asdf.com Open in urlscan Pro
64.90.40.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://asdf.com/
Effective URL:
https://asdf.com/
Submission: On January 28 via manual (January 28th 2022, 4:08:13 am UTC) from AU — Scanned from DE

Summary HTTP 61 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 13 domains to perform 61 HTTP transactions. The main IP is 64.90.40.65, located in United States and belongs to DREAMHOST-AS, US. The main domain is asdf.com. The Cisco Umbrella rank of the primary domain is 522366.
TLS certificate: Issued by R3 on January 25th 2022. Valid for: 3 months.

This is the only time asdf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	64.90.40.65 64.90.40.65	26347 (DREAMHOST-AS) (DREAMHOST-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:400e:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:802::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400e:810::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.36.2 142.251.36.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:80f::2002	15169 (GOOGLE) (GOOGLE)
6 8	142.251.39.98 142.251.39.98	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
1	65.9.61.94 65.9.61.94	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
61	19

3 64.90.40.65 (United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-jolly.fairview.dreamhost.com

asdf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:400e:811::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400e:810::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.36.2 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s44-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.39.98 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.244 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impes.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-94.fra56.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	341 KB
18	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	60 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	6 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	5 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
3	asdf.com 1 redirects asdf.com — Cisco Umbrella Rank: 522366	9 KB
2	tradedoubler.com 1 redirects impes.tradedoubler.com — Cisco Umbrella Rank: 79864 vht.tradedoubler.com — Cisco Umbrella Rank: 104552	23 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	75 KB
2	google.se adservice.google.se — Cisco Umbrella Rank: 57807	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	33 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	641 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
61	13

	Domain	Requested by
17	pagead2.googlesyndication.com	asdf.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com asdf.com pagead2.googlesyndication.com
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net asdf.com
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	asdf.com	1 redirects asdf.com
2	googleads4.g.doubleclick.net	asdf.com
2	www.googletagservices.com	googleads.g.doubleclick.net asdf.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.se	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	asdf.com
1	vht.tradedoubler.com	googleads.g.doubleclick.net
1	impes.tradedoubler.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	asdf.com
61	19

This site contains links to these domains. Also see Links.

Domain
asdfforums.com

Subject Issuer	Validity	Valid
www.asdf.com R3	`2022-01-25` - `2022-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://asdf.com/
Frame ID: 4BC042B2924589FDE69237310BD1A065
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: BA5225EC15921540D97725B83CFC27A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&h=90&slotname=6999061358&adk=1654834549&adf=4024902593&pi=t.ma~as.6999061358&w=728&lmt=1527258580&psa=0&format=728x90&url=https%3A%2F%2Fasdf.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888278&bpp=6&bdt=160&idt=93&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&correlator=224886974557&frm=20&pv=2&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fgP8QN7BSo&p=https%3A//asdf.com&dtd=106
Frame ID: 8F7862B7375F7D48896A38D8B4F53BC7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&adk=1812271804&adf=3025194257&lmt=1527258580&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fasdf.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888293&bpp=1&bdt=175&idt=113&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=224886974557&frm=20&pv=1&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=117
Frame ID: 306D980D91EF1534B973E1D6E44B4017
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYp5TmvgEwAQ&v=APEucNXrF6JntHaQD1ovg1DeJaIMrJfVOu6neRL-OzfExXCg839olaUk6RRTaz1xYgN-sYW5bKBS1mvbahqUC2lOi33xVJHySHkU4ia9rbZj2EJw11WTqcEoSzByFWzvgBJQmou-DtB5_WKvoOO61yv5JUlSueZSQev1R0ctDPulHOgdqNfUI74
Frame ID: ED9D13E0F42E2F19283F0A2065C410C7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7C4D75DD654F00E76EFB8F596EB7E432
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9094A73BE7630B0B122816F8CC4FA79D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCA3wIQut606gIY_-CowAEwAQ&v=APEucNXrxfnQh9ERLxJDxofd2AXPASvByQKwKqKsvyaNe8oxeO3408XPVLsRzn3KK6nXbbPf6hUwaekLBIgDEL40UinjA8PnJRuFa-NGsjclDyK9eeamLQW_RN-HVBCTrC-yWK-36AGPG5dlIXfHaN7wQnEtIcFMdcjc2cmylxiGuJ2BAhGO8Jk
Frame ID: 52AFDD37171A10F1A788B16E90241F93
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js
Frame ID: B4B7EAEC2C8C517B8400BBD7249599E3
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9A380FF609C935046F3053F626261007
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D214690B775B26BDB1CB574863BF30B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19331E16D81D9BD044549202C76C6042
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

asdf

Page URL History Show full URLs

http://asdf.com/ HTTP 301
https://asdf.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

61
Requests

85 %
HTTPS

58 %
IPv6

13
Domains

19
Subdomains

19
IPs

5
Countries

604 kB
Transfer

1492 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://asdfforums.com/
Title: Forums

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://asdf.com/ HTTP 301
https://asdf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRaTXZWhmelraF3OcGovAc&google_cver=1

Request Chain 21

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfNsKNm8V.UPb9EXUI6e6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2

Request Chain 22

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEH8lR7CQt1U2x6keCBqVp-Q&google_cver=1

Request Chain 23

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D

Request Chain 25

https://impes.tradedoubler.com/imp?type(img)g(25157572)a(2541710)168545887 HTTP 302
https://vht.tradedoubler.com/file/321161/engage/se_engage_jan22/728x90.png

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1

Request Chain 44

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfNsKNm8V.UPb9EXUI6e6AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOv2R1-61cMA4uJK9ztMxN8&google_cver=1

Request Chain 46

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D

61 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
asdf.com/
Redirect Chain

http://asdf.com/
https://asdf.com/

1 KB
863 B

523ms
176ms

Document
text/html

64.90.40.65
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://asdf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.90.40.65 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-jolly.fairview.dreamhost.com
Software: Apache /
Resource Hash: d254aa9070dec69b2bb6973d2cb749edd1faae85234bafd5241bcd9c51ac5059

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
server: Apache
last-modified: Fri, 25 May 2018 14:29:40 GMT
etag: "53f-56d089932ee03-gzip"
accept-ranges: bytes
cache-control: max-age=600
expires: Fri, 28 Jan 2022 04:18:08 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 683
content-type: text/html

Redirect headers

Date: Fri, 28 Jan 2022 04:08:07 GMT
Server: Apache
Location: https://asdf.com/
Content-Length: 225
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 65ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3235813-1

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05cddf885a5757c5a99a87f2d9edf847e1c561cc9ad3a123d43108eec3521875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36060
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H2 200 89asdf.gif
asdf.com/ 7 KB
8 KB 176ms
176ms Image
image/gif 64.90.40.65
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asdf.com/89asdf.gif
Requested by: Host: asdf.com
URL: https://asdf.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.90.40.65 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-jolly.fairview.dreamhost.com
Software: Apache /
Resource Hash: 396c4a297752a82a080f61fb8a4614c5ff3bef0f666830e70276a4f3465d2597

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
last-modified: Sat, 11 Feb 2006 00:45:22 GMT
server: Apache
etag: "1da1-40c7a291aac80"
vary: User-Agent
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7585
expires: Sun, 27 Feb 2022 04:08:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 89ms
42ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aa959185839dd3af3a8cfb69c8151165fbd05b2f61302ec03bb5df274aea35c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53104
x-xss-protection: 0
server: cafe
etag: 8570813298144614449
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
21ms Script
text/javascript 2a00:1450:400e:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3235813-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1703
date: Fri, 28 Jan 2022 03:39:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 05:39:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201270101/ 287 KB
104 KB 43ms
42ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5526145018929722&plah=asdf.com&bust=31064599

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce0363842af6458b5d39622d71bf285e3898801834c11123c5ed289b830a6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105892
x-xss-protection: 0
server: cafe
etag: 11768180543688208295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame BA52 10 KB
5 KB 67ms
22ms Document
text/html 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 27 Jan 2022 16:12:19 GMT
expires: Thu, 10 Feb 2022 16:12:19 GMT
cache-control: public, max-age=1209600
age: 42949
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
25ms XHR
text/plain 2a00:1450:400e:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1947549083&t=pageview&_s=1&dl=https%3A%2F%2Fasdf.com%2F&ul=en-us&de=windows-1252&dt=asdf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1478374112&gjid=346558321&cid=1869409746.1643342888&tid=UA-3235813-1&_gid=1456388481.1643342888&_r=1&gtm=2ou1q0&z=787734897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://asdf.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://asdf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
641 B 73ms
26ms Script
text/javascript 142.251.36.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=asdf.com&callback=_gfp_s_&client=ca-pub-5526145018929722

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5526145018929722&plah=asdf.com&bust=31064599

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.36.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s44-in-f2.1e100.net

Software

cafe /

Resource Hash

dd2f8b625981675a5ec70b70c1664a5b4307ec15f8eb869cd47034a26dc49f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 75ms
28ms Script
application/javascript 2a00:1450:400e:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=asdf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 64ms
25ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=asdf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F78 15 KB
8 KB 161ms
136ms Document
text/html 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&h=90&slotname=6999061358&adk=1654834549&adf=4024902593&pi=t.ma~as.6999061358&w=728&lmt=1527258580&psa=0&format=728x90&url=https%3A%2F%2Fasdf.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888278&bpp=6&bdt=160&idt=93&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&correlator=224886974557&frm=20&pv=2&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fgP8QN7BSo&p=https%3A//asdf.com&dtd=106

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b5a1d6131656355e723f2596eb6f1412e808776e8899593388cb0b7305a15c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 04:08:08 GMT
server: cafe
content-length: 8208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 04:08:08 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 70ms
23ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3235813-1&cid=1869409746.1643342888&jid=1478374112&gjid=346558321&_gid=1456388481.1643342888&_u=YEBAAUAAAAAAAC~&z=96518291

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://asdf.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 Jan 2022 04:08:08 GMT
content-type: text/plain
access-control-allow-origin: https://asdf.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 306D 78 KB
31 KB 158ms
158ms Document
text/html 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&adk=1812271804&adf=3025194257&lmt=1527258580&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fasdf.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888293&bpp=1&bdt=175&idt=113&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=224886974557&frm=20&pv=1&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=117

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeb0d8ce41d961c168c629e58d5e0ce6786c42713ab8437e017e0217c24f1365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 04:08:08 GMT
server: cafe
content-length: 31399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 04:08:08 GMT
cache-control: private

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F78 42 B
63 B 27ms
27ms Image
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BphpGl5WLGXl65FjcePyCU8P9YceJ9l4kjqTE6claql7-45oIn-pS-6LqSy4IHLrKR1O1fkhMmlOuSLb45jMzEW_xHryBetAEZyuHPdaIfkNpp3Rg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&h=90&slotname=6999061358&adk=1654834549&adf=4024902593&pi=t.ma~as.6999061358&w=728&lmt=1527258580&psa=0&format=728x90&url=https%3A%2F%2Fasdf.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888278&bpp=6&bdt=160&idt=93&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&correlator=224886974557&frm=20&pv=2&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fgP8QN7BSo&p=https%3A//asdf.com&dtd=106

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8F78 2 KB
1 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 04:03:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8F78 123 KB
38 KB 73ms
27ms Script
text/javascript 2a00:1450:400e:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 8F78 14 KB
6 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 03:57:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ED9D 624 B
300 B 29ms
29ms Document
text/html 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYp5TmvgEwAQ&v=APEucNXrF6JntHaQD1ovg1DeJaIMrJfVOu6neRL-OzfExXCg839olaUk6RRTaz1xYgN-sYW5bKBS1mvbahqUC2lOi33xVJHySHkU4ia9rbZj2EJw11WTqcEoSzByFWzvgBJQmou-DtB5_WKvoOO61yv5JUlSueZSQev1R0ctDPulHOgdqNfUI74

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&h=90&slotname=6999061358&adk=1654834549&adf=4024902593&pi=t.ma~as.6999061358&w=728&lmt=1527258580&psa=0&format=728x90&url=https%3A%2F%2Fasdf.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888278&bpp=6&bdt=160&idt=93&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&correlator=224886974557&frm=20&pv=2&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fgP8QN7BSo&p=https%3A//asdf.com&dtd=106

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 Jan 2022 04:08:08 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8F78 12 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYq53HcYQTZWfb2UpbTdFngk53JMV2iuASWZ0CROXdl4w_sMa796P1WUAjriGgJSAoYlrhB-pK3FF_equnFKQj54ryw4M41K67G81-0IcMxL4TsSDCgFovClbYnCikd2cm2_du1h7KitsS30RZIRiKXMOmnw&cry=1&dbm_d=AKAmf-AXzJDkDG8uQY5obcVmllOzt_JbZw2ddDtR0fAUlLllvRNORR_Jy0RvWivmJ2nbh__y5nnP0mNDQTOXzZlQ4mJC6pOgAvTlzoaceNokVyDikaq2Ya_Um-O0JpnMBJp0KYT8MxJcPKnwgY-TFlbSPDf0iw-EpAt2RcJFaPWgiyHgBxkCFSNpPL0sIt-_IYzKKro2VWu5Embx-xTjZ3dALoPtp3c7uLwGZPtKiMMl0YzwWWMf9jgt_ZxfztnKvt7MfMxpGYeWNPRvWtjDJ7SkvRuhtNUm77wkpfHGpEfErb-a-Eh0DBU2HOnC2TCwi35l5SgryKM8hhvsqBEXmsGjLeD0SHXWirSCtQ1BmsJKkzFdAHk8TF7ITXggxAzIwN60gI_w3cer5-Bm2dbiI0iuhkTd3Y3OhIa9_Bj_mg1kcCLFG0tVQQ6XM1HBN8J2ssjclFjFs2RN1yRLTR-nwmHBqYNf5giAGuUfKF4r0603jNDIb7odCvolXY-Pi2TnYCOVZ87Fgh85_Jmmg78tpLeFmcZ9WTaYo3rtzlpH8KUCQsX_PGep2fxCaXm-OOtPgvNAa721DC-Jw_iCbTeR3tY_1ZoELG0U5KfoX7m52XkGn13qR65LNRNL36X6Jm12cMp2RT8iNOD8a4hQma9xd0ZaTVe1XpUSvOJBC4iANEA9hEW68dtxMdXYll-p5pAGlxcRCyqJBNhkaMUeqScxPv5oHgvbmvyCQ4G4dmBNL-nVgLSoy2l1SveIaavNjogJ7ZAwaLgFdfJGZl82810nqiwkRiZb5ZD8vzt0RAklSxK1CakRkf8z_H-Ity6B4-R4WSVD1X8RZlRMAkFkBagU9a6zh_yGZEm_PYcORwFQ3NtPWzRc7nxLC2BGOzNYSGIbTc5H1rpO-GWFOn6BL-UdP7gVNXpCmYqbb_FlchYmRLwbxyaNG83FdRliLDn06RuagTLZa0bNh6P2bTDLP7IBe9Txz8JX4DQAS3EMspqGYsQ39C1cfoPTx8888-B_kRKJJdUOCk2AgczajarbbuBJS9EqN8qAdU8ZHS78h3lmCZ154ZEi9UySZkphslZ_ArVEIid9n-1TsE0cl51T_kxI4w8PVHwKlvV4lNlLbAAWYQGqWyG_iEcc61QBpTDMfRooByV2Y2pc03HCqa9JSnjZccBiwG2Z2sLGuUfn4zoXcBzQ07uq1sbyX1xFaLLufUnocgbWxafqz65qRFbZGJpuWQ7KIkqnOSx5Ufxgy7kz0r5N_Z2ReCgG_KMpnlKTfAL6AYcv0tVpSacdS3TKDY0V8nO-emYbRiGtAYIBCTN_0k91wuTcYIP96BRfQkabW3zDM7sWRb4rT8jziA8Xfbglzt0zU1aHXNdBZ1K0_iR6Dt9ao1LhcybnCzSAeC92Fsv6ber1adL8WP_WPCAgLY_xcEfAswmxeDJKp5ZZ2Ojt7DwPJtjQIFx4vDtQ0qxW6N4UBsPVzEaqEp4iMg71Y0w5l8mK5bhZ13Pqvw8C4WY-ylzLNRKTcbFFxFSQMrxqq6ClzPEB57tkkF7a-r4000o1Vl79bmXU6_ugcOWu8sLYEcnwOfHXlA7IE7hxotpz12PrCWhmnJ6j4H4udSbynSAW_HQ95ZF-7oXg_l0WNJGknhpkdZ1TtaPzbmjJTOLel8ZSFpnd1uWHy482LIKb3LBmHTyQD07EI0G91KJKQhi67H7WNyF7AXd1QFBhdFhz-yngo9C8HiE_MeX-uRKY5EyRctNN5nOTVZIw-e_vwOQNrq_0fBrmSzKSC1Tm7aItOAYRkxU2YThLSDN3HAsyGum95OHMktrxvy59LtqC-bWtb3IvSjaVo5_NAoEoWUSmPpoTlM49atwP4ezyFk7X0eRAyVZ8MsgTh6oaUV6zRqV1G7NFuNxzz7EeexjG29UoPRWvX6FxLLAPMdbhvJ0s_awx88FL9YILwD4k9A8oyiKesUvEIvz5BzZqKTfS5P9GL9kwwTuZsPiAxCfLCCN2FOMmqK-n5Q-sS5GAidwWWM2gfUj-ravfjNTej3uzaGwZfPGr_jW1AKw1sz9Bu1uJVhA__TCL6L6lU9CW-v6OU1gOHMXm5kQHqCh3W_4jgauY3jt0Lkh5tVnhfeOynOn2tkugg2Hg2sjEFVQPjuMEX6wmT7pDKTDcj2IwD27EDzUhC5BnOt3LL34GrJZK_r_dUo-QpppV7S3K3ZzowoYm28she4NDlbT4RNo7tunL2yNhumN8B6dftjzZ7iuzTdL7DFFvFoyOQOz8svO2SwMLybNFNyraPzQPbnXYyEUwygmC6lXRoDwZH0VhuL-WpSIm6CJMKv-BCdXIDHHIyWP09esp9EqdG7sRQIneCFHQIZQkBgbx8snkrXkLcS0HJSlwBo6gVmwCUNBwE4L2Yldv3uD8SZacPYHngDCDHDk_yVHxzvjBpnPiFr7E6LGM1xI8TG2AdkBdScle-sYeSTXOls3JCFK5wO7mIWsKH0WzR0w019JUd3-C5XRj1kzc9q6zX4QbD4SnmK2R8voX0vr7iDAhCxP4YHxwjF-ZKphqQRziJKNh5EbfTp1P0YTxg5j5MVkI_nheItmTKZShfUaDopnTsQLiSNZ-ucLhePOevcXazjzaroUxUyow6jli31f8hfacG94Gn_h-oxaXZ-1FIylnwNQn37Ql1Zh9VkonK6ddfLLgSE-LZHJT_aa7no0mvSPlHiUuZfhQ6TIskbtRAU-_064uzdQcUaXXy1yJPgikLDTe4BIX25Oer35HfGFKWUlBhezp1HMo03kmhsU3KPWZqqmKP3WqHG0Lt4BHeay7NfuHKqtLh4u-uzabaLQESaHuvlS9dqID7FZJ_GOBObqp2vTesQ9JxGX2eW1BTkhHjJfIa_h3IIqgbU7B38Y1Do8jLjzN1uDBW8egXqQ_ZMg8JrymVtKO9UbTPL3VUhr7CcpjE71z8Sm2AOwG&cid=CAASBORoLwE&rfl=1%2Chttps%253A%252F%252Fasdf.com%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29714995cf077ada37de824adc4a9522cd63d11868f656000ffb67b43cf842c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&h=90&slotname=6999061358&adk=1654834549&adf=4024902593&pi=t.ma~as.6999061358&w=728&lmt=1527258580&psa=0&format=728x90&url=https%3A%2F%2Fasdf.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888278&bpp=6&bdt=160&idt=93&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&correlator=224886974557&frm=20&pv=2&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fgP8QN7BSo&p=https%3A//asdf.com&dtd=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9150
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201270101/ 150 KB
53 KB 39ms
38ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201270101/reactive_library_fy2019.js?bust=31064599

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99983396d83003ba7045d142f5debe4014d7cf44e46b80b863aec54e9f62c722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54470
x-xss-protection: 0
server: cafe
etag: 2452237504084139934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ED9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRaTXZWhmelraF3OcGovAc&google_cver=1

43 B
1014 B

24ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRaTXZWhmelraF3OcGovAc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYp5TmvgEwAQ&v=APEucNXrF6JntHaQD1ovg1DeJaIMrJfVOu6neRL-OzfExXCg839olaUk6RRTaz1xYgN-sYW5bKBS1mvbahqUC2lOi33xVJHySHkU4ia9rbZj2EJw11WTqcEoSzByFWzvgBJQmou-DtB5_WKvoOO61yv5JUlSueZSQev1R0ctDPulHOgdqNfUI74
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 Jan 2022 04:08:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRaTXZWhmelraF3OcGovAc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame ED9D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfNsKNm8V.UPb9EXUI6e6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2

43 B
894 B

21ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYp5TmvgEwAQ&v=APEucNXrF6JntHaQD1ovg1DeJaIMrJfVOu6neRL-OzfExXCg839olaUk6RRTaz1xYgN-sYW5bKBS1mvbahqUC2lOi33xVJHySHkU4ia9rbZj2EJw11WTqcEoSzByFWzvgBJQmou-DtB5_WKvoOO61yv5JUlSueZSQev1R0ctDPulHOgdqNfUI74
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 Jan 2022 04:08:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame ED9D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEH8lR7CQt1U2x6keCBqVp-Q&google_cver=1

43 B
1008 B

61ms
22ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEH8lR7CQt1U2x6keCBqVp-Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIr22QEQpoGC5gIYp5TmvgEwAQ&v=APEucNXrF6JntHaQD1ovg1DeJaIMrJfVOu6neRL-OzfExXCg839olaUk6RRTaz1xYgN-sYW5bKBS1mvbahqUC2lOi33xVJHySHkU4ia9rbZj2EJw11WTqcEoSzByFWzvgBJQmou-DtB5_WKvoOO61yv5JUlSueZSQev1R0ctDPulHOgdqNfUI74

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b8fd40ff-4b8f-46a5-b64d-3a9c699b272b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEH8lR7CQt1U2x6keCBqVp-Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ED9D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D

170 B
188 B

52ms
28ms

Image
image/png

142.251.39.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D

Requested by

Protocol

Server

142.251.39.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 22ea480e-8183-45da-83df-b5d103f29143
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F78 41 KB
15 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DYq53HcYQTZWfb2UpbTdFngk53JMV2iuASWZ0CROXdl4w_sMa796P1WUAjriGgJSAoYlrhB-pK3FF_equnFKQj54ryw4M41K67G81-0IcMxL4TsSDCgFovClbYnCikd2cm2_du1h7KitsS30RZIRiKXMOmnw&cry=1&dbm_d=AKAmf-AXzJDkDG8uQY5obcVmllOzt_JbZw2ddDtR0fAUlLllvRNORR_Jy0RvWivmJ2nbh__y5nnP0mNDQTOXzZlQ4mJC6pOgAvTlzoaceNokVyDikaq2Ya_Um-O0JpnMBJp0KYT8MxJcPKnwgY-TFlbSPDf0iw-EpAt2RcJFaPWgiyHgBxkCFSNpPL0sIt-_IYzKKro2VWu5Embx-xTjZ3dALoPtp3c7uLwGZPtKiMMl0YzwWWMf9jgt_ZxfztnKvt7MfMxpGYeWNPRvWtjDJ7SkvRuhtNUm77wkpfHGpEfErb-a-Eh0DBU2HOnC2TCwi35l5SgryKM8hhvsqBEXmsGjLeD0SHXWirSCtQ1BmsJKkzFdAHk8TF7ITXggxAzIwN60gI_w3cer5-Bm2dbiI0iuhkTd3Y3OhIa9_Bj_mg1kcCLFG0tVQQ6XM1HBN8J2ssjclFjFs2RN1yRLTR-nwmHBqYNf5giAGuUfKF4r0603jNDIb7odCvolXY-Pi2TnYCOVZ87Fgh85_Jmmg78tpLeFmcZ9WTaYo3rtzlpH8KUCQsX_PGep2fxCaXm-OOtPgvNAa721DC-Jw_iCbTeR3tY_1ZoELG0U5KfoX7m52XkGn13qR65LNRNL36X6Jm12cMp2RT8iNOD8a4hQma9xd0ZaTVe1XpUSvOJBC4iANEA9hEW68dtxMdXYll-p5pAGlxcRCyqJBNhkaMUeqScxPv5oHgvbmvyCQ4G4dmBNL-nVgLSoy2l1SveIaavNjogJ7ZAwaLgFdfJGZl82810nqiwkRiZb5ZD8vzt0RAklSxK1CakRkf8z_H-Ity6B4-R4WSVD1X8RZlRMAkFkBagU9a6zh_yGZEm_PYcORwFQ3NtPWzRc7nxLC2BGOzNYSGIbTc5H1rpO-GWFOn6BL-UdP7gVNXpCmYqbb_FlchYmRLwbxyaNG83FdRliLDn06RuagTLZa0bNh6P2bTDLP7IBe9Txz8JX4DQAS3EMspqGYsQ39C1cfoPTx8888-B_kRKJJdUOCk2AgczajarbbuBJS9EqN8qAdU8ZHS78h3lmCZ154ZEi9UySZkphslZ_ArVEIid9n-1TsE0cl51T_kxI4w8PVHwKlvV4lNlLbAAWYQGqWyG_iEcc61QBpTDMfRooByV2Y2pc03HCqa9JSnjZccBiwG2Z2sLGuUfn4zoXcBzQ07uq1sbyX1xFaLLufUnocgbWxafqz65qRFbZGJpuWQ7KIkqnOSx5Ufxgy7kz0r5N_Z2ReCgG_KMpnlKTfAL6AYcv0tVpSacdS3TKDY0V8nO-emYbRiGtAYIBCTN_0k91wuTcYIP96BRfQkabW3zDM7sWRb4rT8jziA8Xfbglzt0zU1aHXNdBZ1K0_iR6Dt9ao1LhcybnCzSAeC92Fsv6ber1adL8WP_WPCAgLY_xcEfAswmxeDJKp5ZZ2Ojt7DwPJtjQIFx4vDtQ0qxW6N4UBsPVzEaqEp4iMg71Y0w5l8mK5bhZ13Pqvw8C4WY-ylzLNRKTcbFFxFSQMrxqq6ClzPEB57tkkF7a-r4000o1Vl79bmXU6_ugcOWu8sLYEcnwOfHXlA7IE7hxotpz12PrCWhmnJ6j4H4udSbynSAW_HQ95ZF-7oXg_l0WNJGknhpkdZ1TtaPzbmjJTOLel8ZSFpnd1uWHy482LIKb3LBmHTyQD07EI0G91KJKQhi67H7WNyF7AXd1QFBhdFhz-yngo9C8HiE_MeX-uRKY5EyRctNN5nOTVZIw-e_vwOQNrq_0fBrmSzKSC1Tm7aItOAYRkxU2YThLSDN3HAsyGum95OHMktrxvy59LtqC-bWtb3IvSjaVo5_NAoEoWUSmPpoTlM49atwP4ezyFk7X0eRAyVZ8MsgTh6oaUV6zRqV1G7NFuNxzz7EeexjG29UoPRWvX6FxLLAPMdbhvJ0s_awx88FL9YILwD4k9A8oyiKesUvEIvz5BzZqKTfS5P9GL9kwwTuZsPiAxCfLCCN2FOMmqK-n5Q-sS5GAidwWWM2gfUj-ravfjNTej3uzaGwZfPGr_jW1AKw1sz9Bu1uJVhA__TCL6L6lU9CW-v6OU1gOHMXm5kQHqCh3W_4jgauY3jt0Lkh5tVnhfeOynOn2tkugg2Hg2sjEFVQPjuMEX6wmT7pDKTDcj2IwD27EDzUhC5BnOt3LL34GrJZK_r_dUo-QpppV7S3K3ZzowoYm28she4NDlbT4RNo7tunL2yNhumN8B6dftjzZ7iuzTdL7DFFvFoyOQOz8svO2SwMLybNFNyraPzQPbnXYyEUwygmC6lXRoDwZH0VhuL-WpSIm6CJMKv-BCdXIDHHIyWP09esp9EqdG7sRQIneCFHQIZQkBgbx8snkrXkLcS0HJSlwBo6gVmwCUNBwE4L2Yldv3uD8SZacPYHngDCDHDk_yVHxzvjBpnPiFr7E6LGM1xI8TG2AdkBdScle-sYeSTXOls3JCFK5wO7mIWsKH0WzR0w019JUd3-C5XRj1kzc9q6zX4QbD4SnmK2R8voX0vr7iDAhCxP4YHxwjF-ZKphqQRziJKNh5EbfTp1P0YTxg5j5MVkI_nheItmTKZShfUaDopnTsQLiSNZ-ucLhePOevcXazjzaroUxUyow6jli31f8hfacG94Gn_h-oxaXZ-1FIylnwNQn37Ql1Zh9VkonK6ddfLLgSE-LZHJT_aa7no0mvSPlHiUuZfhQ6TIskbtRAU-_064uzdQcUaXXy1yJPgikLDTe4BIX25Oer35HfGFKWUlBhezp1HMo03kmhsU3KPWZqqmKP3WqHG0Lt4BHeay7NfuHKqtLh4u-uzabaLQESaHuvlS9dqID7FZJ_GOBObqp2vTesQ9JxGX2eW1BTkhHjJfIa_h3IIqgbU7B38Y1Do8jLjzN1uDBW8egXqQ_ZMg8JrymVtKO9UbTPL3VUhr7CcpjE71z8Sm2AOwG&cid=CAASBORoLwE&rfl=1%2Chttps%253A%252F%252Fasdf.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H/1.1

200
OK

728x90.png
vht.tradedoubler.com/file/321161/engage/se_engage_jan22/ Frame 8F78
Redirect Chain

https://impes.tradedoubler.com/imp?type(img)g(25157572)a(2541710)168545887
https://vht.tradedoubler.com/file/321161/engage/se_engage_jan22/728x90.png

22 KB
22 KB

79ms
17ms

Image
image/png

65.9.61.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vht.tradedoubler.com/file/321161/engage/se_engage_jan22/728x90.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5526145018929722&output=html&h=90&slotname=6999061358&adk=1654834549&adf=4024902593&pi=t.ma~as.6999061358&w=728&lmt=1527258580&psa=0&format=728x90&url=https%3A%2F%2Fasdf.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1643342888278&bpp=6&bdt=160&idt=93&shv=r20220126&mjsv=m202201270101&ptt=9&saldr=aa&abxe=1&correlator=224886974557&frm=20&pv=2&ga_vid=1869409746.1643342888&ga_sid=1643342888&ga_hid=1947549083&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=494&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31064599%2C21065724%2C31063246&oid=2&pvsid=2218053830123180&pem=712&tmod=1234276864&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fgP8QN7BSo&p=https%3A//asdf.com&dtd=106
Protocol: HTTP/1.1
Server: 65.9.61.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-94.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c2ed3ad393f4c4dfbffffc1aa1b38674594846c0c8cbcaa2c4643ff264f165f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 07:22:17 GMT
Via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2022 13:10:59 GMT
Server: Apache
Age: 247551
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Content-Length: 22566
X-Amz-Cf-Id: 4k_0L33JC8Z8fQB86IWUiu9GBtH6oitfXLBM_m7j9-ijAnyyAtegHw==

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:07 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
location: https://vht.tradedoubler.com/file/321161/engage/se_engage_jan22/728x90.png
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7C4D 22 KB
8 KB 41ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 147435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
122 B 52ms
28ms Script
application/javascript 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=asdf.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
26ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=asdf.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 9094 10 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 27 Jan 2022 15:41:06 GMT
expires: Thu, 10 Feb 2022 15:41:06 GMT
cache-control: public, max-age=1209600
age: 44822
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8F78 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3121e39cfd0b64b9e57899024869174de32319042f1f68c4122f4052b2e5c68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 52AF 624 B
297 B 29ms
28ms Document
text/html 2a00:1450:400e:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCA3wIQut606gIY_-CowAEwAQ&v=APEucNXrxfnQh9ERLxJDxofd2AXPASvByQKwKqKsvyaNe8oxeO3408XPVLsRzn3KK6nXbbPf6hUwaekLBIgDEL40UinjA8PnJRuFa-NGsjclDyK9eeamLQW_RN-HVBCTrC-yWK-36AGPG5dlIXfHaN7wQnEtIcFMdcjc2cmylxiGuJ2BAhGO8Jk

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:810::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 Jan 2022 04:08:08 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame B4B7 18 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 03:49:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 03:49:08 GMT

GET
H2 200 17143310981783156177
s0.2mdn.net/simgad/ Frame B4B7 32 KB
33 KB 89ms
17ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17143310981783156177

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e1a55f2b1a508cb9834500bc5ebf52cbe74d716783db15ef7550531cc37af42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 06:19:01 GMT
x-content-type-options: nosniff
age: 251347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32980
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 13:31:59 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 06:19:01 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame B4B7 6 KB
3 KB 22ms
22ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 00:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 00:06:18 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B4B7 0
571 B 119ms
61ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuxlkOqqi8uA96BGF9hMVhy4_ULBt_mxIcdzgI_tn8lRxwW7E0gFBGXXCBuJvd8gM4rvkKl7TvLnMgB_SgzSI3sIuPok0XZso0QoMQjwmMHzJgLi_C41VxEvEat7J9_PL_JHxe6FkZPjBsd177NKFVBr2uNFDgeNS2HcwumfK0i6wxFDq7acOWCJ6u97k45D9LRBRm2nBjy5MZfOsgvWTSzoCoYip66qjyOpsihMgAdfBTvDTDOTziOGiUE98dzPzsVK7vqIOI_NiHMjviCSpFD-yyREJXobdEShr-s4zDlTyeWelwn4zMTU33mrvyyVidoV_Z_USUm_1KIc1DgO--tkuHprlCaFQ915Ix9mNFTTaTgQGe1lNmWr1ndobEDixtBDgEVTE5gJpK9byqydExFMW0qqxnO3zbQi8Lu-ZFUznCyLCEzhEQKpjgzjyJqNy7QYiI2pSSsVzP1IvPfBdmpp6N-9ItIGw9k4T_ZB53uJS85vOjnJVVFDuqKrE-wACWKX6cEhwNAKJeMDWR8hj_9EkRc7-H56iSvzyuOnC3boV5sg8bxKZP2o8faK43z-eF8tfbG_j9Q29EwkPcaUNevOy3GG-5cJhuL62m_IHFuxs_iSvC_Vb6oPQPgVDVT_OeZjH3xPYYSSDvBLHThJhoLAQzKL5wr4QiUHbhRigZRzHOelFfOziZbOi9qGD3-TteZgC0BXit9ZvWrbfcZcy_qEq0U5S6BctOShyFS4FXQz2WgS9OdW5SAl6HfE9_MXA4fOq1NfopJTww5CHjGS72YJjx9I0-fAwN-WsE6F0xNR11kQT5ZO6wOFWVpkBVclSGLDmR9KgaKgVsXCZfGhLEZ2G1vKm-v7-B9hwN_vxIgaMttSpu5E4IovkJs5C3qo5P0EVY6G7qv_YLfA_blG_r6MHRtzqp2N4RuebPpDVngLk18DSVP-K7QNmWvuuDcypEOedXuwcE262AjNKYUnMwfLtF5djPWKHRI5eSlQMORrFLHbuAvAxwok4FkAkFbHKttTXOv9Qmn_6DhnGaGZ7oLgbxJIvyKw_qL73YJTou649CUZA&sai=AMfl-YQwUlbNzY8Bz_2V_M31lX2Om6q7dV5yORm6SuTosSop49kyuay4vto4nZ5cWVVn3LT2DsAY12J3KZJRcwM_Y9L6TUYtFP_eBj8pK1r-uYhGAmQtatDzFDKZx4jwl0FQa5veXLYxaqc--JjnD_OK4wmile47h4GqUbumLXii6DWmPqbL7OByXHE&sig=Cg0ArKJSzGUT5yngKEi2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220126.98228&adurl=

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 28 Jan 2022 04:08:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B4B7 41 KB
15 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 15:54:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:54:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B4B7 2 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 04:07:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4B7 123 KB
37 KB 53ms
27ms Script
text/javascript 2a00:1450:400e:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B4B7 14 KB
6 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 03:57:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4B7 42 B
63 B 30ms
29ms Image
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COQ381o-JmY4qkqjHym10AqhX0wWMtj-vdSP2Xv3TYQLC6b31rEt_acARmlyBKRpUlIeux-htT6tdhbfc9alO1tyqreanq5MV6xNe1bEmuwP5NoJk

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C4D 35 KB
13 KB 22ms
21ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 23:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 23:44:28 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9A38 22 KB
8 KB 18ms
16ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Jan 2022 11:10:53 GMT
expires: Thu, 26 Jan 2023 11:10:53 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 147435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 52AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1

43 B
894 B

23ms
22ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCA3wIQut606gIY_-CowAEwAQ&v=APEucNXrxfnQh9ERLxJDxofd2AXPASvByQKwKqKsvyaNe8oxeO3408XPVLsRzn3KK6nXbbPf6hUwaekLBIgDEL40UinjA8PnJRuFa-NGsjclDyK9eeamLQW_RN-HVBCTrC-yWK-36AGPG5dlIXfHaN7wQnEtIcFMdcjc2cmylxiGuJ2BAhGO8Jk
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 Jan 2022 04:08:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 52AF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfNsKNm8V.UPb9EXUI6e6AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2

43 B
894 B

21ms
21ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCA3wIQut606gIY_-CowAEwAQ&v=APEucNXrxfnQh9ERLxJDxofd2AXPASvByQKwKqKsvyaNe8oxeO3408XPVLsRzn3KK6nXbbPf6hUwaekLBIgDEL40UinjA8PnJRuFa-NGsjclDyK9eeamLQW_RN-HVBCTrC-yWK-36AGPG5dlIXfHaN7wQnEtIcFMdcjc2cmylxiGuJ2BAhGO8Jk
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 Jan 2022 04:08:08 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMRJvVyfSJ4IO88uZKC-g9k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 52AF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOv2R1-61cMA4uJK9ztMxN8&google_cver=1

43 B
1008 B

22ms
22ms

Image
image/gif

185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOv2R1-61cMA4uJK9ztMxN8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLCA3wIQut606gIY_-CowAEwAQ&v=APEucNXrxfnQh9ERLxJDxofd2AXPASvByQKwKqKsvyaNe8oxeO3408XPVLsRzn3KK6nXbbPf6hUwaekLBIgDEL40UinjA8PnJRuFa-NGsjclDyK9eeamLQW_RN-HVBCTrC-yWK-36AGPG5dlIXfHaN7wQnEtIcFMdcjc2cmylxiGuJ2BAhGO8Jk

Protocol

HTTP/1.1

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 25d21e9c-f7a5-4024-9490-414d4c01630a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOv2R1-61cMA4uJK9ztMxN8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52AF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D

170 B
188 B

28ms
28ms

Image
image/png

142.251.39.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D

Requested by

Protocol

Server

142.251.39.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 04:08:08 GMT
X-Proxy-Origin: 217.114.215.132; 217.114.215.132; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fdbb329d-c675-4dd4-bfef-3e23b718e64d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY2NDk0MDM3MTk3MzM0MTEzNw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B4B7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d8c76aceb669766d5720acae0383b32a1e43657bca0f4c8c73869c87de0294a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A38 35 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 23:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 23:44:28 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B4B7 0
60 B 51ms
50ms Ping
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: asdf.com
URL: https://asdf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 04:08:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 54ms
30ms XHR
application/json 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11222676c678b9a138319e835ab96fb08c1a7094a80b211c8ecbf4563f0539be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9074
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C4D 0
20 B 29ms
29ms Image
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByHuNKGzzYYfDI_if7_UP1ZSN2AIAAAAAOAHgBAI&bg=!EBOlE1fNAAY6OBv_Ojg7ACkAdvg8Won4QGaON6xfTNC4WE1-4m1xNmTS9J5YsnNRLhaRcx8AMlBhGQIAAACQUgAAAANoAQeZAvj8XdznVcf0Y64xpO0Iut7N2rhKeE9dnAswJZK1A3BbZO9l--wUH_5AvzCy4S89A2NO8IqYAVUxdPbG_gWghKKsjqF1zhJspk09ILXjpKImMMn7gH94hErcHQZY_VWb73M-mCnsoEn-fZNVgYv_WaEJ0h_mPrmPNszTYtTPZQNlvn7MKq7CZeKEsvKp4D64-KUVfEIWN7-qlDU6qVBRpLDSyKwMHL-oJmSsezwwQnSItrJCcQUZ1IbmCGf7I3522-VPSxyZsAJeUKQaYJbV3859TbPyClXhbZYp_o13mfPA6podfJhEnh9vonWXjkUsrJaM7WWN8EBF1M6kofSLtJgRDg2UNQWYr3b8KU-wGbG4YSQSqO2YKDgo4qmhbkoE_QOlgSgsSm1tvJDY6GkdQo6nXIohfvRKB5EqpAd7rYqT_y7JdBqjEs4SVmxkT0Rp2y77vhRgJ1au83zWDD0BulFpZGIXXCVrsd37df1pHPUivisCLUeVHK3AnJJN38gRmwWVaLuypZRxBqREvK84zbMES1IzJgTd9CuOojgojXZNdQ4DZCYLp0XsE_2AYNquOksQl_cVGpg3OfHJmfMV9pqoeQ3D_H4y6GJawjPikN6rAMiYwF4SHptCejGwaH-HWBYXvnqolbVP6_dgPYoHxqG7b5UFM3SC8vfOYWK3GF_xQ5l2qMu9h7_9Y33gsPNHKbxOhgLPFg8aV4GX1Fxr_bCnyZCG29Zcjbgq1bCtrSC_uG9dLzVOtaJ00dcqnrbxEJ0IYn7RCLMdEtl0i0tXonSLeos6cL6TIzfHiF7dFqPjqwW6UdvHLMRQgGXsrT9TBsQNil7yYR1885Zpy_uARZgx2vrUnjS4x3EXctEoBbCc-gv7pTnQ0GIFI_bZNL0zL-Km_qQ_3ghnLMv4A1QbK3yuMTeMkoWfSIiEfJKDj8kLjVIGC314EwE_55Ls5EqkylQliNo4bjLnMO2-WA91FEvxPO8HMTYytbq4U_YDIVsuFIno_Ixc5zeY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 04:08:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D21 13 KB
5 KB 16ms
16ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 00:30:15 GMT
expires: Sat, 28 Jan 2023 00:30:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 13074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1933 783 B
1 KB 69ms
28ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

936f3c02fb14e79c2b1d3c23df8ba5eb29b0110bdc4824cb00f93800ef2455e3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5C7Z/l/2OVloXQio8IbBQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Jan 2022 04:08:09 GMT
date: Fri, 28 Jan 2022 04:08:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5C7Z/l/2OVloXQio8IbBQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A38 0
20 B 28ms
28ms Image
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6kGJKGzzYdy9GpWBjuwPjrmKgAEAAAAAOAHgBAI&bg=!Y2ClYCTNAAY6OBv_Ojg7ACkAdvg8WhCddGIcOprPciQ1iYaRQ2c-iCUVwH_HbY7aAuOv02cqGLxR5gIAAABuUgAAAAJoAQeZAvwy5tnAf-Yb2CU4UQeQCzPWsP-FOGYdu9Y2M-8En81JQL0yFcyzDPQtVFDhICZcBv3ZSOK2_GvfCiCR_dCWSaG90S6ZBkOFDDhyYgazPWRx9oaUb8LMM9xn69Z-5wew0QK4cH7jOvGwpFrAxv1QvekxkKr6Knk52ZCatUU69TpaVmF1l5J9ZMW75oDxW4lz_2QybwOqEDOvyyIcl2g8YnwU8sS8BD-0iX9IrEOcS5xwdbsSd8XuIoyj7Am7UkY-4GDp0YPDLPaZ2D62-55FxKHGF3x86xm3zIjPzlNO9PjlCNdqyZzNKDCC1DNvhYZmttvOZbePAb9u7b5g4KPTiUPKrRDjmLJtZhOPKvnpJMgGFrm5s6gz4aLSJY_bWTOtBYDapRnIiozJgYtgGlhyM1-5lJBkVrbhsN46lJjnkZqneonOFn4Rf_WDoLr0iDEsiKM8pIxHABa-mNkTXIo-oeOhlYUqaPJk-jU7YNpd9SVUw87cYxsD6jqyXc1sUGOWzM4akEFJ4H5LBLCizC9NjSolUkh2pdst06WZXbu2nzwSfp1oGMtzCt3JCuJK1HowvSQbpOJxsW9wubcHWi8XIkX3kNjtMAzu0RzM_xST9CUIEydee06xenVv8vUlxQ9QnMjUH2SSWTE8YEmDzz0JztYl5gKe0GfEhrOovuKNIHki4LqxhyZxfw-wtUfVZ_CJN9RW8eF8iTTOW8b4mogEH-bqP6wJSLnmUpmd_sYqsilLmj4pEeq80TiMVj9IO6GpVnr07gWxYsn1-NDtEYnB8bIOClrclVTb4-Mv_wvuUf1Mkpo2-qHGbKdo6ZUbT_b8NFy2p6xHJ93u6jSB0mSCq649KvVKC-gzLb4dEZv4FK54uMBFqjvcIRFSJJQVDHead9qpAAoXAlt81nVraUTomFtPSTNaqsn4CVupL0r70qdXdWotokBEzxkL_mnUHYLvjN2BqQTyrWJKguoSNtOI-o4uQrz8SUBtWtaYw_0yXf30Ow0GOKmwWmmCxcnx9Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D21 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 23:44:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Jan 2023 23:44:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1933 0
0 44ms
43ms Image
text/html 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=2218053830123180&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8D21 0
9 B 16ms
16ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k8b0qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 04:08:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
30ms Image
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=2218053830123180&bg=!6Oul66_NAAY6OBv_Ojg7ACkAdvg8WkZ1h6mt79QpOvXJUi9EscdXIxZUPN5OzNe1wJF4XNfokvPB1wIAAABoUgAAAAJoAQcKAJZD-XRva6q00KsD0ChnA-mDQmUBG6VQwdLuiMw3wIp3sOCwcrRIXuFofQXsSJd2vjYNLPnerZbZCt2icxhz3AQ5Z8ngGWJ9y8Z7-SB6YFwyP_7fLNGLrqrzctJ8QucJVqMN1ydGjUcpDvZrlMQMiSI6CFwrJKSGp0r0SSawGBZRiLNmKYnBzOJSSYE_AAelRJ3MWMYDTsCZArM-N5dVg1VCdaHU12dS7I-ARK7DTTiWSpcgakAcz7xQW5jr8gmSma2z42KhZeMcCKQP_eamNcdNPs57pqTIVYn4W8Ks4acqYtkuMC-FZb7Q7KLyvEkGICzKxtJneyMz6cgrgxWN0kwoBgc9sGU4BGjtK3h3RpvVpN_LOWrVjxSmksKiX-EwC7SgK2B1-VzllgrkUxrP_jWDG2wo6kF-HBv6flB8I948lo5pHM5Z5VA7Y-b6zxxm7786FWaz9ZdaNhCpV6BelqwlG7QDteLFYi1kJUMJFrMtfKC2SoyvIgTdCUnkL5c6hkjqPbjvxplJMlhvwrAGBoolCyJMybPoGxQc8LJCRZSDaaYxAmosnyovNGvMDz315fKJJW8cko0XFu-VrWekxbu6Tad9r8DwUtiFsmqrzJp6Of10qBjnfu613mYtTbqSjPin8tVOIWWLLgkIymfbwBVZXsmojpm8cIDyVDP-CunDsh7EJRSKek8JQU67iiWBsKVN1qGWj-duR2WumyFRGlVEJqF7pjAhJl0DYVeICFIGJEQF-mgFRX1KaieY676PkU-FKlh3zrSE9o33U4IYIZo739eMMRQqz1IaxJSCQYDaOcOypz1bz7tmrl7w9p-64j8II59hctvOxvt6ODLREAjfW0gHZ2UoM4TnSlOJLA0QuA_oui3X5uR42aavtBPZP74cD6ySHReEyRScwvb-0ZMlbQEMHkOBMI9hWHT4Y92httQt8_lzUxi167oJmuhR_ZFR0X7Oq9qtVHOS52xmI-16qmEQ2sEUqmAupBN8nntxBiF4RQk_7MYddiW-okzxN8uBAFmxoy8tzUkpfjTtmRXDDLV2utIXzJVZQFOl-OBiQZoCf6EJa8ULWzTAEOZtTbo5oWv3zrKybr9U3eU6Cr6kV4QTq33FpB8ZdVhf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://asdf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8F78 42 B
64 B 30ms
29ms Fetch
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIL3Bsc2NVP-FSjpPg3cCQL4YRru27W63fGk6hSPEl9Ofh3A7g712qPsrzUjU7lKFr-ZAF9rV0kC34Bk8CKREiPgfhxetdZa5joWdWX8jgyNIkUTBqNA&sai=AMfl-YSjhttpknWHaqjsDpmYzEQIMVPdkEZcD3xVfKyaRa0qtiIlOBuAhi0Br38CJDGidLR6nbknFjfKMepH&sig=Cg0ArKJSzO1uSQquYX11EAE&cid=CAASBORoLwE&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=1654834549&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643342888385&rpt=499&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B4B7 42 B
64 B 31ms
30ms Fetch
image/gif 2a00:1450:400e:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQ_BcmOutMZj4GmtYiyRha9kC1WL48wmJFPqzFqNfrFOlju73KGXY53m0YB2wduWhyubPPqFP-xPsab-0VPjPPhwvn-aBwuOyGBv7o&sai=AMfl-YTJwtVyNa_jjPe5QQ8icZC1uC2rPj1MyC1ZKeKZRgIkfZbh5FnkStFO8N8e1XMVtqdBgbJ0sr0tKlOJ&sig=Cg0ArKJSzIUorORU_Z7PEAE&cid=CAASBORoD38&id=lidar2&mcvt=1000&p=0,0,94,728&mtos=0,800,1000,1086,1118&tos=0,800,200,86,32&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643342888713&rpt=142&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 04:08:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.asdf.com/	1970-01-20 18:00:14	Name: _ga Value: GA1.2.1869409746.1643342888
.asdf.com/	1970-01-20 00:30:29	Name: _gid Value: GA1.2.1456388481.1643342888
.asdf.com/	1970-01-20 00:29:02	Name: _gat_gtag_UA_3235813_1 Value: 1
.asdf.com/	1970-01-20 09:50:38	Name: __gads Value: ID=b6e12fad3d690c19-227e13092ecd00a6:T=1643342888:RT=1643342888:S=ALNI_Ma_L4kF2oY7MUg-Z57jFP08W1296g
.doubleclick.net/	1970-01-20 09:50:38	Name: IDE Value: AHWqTUn-aRQHri8IQ3v3zmjF5ansDFRVQ-ZF24YOnx8bSG423_ECPQJXr4rlroN7WN8
.adnxs.com/	1970-01-20 02:38:38	Name: uuid2 Value: 1664940371973341137
.casalemedia.com/	1970-01-20 09:14:38	Name: CMID Value: YfNsKNm8V.UPb9EXUI6e6AAA
.casalemedia.com/	1970-01-20 02:38:38	Name: CMPS Value: 3193
.tradedoubler.com/	1970-01-20 09:14:38	Name: BT Value: 1z11zzsKzskIBVzcuaph9Uzz4x1z9ycuaph9U
.tradedoubler.com/	1970-01-20 09:14:38	Name: PI Value: 1z11z1zsKz29uObTzCM9ny1y24T6Vy1eGbyyyAlJty1XFOy2HaUIHyyy
.tradedoubler.com/	1970-01-20 09:14:38	Name: UI Value: 1z11zzsKzIylkkz1TCfyLgT8
.casalemedia.com/	1970-01-20 02:38:38	Name: CMPRO Value: 1196
.casalemedia.com/	1970-01-20 00:30:29	Name: CMST Value: YfNsKGHzbCgA
.casalemedia.com/	1970-01-20 09:14:38	Name: CMRUM3 Value: 2d61f36c282760CAESEMRJvVyfSJ4IO88uZKC-g9k
.adnxs.com/	1970-01-20 02:38:38	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>1dxM4b!]tbPl1M>e)ZlrFUfJ+tGXxomV<O)B^-nd^K7`lUfcS.Q2W-COywUgFHcD0bpRzqF1`b^-l)hi<W

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.se
asdf.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
impes.tradedoubler.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
vht.tradedoubler.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.226
142.251.36.2
142.251.39.98
185.33.220.244
2.18.234.21
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9b
2a00:1450:400e:801::2002
2a00:1450:400e:802::200e
2a00:1450:400e:80f::2002
2a00:1450:400e:810::2002
2a00:1450:400e:811::2002
35.186.231.97
64.90.40.65
65.9.61.94
05cddf885a5757c5a99a87f2d9edf847e1c561cc9ad3a123d43108eec3521875
0b5a1d6131656355e723f2596eb6f1412e808776e8899593388cb0b7305a15c6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11222676c678b9a138319e835ab96fb08c1a7094a80b211c8ecbf4563f0539be
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
29714995cf077ada37de824adc4a9522cd63d11868f656000ffb67b43cf842c5
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e1a55f2b1a508cb9834500bc5ebf52cbe74d716783db15ef7550531cc37af42
396c4a297752a82a080f61fb8a4614c5ff3bef0f666830e70276a4f3465d2597
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aa959185839dd3af3a8cfb69c8151165fbd05b2f61302ec03bb5df274aea35c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
8d8c76aceb669766d5720acae0383b32a1e43657bca0f4c8c73869c87de0294a
936f3c02fb14e79c2b1d3c23df8ba5eb29b0110bdc4824cb00f93800ef2455e3
99983396d83003ba7045d142f5debe4014d7cf44e46b80b863aec54e9f62c722
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
aeb0d8ce41d961c168c629e58d5e0ce6786c42713ab8437e017e0217c24f1365
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2ed3ad393f4c4dfbffffc1aa1b38674594846c0c8cbcaa2c4643ff264f165f6
c3121e39cfd0b64b9e57899024869174de32319042f1f68c4122f4052b2e5c68
ce0363842af6458b5d39622d71bf285e3898801834c11123c5ed289b830a6d0d
d254aa9070dec69b2bb6973d2cb749edd1faae85234bafd5241bcd9c51ac5059
dd2f8b625981675a5ec70b70c1664a5b4307ec15f8eb869cd47034a26dc49f0a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

asdf.com Open in urlscan Pro 64.90.40.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

85 %HTTPS

58 %IPv6

13 Domains

19 Subdomains

19 IPs

5 Countries

604 kBTransfer

1492 kBSize

15 Cookies

1 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

asdf.com Open in urlscan Pro
64.90.40.65 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

85 %
HTTPS

58 %
IPv6

13
Domains

19
Subdomains

19
IPs

5
Countries

604 kB
Transfer

1492 kB
Size

15
Cookies

61 HTTP transactions
2 data transactions