbaplobeJmbvRKczWytkNRJNBnyJNkpuuAQPCVauOZ_6S4Kz6-zIo5H_D2h8CnncLGq2ozG1T9VHSaiIgCl0xukww8EtuPOwnQ_dLTZZpImsPe-NXawGOk8cryRDYyhJ1ZWlmxglMvBGU_hKv-slv4sInUmgv-OeIedSmO9ll4ITmbsvT3SxZNOZhVJ9l5pP4vGaenxumu06E9Sf5fTUCt_lvhPst_DyqF4ZZFyDUfIwVgtNzUlx0wvK6_n4MSJWLGT2GlBlTsEHodk0Q3rLTXhkWZ1NKaRSPMhujOKd4tfG5ovUwxgslUcDA4JSnT9g42_-lSPUB5X_lKODScj4AhHzJt4MOVozIevKzhy8aeBMZ3S-ekIA8fwS_HabAGylyFCw8VgaoibCnZiiGkK0jLCEvxFzEVXMC-EoaQfXm9r1wO90rOpdrA11K7rcowSU_j-ada5prVh-N-f_heJSPiXad8-tXIRftKPD6djZ6jJCE2R5TsPONmAR_V9OOVRzdp9EfOqEz5l9_Ksn8E3lGp6o4-jQNzhtBtGJaBRonW8ToRBv_X1q3vecmMscuOre7jV3lIXQsxW1QjKexN9dPe7s0ZJROEYhPTB3bRRc5xbeXBNxAq-qNDGH_wpe8ubrm8MjFt76oFvUnLchXJnDNPi-QeaawKuKK2QwSJJIVLqIR1hT8vLP5uWtWuOgdP9KLHb4eWZc4a47g4s3AurjfnrMSYclNy8SSnaGnjK1vVYLhHbkqeb1VSKzWRM1XF1vFyOEVlxpbIJi2fO7Zf4kTTomDdiQInTSKqPctjSlSzqSCWCrM1wdPmGfwbyu8zQKpm52oExrUPPUey6ocbfTTr_LBS133TkP4Q&cid=CAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ds=l&xdt=1&iif=1&cor=16076828709430518000&adk=250412560&idt=95&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 23:31:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 304580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 23:31:37 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame 153A 11 KB
4 KB 22ms
9ms Script
text/html 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1696766876171409&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUEwenJsiZZG7CszBtwfiopuAC6blvaBpvZicp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QPjhjaXesD8VFjFYWovUUTXt7p0FG545kdf-Gj5FmgEUU3Zsht3YrrEuIcTZdYOZN-W1VIe7IA6xrUT9S_mqmqPYuzPiwWfOm6qLVs9w_ZohZseXT-CFmW1x4iQJY-W6NdQtvB5uVODuwNSNJ44zb18Jxoch7hJ_IYkOJmEhbztcXWDr5iJmOZRewdyfXkpF5l6WJv06I_kUoYe4iSRRGp-B3v9gBwHigNArOypBF5RmAwwUm78f8h_JUp7KqyoI22tqrB49kwSuyDbusJZBG-nI6PlFArfXbv8XRn-Ch4NxixdLluJh2ZYQ1tSOSDFIgqi35GWdk3YKRC8-3xWh8axp_l0EWpet-sLTlIBE-v4gnH_acQDfpVTy9qcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIkfmul7XmgQMVzODtCh1i0QawEAEYASAAEgK8RfD_BwE%26num%3D1%26cid%3DCAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ%26sig%3DAOD64_33_7tglzQKLb6f0x67fpNiin1dQQ%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AqQeFH-XgSUWXxBT7Rz03f0W4ct3NU8haijo0dJ5EjoPOvRuHvvLb58umr7MB-VYqN4DxP5XXGHN14-j4j0bnhEIGOrU35ORYQH11mhztltQ4hD7jZjv8dsdZYoNoQNGHJoPGb0-aUXahRK51kYOCOMAsLnOPfT8bkPQUrlN3PKaUFmao%26cry%3D1%26dbm_d%3DAKAmf-DNY53FILvcRnP_a2NA1Cp-eHCKccJR7zkT0QfQvPjQcjpx1HRvA80UWDjEz2cfF1wt4rgj0sYcpNlA0_2OUpDw7sC3MEgVa0arTRjsQ_PP8zc0r8yxElIz1qO0rjocwlV3X2JHRNFchqkC37f7Jc2887AskHcyKAj37f1iXCT7zumDgMcqJz2N16ckjyCrJujlzxT-KKXRT25MwoFg9WDaWaAZTfknywCTm-A3akggSrcGKPcirxxvJky5cNcLdGIwYcG7yEo2gsXLyY4HI8LxZdVS8ccO_MxYctoi4RX-70UuMu1lC7Iywq4LZCYmDgdncz1QXmeMDBTkX_4g-gLMbRf4FepYt4txGeJJp8ZYCcrWisjp33wcmbfDQyhxsUpDivQGCpvfX_ndJ80tugwzZj5EM0HPIUbDPdbJk3vTQcB1JCSvdJcmmS4X4v95Tw8u3UsHK0dE-muZ9uqBKhXudvucv5pOewZQcYA178WQEKnG60ijDomp3wamgqYvJANHO3bSCUyhMoDjuaoyZXBA6fJElqS9Jf8vh_HWenweT5ZkuF0%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: dffb60b8e4face853bbaaf649c56ba0861c19d370ac9c5d8e678e88e47933003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4212
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 7C4C 16 B
209 B 65ms
65ms Fetch
application/json 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-56-171-192.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 08 Oct 2023 12:07:58 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 106ms
19ms Preflight 52.56.171.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.171.192 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-171-192.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sun, 08 Oct 2023 12:07:58 GMT
server: nginx

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B5C 38 KB
13 KB 7ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 300086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:46:31 GMT
expires: Fri, 04 Oct 2024 00:46:31 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request.php Show response
hal900025.redintelligence.net/ Frame 153A 2 KB
1 KB 100ms
71ms Script
application/x-javascript 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=4ae926d676&subid=&uid=e65a242b22b9635e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUEwenJsiZZG7CszBtwfiopuAC6blvaBpvZicp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QPjhjaXesD8VFjFYWovUUTXt7p0FG545kdf-Gj5FmgEUU3Zsht3YrrEuIcTZdYOZN-W1VIe7IA6xrUT9S_mqmqPYuzPiwWfOm6qLVs9w_ZohZseXT-CFmW1x4iQJY-W6NdQtvB5uVODuwNSNJ44zb18Jxoch7hJ_IYkOJmEhbztcXWDr5iJmOZRewdyfXkpF5l6WJv06I_kUoYe4iSRRGp-B3v9gBwHigNArOypBF5RmAwwUm78f8h_JUp7KqyoI22tqrB49kwSuyDbusJZBG-nI6PlFArfXbv8XRn-Ch4NxixdLluJh2ZYQ1tSOSDFIgqi35GWdk3YKRC8-3xWh8axp_l0EWpet-sLTlIBE-v4gnH_acQDfpVTy9qcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIkfmul7XmgQMVzODtCh1i0QawEAEYASAAEgK8RfD_BwE%26num%3D1%26cid%3DCAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ%26sig%3DAOD64_33_7tglzQKLb6f0x67fpNiin1dQQ%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AqQeFH-XgSUWXxBT7Rz03f0W4ct3NU8haijo0dJ5EjoPOvRuHvvLb58umr7MB-VYqN4DxP5XXGHN14-j4j0bnhEIGOrU35ORYQH11mhztltQ4hD7jZjv8dsdZYoNoQNGHJoPGb0-aUXahRK51kYOCOMAsLnOPfT8bkPQUrlN3PKaUFmao%26cry%3D1%26dbm_d%3DAKAmf-DNY53FILvcRnP_a2NA1Cp-eHCKccJR7zkT0QfQvPjQcjpx1HRvA80UWDjEz2cfF1wt4rgj0sYcpNlA0_2OUpDw7sC3MEgVa0arTRjsQ_PP8zc0r8yxElIz1qO0rjocwlV3X2JHRNFchqkC37f7Jc2887AskHcyKAj37f1iXCT7zumDgMcqJz2N16ckjyCrJujlzxT-KKXRT25MwoFg9WDaWaAZTfknywCTm-A3akggSrcGKPcirxxvJky5cNcLdGIwYcG7yEo2gsXLyY4HI8LxZdVS8ccO_MxYctoi4RX-70UuMu1lC7Iywq4LZCYmDgdncz1QXmeMDBTkX_4g-gLMbRf4FepYt4txGeJJp8ZYCcrWisjp33wcmbfDQyhxsUpDivQGCpvfX_ndJ80tugwzZj5EM0HPIUbDPdbJk3vTQcB1JCSvdJcmmS4X4v95Tw8u3UsHK0dE-muZ9uqBKhXudvucv5pOewZQcYA178WQEKnG60ijDomp3wamgqYvJANHO3bSCUyhMoDjuaoyZXBA6fJElqS9Jf8vh_HWenweT5ZkuF0%26adurl%3D&documentReferer=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ancestorOrigins=http%3A%2F%2Fwww.erweiteredeinwissen.de&random=7364639072474&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1696766876171409&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUEwenJsiZZG7CszBtwfiopuAC6blvaBpvZicp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QPjhjaXesD8VFjFYWovUUTXt7p0FG545kdf-Gj5FmgEUU3Zsht3YrrEuIcTZdYOZN-W1VIe7IA6xrUT9S_mqmqPYuzPiwWfOm6qLVs9w_ZohZseXT-CFmW1x4iQJY-W6NdQtvB5uVODuwNSNJ44zb18Jxoch7hJ_IYkOJmEhbztcXWDr5iJmOZRewdyfXkpF5l6WJv06I_kUoYe4iSRRGp-B3v9gBwHigNArOypBF5RmAwwUm78f8h_JUp7KqyoI22tqrB49kwSuyDbusJZBG-nI6PlFArfXbv8XRn-Ch4NxixdLluJh2ZYQ1tSOSDFIgqi35GWdk3YKRC8-3xWh8axp_l0EWpet-sLTlIBE-v4gnH_acQDfpVTy9qcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIkfmul7XmgQMVzODtCh1i0QawEAEYASAAEgK8RfD_BwE%26num%3D1%26cid%3DCAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ%26sig%3DAOD64_33_7tglzQKLb6f0x67fpNiin1dQQ%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AqQeFH-XgSUWXxBT7Rz03f0W4ct3NU8haijo0dJ5EjoPOvRuHvvLb58umr7MB-VYqN4DxP5XXGHN14-j4j0bnhEIGOrU35ORYQH11mhztltQ4hD7jZjv8dsdZYoNoQNGHJoPGb0-aUXahRK51kYOCOMAsLnOPfT8bkPQUrlN3PKaUFmao%26cry%3D1%26dbm_d%3DAKAmf-DNY53FILvcRnP_a2NA1Cp-eHCKccJR7zkT0QfQvPjQcjpx1HRvA80UWDjEz2cfF1wt4rgj0sYcpNlA0_2OUpDw7sC3MEgVa0arTRjsQ_PP8zc0r8yxElIz1qO0rjocwlV3X2JHRNFchqkC37f7Jc2887AskHcyKAj37f1iXCT7zumDgMcqJz2N16ckjyCrJujlzxT-KKXRT25MwoFg9WDaWaAZTfknywCTm-A3akggSrcGKPcirxxvJky5cNcLdGIwYcG7yEo2gsXLyY4HI8LxZdVS8ccO_MxYctoi4RX-70UuMu1lC7Iywq4LZCYmDgdncz1QXmeMDBTkX_4g-gLMbRf4FepYt4txGeJJp8ZYCcrWisjp33wcmbfDQyhxsUpDivQGCpvfX_ndJ80tugwzZj5EM0HPIUbDPdbJk3vTQcB1JCSvdJcmmS4X4v95Tw8u3UsHK0dE-muZ9uqBKhXudvucv5pOewZQcYA178WQEKnG60ijDomp3wamgqYvJANHO3bSCUyhMoDjuaoyZXBA6fJElqS9Jf8vh_HWenweT5ZkuF0%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2d0914352c228705456f00731cd8f2cde1163b7b7fba8c2b0df461b21dd26c58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 88085700049203304444978012471025
Connection: close
Content-Length: 870
Expires: Sun, 08 Oct 2023 13:07:58 +0200

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B5C 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 254701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 13:22:57 GMT

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 8861 43 B
703 B 56ms
53ms Document
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2329635&v=16160&q=356171&r=296283&pref1=88085700049203304444978012471025&pv=1

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=4ae926d676&subid=&uid=e65a242b22b9635e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUEwenJsiZZG7CszBtwfiopuAC6blvaBpvZicp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QPjhjaXesD8VFjFYWovUUTXt7p0FG545kdf-Gj5FmgEUU3Zsht3YrrEuIcTZdYOZN-W1VIe7IA6xrUT9S_mqmqPYuzPiwWfOm6qLVs9w_ZohZseXT-CFmW1x4iQJY-W6NdQtvB5uVODuwNSNJ44zb18Jxoch7hJ_IYkOJmEhbztcXWDr5iJmOZRewdyfXkpF5l6WJv06I_kUoYe4iSRRGp-B3v9gBwHigNArOypBF5RmAwwUm78f8h_JUp7KqyoI22tqrB49kwSuyDbusJZBG-nI6PlFArfXbv8XRn-Ch4NxixdLluJh2ZYQ1tSOSDFIgqi35GWdk3YKRC8-3xWh8axp_l0EWpet-sLTlIBE-v4gnH_acQDfpVTy9qcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIkfmul7XmgQMVzODtCh1i0QawEAEYASAAEgK8RfD_BwE%26num%3D1%26cid%3DCAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ%26sig%3DAOD64_33_7tglzQKLb6f0x67fpNiin1dQQ%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AqQeFH-XgSUWXxBT7Rz03f0W4ct3NU8haijo0dJ5EjoPOvRuHvvLb58umr7MB-VYqN4DxP5XXGHN14-j4j0bnhEIGOrU35ORYQH11mhztltQ4hD7jZjv8dsdZYoNoQNGHJoPGb0-aUXahRK51kYOCOMAsLnOPfT8bkPQUrlN3PKaUFmao%26cry%3D1%26dbm_d%3DAKAmf-DNY53FILvcRnP_a2NA1Cp-eHCKccJR7zkT0QfQvPjQcjpx1HRvA80UWDjEz2cfF1wt4rgj0sYcpNlA0_2OUpDw7sC3MEgVa0arTRjsQ_PP8zc0r8yxElIz1qO0rjocwlV3X2JHRNFchqkC37f7Jc2887AskHcyKAj37f1iXCT7zumDgMcqJz2N16ckjyCrJujlzxT-KKXRT25MwoFg9WDaWaAZTfknywCTm-A3akggSrcGKPcirxxvJky5cNcLdGIwYcG7yEo2gsXLyY4HI8LxZdVS8ccO_MxYctoi4RX-70UuMu1lC7Iywq4LZCYmDgdncz1QXmeMDBTkX_4g-gLMbRf4FepYt4txGeJJp8ZYCcrWisjp33wcmbfDQyhxsUpDivQGCpvfX_ndJ80tugwzZj5EM0HPIUbDPdbJk3vTQcB1JCSvdJcmmS4X4v95Tw8u3UsHK0dE-muZ9uqBKhXudvucv5pOewZQcYA178WQEKnG60ijDomp3wamgqYvJANHO3bSCUyhMoDjuaoyZXBA6fJElqS9Jf8vh_HWenweT5ZkuF0%26adurl%3D&documentReferer=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ancestorOrigins=http%3A%2F%2Fwww.erweiteredeinwissen.de&random=7364639072474&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 08 Oct 2023 12:07:58 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
H/1.1 200
OK request_content.php Show response
hal900025.redintelligence.net/ Frame ED53 7 KB
2 KB 21ms
7ms Document
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=4ae926d676&subid=&uid=e65a242b22b9635e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUEwenJsiZZG7CszBtwfiopuAC6blvaBpvZicp8kP8C4QASD7uKUHYJXqkIKgB8gBCakCzhuwEN3CsT6oAwHIA5sEqgSdAk_QPjhjaXesD8VFjFYWovUUTXt7p0FG545kdf-Gj5FmgEUU3Zsht3YrrEuIcTZdYOZN-W1VIe7IA6xrUT9S_mqmqPYuzPiwWfOm6qLVs9w_ZohZseXT-CFmW1x4iQJY-W6NdQtvB5uVODuwNSNJ44zb18Jxoch7hJ_IYkOJmEhbztcXWDr5iJmOZRewdyfXkpF5l6WJv06I_kUoYe4iSRRGp-B3v9gBwHigNArOypBF5RmAwwUm78f8h_JUp7KqyoI22tqrB49kwSuyDbusJZBG-nI6PlFArfXbv8XRn-Ch4NxixdLluJh2ZYQ1tSOSDFIgqi35GWdk3YKRC8-3xWh8axp_l0EWpet-sLTlIBE-v4gnH_acQDfpVTy9qcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaoNAkRFyA0BsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26gclid%3DEAIaIQobChMIkfmul7XmgQMVzODtCh1i0QawEAEYASAAEgK8RfD_BwE%26num%3D1%26cid%3DCAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ%26sig%3DAOD64_33_7tglzQKLb6f0x67fpNiin1dQQ%26client%3Dca-pub-9373112202773231%26dbm_c%3DAKAmf-AqQeFH-XgSUWXxBT7Rz03f0W4ct3NU8haijo0dJ5EjoPOvRuHvvLb58umr7MB-VYqN4DxP5XXGHN14-j4j0bnhEIGOrU35ORYQH11mhztltQ4hD7jZjv8dsdZYoNoQNGHJoPGb0-aUXahRK51kYOCOMAsLnOPfT8bkPQUrlN3PKaUFmao%26cry%3D1%26dbm_d%3DAKAmf-DNY53FILvcRnP_a2NA1Cp-eHCKccJR7zkT0QfQvPjQcjpx1HRvA80UWDjEz2cfF1wt4rgj0sYcpNlA0_2OUpDw7sC3MEgVa0arTRjsQ_PP8zc0r8yxElIz1qO0rjocwlV3X2JHRNFchqkC37f7Jc2887AskHcyKAj37f1iXCT7zumDgMcqJz2N16ckjyCrJujlzxT-KKXRT25MwoFg9WDaWaAZTfknywCTm-A3akggSrcGKPcirxxvJky5cNcLdGIwYcG7yEo2gsXLyY4HI8LxZdVS8ccO_MxYctoi4RX-70UuMu1lC7Iywq4LZCYmDgdncz1QXmeMDBTkX_4g-gLMbRf4FepYt4txGeJJp8ZYCcrWisjp33wcmbfDQyhxsUpDivQGCpvfX_ndJ80tugwzZj5EM0HPIUbDPdbJk3vTQcB1JCSvdJcmmS4X4v95Tw8u3UsHK0dE-muZ9uqBKhXudvucv5pOewZQcYA178WQEKnG60ijDomp3wamgqYvJANHO3bSCUyhMoDjuaoyZXBA6fJElqS9Jf8vh_HWenweT5ZkuF0%26adurl%3D&documentReferer=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ancestorOrigins=http%3A%2F%2Fwww.erweiteredeinwissen.de&random=7364639072474&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 366eeba6c4dc4d3713a022a0201df139b3c2eea650453d3551aecf3ee4061aed

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2032
Content-Type: text/html; charset=utf-8
Date: Sun, 08 Oct 2023 12:07:58 GMT
Expires: Sun, 08 Oct 2023 13:07:58 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 impression.php
t23.intelliad.de/ Frame 153A 43 B
557 B 67ms
16ms Image
image/gif 35.156.64.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t23.intelliad.de/impression.php?cl=2353636373136323131303&cp=101&ag=248&bm=100&bmcl=5373735313236323131303&crid=101&timestamp=1696766878&co=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9373112202773231&output=html&h=600&slotname=7773194621&adk=2192438534&adf=1977249870&pi=t.ma~as.7773194621&w=300&lmt=1696759676&format=300x600&url=http%3A%2F%2Fwww.erweiteredeinwissen.de%2F&ea=0&wgl=1&dt=1696766875804&bpp=1&bdt=278&idt=329&shv=r20231004&mjsv=m202310030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db5498e4d66be6841-223088f23adf0058%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_Ma0eBBi--jTxvhp-6W3ZQURfWkl5g&gpic=UID%3D00000c91ba3bdd13%3AT%3D1696766876%3ART%3D1696766876%3AS%3DALNI_MbFH7vwR6a58ASRSBQsNJcBr1z46g&prev_fmts=625x280%2C625x280&correlator=2812134470218&frm=20&pv=1&ga_vid=401643022.1696766876&ga_sid=1696766876&ga_hid=1687835822&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1030&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44802212%2C42532335%2C44804782%2C31078301%2C31078673%2C31078601&oid=2&pvsid=2539810029932652&tmod=100059771&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=11&uci=a!b&fsb=1&dtd=335
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.64.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-64-200.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:58 GMT
server: Apache
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW NID PSAo PSDo OUR STP OTC"
content-type: image/gif
cache-control: no-store, no-cache, max-age=0, must-revalidate
content-length: 43
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 153A 43 B
703 B 71ms
56ms Image
image/gif 23.56.205.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=88085700049203304444978012471025&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-56-205-163.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 08 Oct 2023 12:07:58 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 153A 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 664ffa9cf9fd0dda95ece2162d19aa95c9b13586ce48214d8f8e2573a71e8a54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B5C 0
20 B 45ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZWAenZsiZY6xMciz9u8PwNGmsAMAAAAAOAHgBAI&bg=!TU6lTgHNAAYMG8UMLBs7ADQBe5WfOLlLvzul6kztVouVdKLuBMtHHGvTdeh_Pu-HA_a2FNzTRKrP-PtY2WVFOM_7Sz4bAgAAAEFSAAAABmgBB5kC7TXQuU_g4PynE8kPf7Fa4cMB5HLOaa0AhpOAk4Tz4P-ymOvJWo_uEYcqTVe2NgHkMWzyk4AXZxHjKAwQQkB2w7Q1VLe8G9z4ypgUkf33yKIjA2x5sHwEeBjD01DC0stIpXrJE0omeztKTabS98UpmFTxLGvKvAAjlMi2OKtKjdWDyw7TNxYOA3cpxxb93i8nBuT7kGx5dRrkH81wlB-sXraE-lFR6b140mBwOmP-Yq_OsYOeUli73SgsbcwJOxJ0mh9E184N72iX3vggK_TmCSNmx-t8o8ifOYpc2R53QBkHsCOnMkiJlln1GCJ26f39DU1ac94BLPfJWlmPoLWMtrwxpIqgEqyCML3440DrMtRhCETTPPmm5yxnS5kYOTMs7_SLDbbNSOLcH49mlXwXgWwYQVgPUFFaUbPCb4Yg0qoavhw6f_wjIMd8T1g-QTJCNd2RSrc1U45GIhWWXs2EsSNyLhDlNs0Bv8bmmPCzD3DJJGJF5u-TFIJ5BmsoE9zMe6OHs0_g2X1dfvCZuHdvbS6XMGSTBvobm0p5obm6UmibZkuqo7OPg90vIJjx0Yfh6TaAHn3hzVzLUsTuJQNMLHSBqqpUDpa-8l7VcK9kkVrz1NRXeNSQXHDPwo4cRBTF2O2UjhOjTaPoVEhDtn_yOTnkYON0TV9XXCDMImksIeR4zKMBjs7KAb2gd_xFEIeHOIWtIn5_3xf-HbnXQ5t8s-zgSWCiFPDLUInWhWK7WiESKUGfgOEYHwM7QFY-yU4VAfh6eSp3NLznbrtVDhyDBWd1Djo5ukGSl09Mhik5Pa2oKlXbnj9MTpq92EnK1QBOD1UiGjyuChEMejWDZS3-mUK8alSfvSRWU3a9ZBcG-kUD5iugUwdJ0jGpmKSJVomAWKouSXVJsxwF0ZAlTI2ddG1c7gxphOqJpmo0Y5zXrbJFNYQfw0dGusFmij_GzD8uq0NbdyoD50SvN_JvrURfXo59YyFDl52o2SrXy1y8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame ED53 5 KB
682 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 12:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 12:07:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 12:07:58 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame ED53 65 KB
65 KB 188ms
174ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/71572/creativesup/iQ_Online-Deutschkurse_1200x627px.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: b1c04aab0823a36d02fa0ae20662bc70ae3e6a82ce9c7751381f9c63e44dd105

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame ED53 71 KB
71 KB 23ms
8ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/49107/creativesup/forever_young_strunz_reachgroup_1200x627.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 82ee5963dc353d1579e1e19fee599f2f982251f1a3c0045932c5dab6da7c5282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame ED53 101 KB
101 KB 84ms
69ms Image
image/png 78.46.23.46
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/32783/creativesup/1200x627-1.jpg
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.46.23.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 90b560568ee19fb27765f7065151d3d2704fd8e372506f95c37188911a8ef3ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:58 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame ED53 0
150 B 25ms
8ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=88085700049203304444978012471025&a=2e84be11&vb=m
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame ED53 14 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900025.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:23:45 GMT
x-content-type-options: nosniff
age: 243853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:23:45 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame ED53 15 KB
15 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900025.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 09:02:57 GMT
x-content-type-options: nosniff
age: 183901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 09:02:57 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 73ms
57ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

669ef91b69da81406a15b938e95adb8b09f44a9ff57adafda9fc2a2908bb0706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11952
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A2C 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=890059663945&version=m202309260101&ct=77&x=1&cor=11789341358796150000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 08 Oct 2023 12:07:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDC4 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 11:58:18 GMT
expires: Mon, 07 Oct 2024 11:58:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 46A3 829 B
1 KB 40ms
17ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90c8f35836c6e0712b23a796558e61f64215d5f26c7cdb7a6cf4aafa8e581d65

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8DuOyZ3nOjJB6x4sWqy10w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.erweiteredeinwissen.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8DuOyZ3nOjJB6x4sWqy10w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 08 Oct 2023 12:07:58 GMT
expires: Sun, 08 Oct 2023 12:07:58 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame CDC4 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 21:35:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 21:35:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 46A3 0
0 42ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=2539810029932652&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CDC4 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fXdnPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 12:07:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 153A 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGOsi0ROLvVPmTGzjRK0ArqOzjYUsMalXtGZg5666RScOIX4FtUfJ6G-EOQmUFLXiIpQMnOLtEOYmZeunyRh7ea_WbjAU0ti330mJ4ZEEkSd1tccrfPuCOK4Rt-tqo_VI&sai=AMfl-YTtY-GkpTp_z5denVSTBleVZ1u2rWHl8Mxmr57lOQ38PtrVPW5TeyOtlEYd6fYLdkLQrM6HFQW21MlBIaFuzWrjicxdWpT-kXryVncbfQ&sig=Cg0ArKJSzDV1wv3DAZsVEAE&cid=CAQSLgDICaaNziFo6PNGbGWf7eUnbfkUu9FQw79xGDICr7NzZDQTNb1zjhhGe2zfQ5AYAQ&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&app=0&itpl=20&adk=2192438534&rs=2&la=0&cr=0&vs=4&r=v&rst=1696766876140&rpt=1984&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900025.redintelligence.net/ Frame ED53 0
150 B 21ms
7ms Script
text/html 138.201.84.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900025.redintelligence.net/viewability?s=88085700049203304444978012471025&a=2e84be11&vb=v
Requested by: Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.245.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900025.redintelligence.net/request_content.php?s=88085700049203304444978012471025&a=29092404
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 12:07:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=2539810029932652&bg=!YWKlYi3NAAbjlzx0w5c7ADQBe5WfOJgNO52bDk2rqW1fbdIgAU_p2SnthamHoFLQfFGyU1uIQlyMl4tX72BrfFGiAvbpAgAAAEFSAAAACGgBB5kC0MbZdNum8wDx5HjppnNKcOwSc9AMEFf-RyrGUUr6_GQcvbtQMlB_JGbVjQc6k1i_aTpVw_j4aHdNYbR9Sfo8Ur2KWAAV1KkmzML5f75RAyqQU24n9IeHYFQzdJ2yzF-cuVZ7jAsliL1xPYg1LADtiNRfzTMU8bpCd1M9-Czh0ZhTcjVRSnrWk_6-DQizmfEzyE5FkkWfkWMN6RIV0K-k9r3ib9aCpvND2F2kvdMLofJ1gbL1HDFHgvwAWvKL8GvY8m7gxi4j5x_CCoFDafSxku4_28CF955ffobHXEnyXa1MXm6aOoCam4HshbqYw7LeEcPMsm21x255zwa0uOhd880hynVgGp5SJsIiEPJSz1jCuTlez9k9ox4JWaKcqV4-VDDnEy7wwCalfyCRWtBxHvD3jiYNokcgZgKmp_TummwP5faETudN_RuYYtJCLZGlNEr9ZNXzvPIN8_QBk8c8qWzaHZKUkjlYGUhn_0mtMUPq9eUqu0WIvL0-AmmaJut80lgDqn9mhRSzrBGntTdnDgXLLPI7YVhJF5Ren5_rqikRupnK03z81bV2r9x9cdpD-E-6BYLAI6dGExfJlnvW-4LJsbpTGMpxttUv-zf5r6OCNUASl30k9lDFffyEuydGnt4vG09u11xAp7N8vho1-f6weVrmbHxJFVPWXOoQmYZsoMg5k4GI6WnEczcpQylZ7EygnJviVvMiHSQXV5kBsFPzSIFoKpKRoR6rSBCLYdRSBzBUB8B8_Kb-GxWVoQD6_yLfO2DcxPqyJUu8vK7EZGVXeMM_wg0bgALg2_ZYIG2nzznUyvV8Ni1S8Ol18U1NhMezk_e8zf8q5uSUt2Ilf5-GZgtxd96EzA9v-kudlPn-pYaA9N63fDSPVQD8VR3TlyI21QPJEdRWJloqNRRtdz2PMuPvxqSIb8vxoOT0pULLtqhfMmre2fSfSwwq_gMsUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.erweiteredeinwissen.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 153A 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7381227065944&version=m202309260101&ct=77&x=1&cor=16076828709430518000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4C 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6350241604943&version=m202309260101&ct=77&x=1&cor=3480415348921846300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 12:07:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 00:41:02	Name: IDE Value: AHWqTUntlIW9h3_JM8NIdWR3WGdv3F7mwL2VgvPAmXRqcH-au0G30YJLwr4vfQWU
.adnxs.com/	1970-01-20 17:29:02	Name: uuid2 Value: 7691909806488513381
.casalemedia.com/	1970-01-21 00:05:02	Name: CMID Value: ZSKbnN5bJ398c1qYfo1iuQAA
.casalemedia.com/	1970-01-20 17:29:02	Name: CMPS Value: 2143
.casalemedia.com/	1970-01-20 17:29:02	Name: CMPRO Value: 2143
.doubleclick.net/	1970-01-20 19:38:38	Name: APC Value: AfxxVi4YvO-vKEg1TNDHI-YiBZNyFVIaUPpIyfwWV0uJ-fVHbUsyrw
.redintelligence.net/	1970-01-20 17:29:02	Name: 8lcfmzhxc8d6_uid Value: 5be1180dd2a6b3f1
.erweiteredeinwissen.de/	1970-01-21 00:41:02	Name: __gads Value: ID=561b56a6a8ce6869:T=1696766876:RT=1696766876:S=ALNI_MbKJzZ20D9d8EOfm3EJCHwCdNR4Sg
.erweiteredeinwissen.de/	1970-01-21 00:41:02	Name: __gpi Value: UID=00000cb91594a00f:T=1696766876:RT=1696766876:S=ALNI_Mbi_ek_ecVpgjeoFS_pA7I2Ru-m2Q
.awin1.com/	1970-01-20 15:29:31	Name: awpv11601 Value: 113440\|1696766877\|51453922-65d3-11ee-8e02-22641699f1ec
.adnxs.com/	1970-01-20 17:29:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVJm6>Tu!]tcV8i_iqf!oN/@E'zz<*Z0Qa+gBuD!H)+Drhpw./h^--zCX9_BB-(lYlPq<QG=%9sk@3@'s>T726T+
.office-partner.de/	1970-01-21 00:55:26	Name: source Value: {"webgains_webgains":{"timestamp":1696766877271,"clickCookie":false}}
.awin1.com/	1970-01-20 15:29:31	Name: awpv14098 Value: 296283\|1696766877\|517a2bd0-65d3-11ee-8084-22395667df75
.retailads.net/	1970-01-20 16:02:38	Name: ppb2172 Value: 3171492383
.futalis.de/	1970-01-20 16:45:50	Name: raSIDb Value: 3171492383
.awin1.com/	1970-01-20 15:22:19	Name: awpv16160 Value: 296283\|1696766878\|51e26380-65d3-11ee-b483-223780762ed7
.t23.intelliad.de/	1970-01-20 17:43:26	Name: iact Value: 0001C3CAC8855CC3B8D7EB010335822AD26F
.t23.intelliad.de/	1970-01-20 17:43:26	Name: iaimp_42842 Value: 1696766878:42842:100:137:101:248:101:20231008120758159290e0816504a6
.awin1.com/	1970-01-20 15:22:19	Name: awpv11830 Value: 296283\|1696766878\|51e60d00-65d3-11ee-8e02-22641699f1ec
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357066:2338577

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: http://www.erweiteredeinwissen.de/wp-content/uploads/2015/04/250x960_header.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
8019191.fls.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900011.redintelligence.net
hal90002.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
medialead.de
pagead2.googlesyndication.com
partner.googleadservices.com
pv.medialead.de
sync.teads.tv
t23.intelliad.de
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
www.awin1.com
www.erweiteredeinwissen.de
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.27.193
13.43.154.56
138.201.64.38
138.201.84.245
142.250.184.198
142.250.186.162
145.239.193.130
167.233.14.134
18.239.50.47
18.66.147.98
2.16.97.41
23.56.205.163
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a01:4f8:d0a:2321::2
2a0b:4d07:101::1
34.98.64.218
35.156.64.200
37.252.173.215
46.4.10.47
52.56.171.192
78.46.23.46
89.107.184.138
94.23.99.218
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04ea9714d2e845a02edcf1e3fafb76025674c880b42fa902f48f76b2d21ef045
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1038fae229162658e6794da1b9c6af276167b75fd66e5a4fe09e416beb73f1f7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13a64337e67f32b34a04330ed1b646e6d53ef6c7ababbf140f18a5e78713585a
1587228dc3e608fa2778b1384f22955898d4bd18bb21adf4db4827a7ab556430
15ecdfdf293d58bae515bdc06e21b04cae487b05e8d7041c4fe1c5bd4f6a6156
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
1b8a19474c0f0fbfc3151b31517b1fe5f278aa705eb5aa86ce7dc66de526dca8
1baab2759edfdc5653f1fdbedeeea0c0b5236216144b773344c5a2f9f0c833f1
1f31df3545a3dbd5c6f919c99ecb73f9e1837f1d987917093a68a84f2ac3107a
204cbf4250c91f3763248a0bfedc11ba38f22ce2522734e16c55dde9be2b866a
219e090bf9d7dc675781afdde55227697683a45391a8f8ea47e94127e7d146d8
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2caa0ed2d3622d9969bf2ffada067adc6194aed5d87ed36ca352b313d5c54910
2d0914352c228705456f00731cd8f2cde1163b7b7fba8c2b0df461b21dd26c58
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33d25acdc309b65d9e9765c857336bd5778c4863ae22eb45b0fa7296bbead21b
366eeba6c4dc4d3713a022a0201df139b3c2eea650453d3551aecf3ee4061aed
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
399f8348cc63a4853d4ff0536a5e7ec0f3c1e7fb6ab5d837db6ea4858b872f4a
3a8b5ccce8fd43a92602797a55867382d70a78a4e094527182536fd8249b19cb
3de7fc76e5009d57c09f9904e4bd0a66186148c27a3abf36e76be195ef5a1b65
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5413b9abd9873717a33c3e8e2e62e451aa24fa3169ec2abd6b65b9ba1d6400cc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
62dac85168cb5b86259e99da94d9e849f560875cbd8b6d1e92384d6054773873
664ffa9cf9fd0dda95ece2162d19aa95c9b13586ce48214d8f8e2573a71e8a54
669ef91b69da81406a15b938e95adb8b09f44a9ff57adafda9fc2a2908bb0706
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
71b6ed25cbee72506b12b1666a5975bd441a234521b1174bedf721744d48b00a
72b9e1fe7675f4b21425a0d68646150f9b0b3bdbb4c0352920f902b90061bb64
75a67cef5c9d66090b657e56c2fad7cb73592ba027517662dbd57bd49e2cf33b
761cff5428e8aa5d947284cdaa6d9f6e9d0fe755909c364f807ee5c23ddb8dcd
77104334ccb063ab8f00776cb4abb404f0dcdfb0ad0240aacbc00ed8b8272427
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7dc550545f837a2659f7250830fc3ed224e25859f3ded95d20006e64a5f69155
82ee5963dc353d1579e1e19fee599f2f982251f1a3c0045932c5dab6da7c5282
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8a275ebc507646c845f3787cb91ef529125718b737d67a77d3109bc90e3e8b24
8c9bc64b1fd233c4226de6a0fea7e051719d2c1f4ac187e633fd8996580cf66b
90b560568ee19fb27765f7065151d3d2704fd8e372506f95c37188911a8ef3ed
90c8f35836c6e0712b23a796558e61f64215d5f26c7cdb7a6cf4aafa8e581d65
99efce4c542b9e28fafd4f80eef335818be68c6053c2746ec3d8358a6e804d89
9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c04aab0823a36d02fa0ae20662bc70ae3e6a82ce9c7751381f9c63e44dd105
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b805c516073369453d8e385df77cb10c0b68d3405792a99655561f89cdc845d0
bad2540f4791c570d6c9f54cf033185ce58c7694d73a27b5838fe3c9577a9a0b
bdf601f8148de797c84344e7c3b5bab384c195b7c7ac227c27cb0e05e491edc1
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb292bb777ce1cfe4bb7f7408d99f7d51b349787b93fad205cad054441cbb4c7
cb5af5b868d7774ddcdd2e1c9c050c97cc109dc7bbcbf0096a3f5c89efb644b2
d0c4c7d61e19c284d77fa6fc073e930d8ed2113e6065a43d8543226e41c12993
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f5cc6a1a39b13b0f4ffecb18f7acc875c78563b2c8c1a4e1076650495f446d
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
d2455ef0ef89c2f6597bb0708d5ffcd46a23236a447724b8156ec0715cde6b8a
d2756e3960846bb5d48b792d93069c0846da68da363d45744931b00dacf1ec78
d38306273a18646de77aed11b497747888f8228f6c28c461cb157a6788dee582
d3d7dee54876baaaec926d3b42b27a2f7d60d4ca11e30116a9ac684704c6f14f
d3efbf11b592bc6d9b147fc08997b0d7eec4c5814bb6ea75ab90cb41b200c208
d7a91423f366716a9d051921f50a007201c13b33923abe88939c3e8a70c53434
df751bea5f361bbb78b39cce1838a561bdbe9544606bfa091e7ee9788e04a65f
dffb60b8e4face853bbaaf649c56ba0861c19d370ac9c5d8e678e88e47933003
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c72ab605ac9da28fc1b921b62a0b19b6f67f3aa1725dccfffa3164e3342220
e502d0f6d247686918ddf77c79bc8d65599af36db83b6db035c973bd9bfd1275
e9074cb893136e65b52d08c898fcf8f9005d65c0725d6c4045ec4cc1cf1b75f9
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16e1b9e3ca61b977c00e7773bace4ce91b69a33f2e186f9993d9850fc12b019
f79158309e344fb8db21c609d95180a4154855780dc799696f9e793c11212cc4
f8c3a6e7ebd68b4425f7a3978b12d453b0dbf95d7232469f47a63969d42e99f2
fb7951d13336ff6007ed34dba0b4e63ed5578859a4cff06914c2fdd140253ebd

www.erweiteredeinwissen.de Open in urlscan Pro 89.107.184.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

77 %HTTPS

35 %IPv6

23 Domains

33 Subdomains

31 IPs

6 Countries

1924 kBTransfer

3998 kBSize

20 Cookies

5 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.erweiteredeinwissen.de Open in urlscan Pro
89.107.184.138 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

77 %
HTTPS

35 %
IPv6

23
Domains

33
Subdomains

31
IPs

6
Countries

1924 kB
Transfer

3998 kB
Size

20
Cookies

153 HTTP transactions
6 data transactions