taxcalculatorphilippines.com Open in urlscan Pro
198.54.115.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://taxcalculatorphilippines.com/
Effective URL:
https://taxcalculatorphilippines.com/
Submission: On December 01 via api (December 1st 2023, 12:50:40 pm UTC) from US — Scanned from DE

Summary HTTP 109 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 21 domains to perform 109 HTTP transactions. The main IP is 198.54.115.143, located in United States and belongs to NAMECHEAP-NET, US. The main domain is taxcalculatorphilippines.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2022. Valid for: a year.

This is the only time taxcalculatorphilippines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	198.54.115.143 198.54.115.143	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2 13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 13	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:e656:41e3:3e80:bff1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	52.28.146.18 52.28.146.18	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.180 213.155.156.180	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:15::9	15169 (GOOGLE) (GOOGLE)
109	26

7 198.54.115.143 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server202-3.web-hosting.com

taxcalculatorphilippines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.185.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:e656:41e3:3e80:bff1 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.146.18 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-146-18.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.180 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:15::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5lzner.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	509 KB
23	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840	195 KB
16	gstatic.com p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com csi.gstatic.com	208 KB
7	taxcalculatorphilippines.com 1 redirects taxcalculatorphilippines.com	97 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	138 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	863 B
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r4---sn-4g5lzner.c.2mdn.net — Cisco Umbrella Rank: 641171	949 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	653 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	451 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	207 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 749	797 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	389 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	545 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	262 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	84 KB
109	21

	Domain	Requested by
24	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
16	pagead2.googlesyndication.com	taxcalculatorphilippines.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
7	taxcalculatorphilippines.com	1 redirects taxcalculatorphilippines.com
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	www.googleadservices.com	taxcalculatorphilippines.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	r4---sn-4g5lzner.c.2mdn.net
2	d5p.de17a.com	2 redirects
2	sync.teads.tv	1 redirects taxcalculatorphilippines.com
2	dis.criteo.com	googleads.g.doubleclick.net
2	pr-bh.ybp.yahoo.com	2 redirects
2	dclk-match.dotomi.com	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com
1	gcdn.2mdn.net	1 redirects
1	x.bidswitch.net	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	onetag-sys.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	taxcalculatorphilippines.com
109	31

This site contains links to these domains. Also see Links.

Domain
www.bir.gov.ph

Subject Issuer	Validity	Valid
taxcalculatorphilippines.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-22` - `2023-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-11-14` - `2024-01-23`	2 months	crt.sh

This page contains 19 frames:

Primary Page: https://taxcalculatorphilippines.com/
Frame ID: 62C86AD2B2D735396E4C647CC110CA37
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: C0B2CFB942CC0B168BFBDAAEE5C2389F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&adk=1812271804&adf=3025194257&lmt=1701435036&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036011&bpp=5&bdt=1036&idt=232&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7251946930518&frm=20&pv=2&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 3FB33014E180C022025FEE26F9ACE5AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1701435036&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036016&bpp=1&bdt=1040&idt=241&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243
Frame ID: 19818202C5D06862DA386BD44539A9F7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Frame ID: 0E81EEBC995D3A7FAB2C59138FDDE924
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Frame ID: D1A0384DF910B4A85D8B7520187551E3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D78988E86EB63959EE49BB360D5DF041
Requests: 2 HTTP requests in this frame

Frame: https://p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: CE6062DD59AEAA25FF5F87004922CE49
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1ED16C5AB617204EB3843B3771692E37
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: DED25F636066A79B96987641A0EEBADD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F1F7260EEC2C668E313DDCCFCFB49BE5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 4E4F2F44EB97522695268D2B139CDBE0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 5E1721FC3A336EB794C610F60260BE4B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A5E5CFDB865F868F6EA7ABA5666AC05
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2074BEEA7174232A80E00F343DE6BFD2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: F471319AA349D5E50BA91F5C334D7687
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 55ED66DF5C27F2980EA3298AFFE5EDAD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7FFF7F89AEC50095E3564969A8F8A254
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B4448EE6D925D0172CC694EC61EB96A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tax Calculator Philippines 2023

Page URL History Show full URLs

http://taxcalculatorphilippines.com/ HTTP 301
https://taxcalculatorphilippines.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

109
Requests

90 %
HTTPS

63 %
IPv6

21
Domains

31
Subdomains

26
IPs

7
Countries

1424 kB
Transfer

3811 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bir.gov.ph/images/bir_files/internal_communications_2/RMCs/2018/WT%20table.pdf
Title: BIR Tax Table

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://taxcalculatorphilippines.com/ HTTP 301
https://taxcalculatorphilippines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 40

https://googleads.g.doubleclick.net/pagead/adview?ai=C_GJUnNZpZZ7tEezOjuwPuYSnkA_18fqlcpLpnuiBEseTj48MEAEgo7H6JWCVgoCAsAegAfvk35gDyAECqQIOqMvSYEeyPqgDAcgDyQSqBIMCT9Dq-I3EPbcUMf-sCn2ALYILMivkdBogR1zUC32nP1_szc50j40jodmyoRR3ErXsD_spuxzXwC5gnBeY2j9E_uGTmhrhD_CMoKQK5nsAZKnblHCrxJ5JRuyTiSjWhNzxBjCCQFGyQfypaBNkmUs18RSCrC3JI7mdPDxFZQgR--qdox7OoYSj7Y-ggiqSYUlFVlKX-V0HmhECzcLnADT7U49Zan9UU1-lpJuWCzdIGUyCD8o50nSzvopVtVXXSRMIppYDKOJHQfl9MSS8BJCHiwCiDOztpgesvp4tLTrbkZ3Fqp3v_t0vTrKB4VqayHCet1LIorBWs3Wnj0aP0jPLSKwJHMAEmqHM5YUEiAXQ64nhOZIFBAgEGAGSBQQIBRgEoAYCgAftmqBnqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQm44U0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljgjMm3o-6CA5oJ_QFodHRwczovL3d3dy5lbnBhbC5kZS9hcnRpa2VsMi9tZWhyLWFscy1kYXMtc29sbHRlbi1zb2xhcmFubGFnZW4taW4tMjAyMy1uaWNodC1rb3N0ZW4_dXRtX3NvdXJjZT1Hb29nbGUlMjBEaXNwbGF5JnV0bV9jYW1wYWlnbj0xNTUwNDQwNTk2OCZ1dG1fdGVybT0xMzg5OTQxOTI1MzgmdXRtX2NvbnRlbnQ9Njc1MjcyMDIzODQ4JnV0bV9wbGFjZW1lbnQ9dGF4Y2FsY3VsYXRvcnBoaWxpcHBpbmVzLmNvbSZ1dG1fZGV2aWNlPWMmZGV2aWNlbW9kZWw9gAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi05MjcwODQ5ODA2NTcxMzE5GAA&sigh=_9tVycxhJ2k&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNY8QaCzWr8y_XuzNBt-hRWiENyuYAV12gOsLDTdNkqJM1zVS9CUQNvEJPIfcyoRg61iUmditbkFFeGCAdTCzE_qUZr9YXeF-O8BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211994604574557109110%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225094852097091017617%22}&andc=true

Request Chain 42

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 56

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn1cDsTxDoBxj6ATIIsk3W6KMRaAw HTTP 301
https://tpc.googlesyndication.com/simgad/10663996155657709309

Request Chain 66

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEG_9vVm5x266_8jhtWCmPaU&google_cver=1&google_push=AXcoOmTQkIPRISRxVxHHjV4dIaAMw1eF-fJ6szJFpRT_tmds9myekk0QjxDk0aWgJ2L65T4xW-MsDq-I1X7B6_KS5JLMKnXCUaqxdZw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG_9vVm5x266_8jhtWCmPaU&google_push=AXcoOmTQkIPRISRxVxHHjV4dIaAMw1eF-fJ6szJFpRT_tmds9myekk0QjxDk0aWgJ2L65T4xW-MsDq-I1X7B6_KS5JLMKnXCUaqxdZw

Request Chain 67

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPPF09of5UraJIQMSVM_5-w&google_cver=1&google_push=AXcoOmRyEaCZicsk_k7B1j1QkM1cV2exrjK5JXJ9-TiG6J_dSTgjCwkf9tUkG1i9QKRPwmthEWffTlxZ8ReECSYc1cYb3_vNLiGC3qlp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRyEaCZicsk_k7B1j1QkM1cV2exrjK5JXJ9-TiG6J_dSTgjCwkf9tUkG1i9QKRPwmthEWffTlxZ8ReECSYc1cYb3_vNLiGC3qlp&google_hm=eS1nWWVRY2xSRTJwSFhsbFpZS2twNzdfLkF4TmFnUU93eH5B

Request Chain 69

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIq_UqD_lqv4_pYAq8Np0t0&google_cver=1&google_push=AXcoOmSJe6t4r0TtKW_CjNQh4hKcyDTun1SH4X8d31FKpVPBFMWmqzoVSB1ZL7lfQfC6vgaaVyIvKqyiG8rE-GoGmlIOLNkTggM4GFq0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJe6t4r0TtKW_CjNQh4hKcyDTun1SH4X8d31FKpVPBFMWmqzoVSB1ZL7lfQfC6vgaaVyIvKqyiG8rE-GoGmlIOLNkTggM4GFq0

Request Chain 70

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKS8ISk2FAjpga23wFr-KpI&google_cver=1&google_push=AXcoOmSs8dtkm1-rhvJc9mUWf4gFo5DYwNb1ZoxKX685CJuU87EJT10xR8fauh7weAQpTSOdVCQm6jxhXQE-ECIjhPjpUB9AgksmyrCw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSs8dtkm1-rhvJc9mUWf4gFo5DYwNb1ZoxKX685CJuU87EJT10xR8fauh7weAQpTSOdVCQm6jxhXQE-ECIjhPjpUB9AgksmyrCw HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 82

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPkALA5xA3P9oO_cCP7FqqU&google_cver=1&google_push=AXcoOmRSy5bcpF1ZrWfDwVQAltVpmSP9JPTr_CGcNI2dbz4L2yDrCMLCeT0Jjo1WQ9FMDmIgEF-YrOY_-Aq7OwPk0MaDU-q1Ll_dWg8 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRSy5bcpF1ZrWfDwVQAltVpmSP9JPTr_CGcNI2dbz4L2yDrCMLCeT0Jjo1WQ9FMDmIgEF-YrOY_-Aq7OwPk0MaDU-q1Ll_dWg8&google_hm=NouifKq4pH7PJc9ljeqf5A

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFNajrbadsTZNsOKKjONfa8&google_cver=1&google_push=AXcoOmR5gJFEpzrbEix9twqJoUKSsVZFmpmBrLQvhuRlyQRug7uz5krYRu6VfpGgVAEw6NgO4FI-oP9IssrtzobBKS9GSFbxPtp72Ek HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR5gJFEpzrbEix9twqJoUKSsVZFmpmBrLQvhuRlyQRug7uz5krYRu6VfpGgVAEw6NgO4FI-oP9IssrtzobBKS9GSFbxPtp72Ek&google_hm=eS0wQ0M1NTN0RTJwR19SRjRydm93QlV0VFQ5MjFfZWdBY35B

Request Chain 87

https://d5p.de17a.com/cookies/google?google_gid=CAESED9X-68Jb5iHi801NGWhsv4&google_cver=1&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejMF9b3roGY HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED9X-68Jb5iHi801NGWhsv4&google_cver=1&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejMF9b3roGY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejMF9b3roGY

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=CCTh2nNZpZen-OK2yjuwP19K1yA_jhYXAdNu7i-rbC-DWzIzxGhABIKOx-iVglYKAgLAHoAG9gNj9A8gBCakCDqjL0mBHsj6oAwHIA8sEqgT7AU_Qs4X5J4oS82fZPntMUq5AUfSEkyAyvCZmc39Dcq-6opy4TTFKobn2Cve49dR7Pt-F7Msdkw2X0IAbX5sUBHSAuM9_6dxMs1q-h8cYzGyOmkIWdas-RTQK4YqkBoO_zrMVtc5RE8CkrNE8HdIA5pzqYHzl5H6E0wKrsH1ssovq0PzU2hwbGFil_yP7YKCyRZ-y99_uusT-BcGVjLSRV_EiSTprld6e2BdARXETjjSanbBHQxTuQjIJeD32X-Ua15aZO0JOZ3QqAavh1-muHKGSf1oGQ-qJcJWuKHusErv48f3K50mupbRvw7_d3tmfonxik16ERBMl8sQfwASa6OyAiAOIBeKXkPImkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB6v_pwKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQjvgF0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljZmfC3o-6CA5oJFmh0dHBzOi8vd3d3LnNvbGRhbi5kZS-ACgHICwGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7EC2BMLiBQE0BUBgBcBshccChoIABIUcHViLTkyNzA4NDk4MDY1NzEzMTkYAA&sigh=ZgCTp5AR8sI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNMXU-Cd-k68F_PH83kavPS06i9uY5B7HoshelVOfyrpMIBJXgDRTY3vGtmxI5JnhmrtCj5j1yAxgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216978427329373102327%22,%22debug_reporting%22:true,%22destination%22:%22https://soldan.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221068892221%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218124908449487577809%22}&andc=true

Request Chain 96

https://gcdn.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/972FCB8EF8D1A5E5DC86015EFB8F1733AD4179CF.619C0F495A61219966581CFA0E05786295F6E89/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5lzner.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/68A8A2E42790C55802C249195FC5F840AA9D1766.6E5B72D69CED5A587D511735EE2CAE426449B500/key/cms1/cms_redirect/yes/mh/OY/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5lzner/ms/onc/mt/1701434678/mv/m/mvi/4/pl/29/file/file.mp4

109 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
taxcalculatorphilippines.com/
Redirect Chain

http://taxcalculatorphilippines.com/
https://taxcalculatorphilippines.com/

13 KB
4 KB

561ms
188ms

Document
text/html

198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 8ef4e18c88bb7b0a322fefe9dfe4a27afba8583f29ad89a918d218e194391375

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 12:50:34 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 707
content-type: text/html
date: Fri, 01 Dec 2023 12:50:34 GMT
keep-alive: timeout=5, max=100
location: https://taxcalculatorphilippines.com/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 styles.css
taxcalculatorphilippines.com/assets/ 9 KB
2 KB 736ms
735ms Stylesheet
text/css 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/assets/styles.css
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 08a99a3a639df4bbd0c23c97891d1ae067855d7f0e294695b92d0fde28947399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
content-encoding: br
last-modified: Sun, 11 Apr 2021 05:00:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2040
expires: Fri, 08 Dec 2023 12:50:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 144ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JPJ3E6T5V

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49d6d09cf7fd9fc3ed1cd9b41096ac556396fb3b06b89e3724c96e6076ad7083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85525
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 12:50:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 209ms
124ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db0c7117ba80e8b83046f75fb14eb206eb10e12cf3a83dd493151052f476eb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52843
x-xss-protection: 0
server: cafe
etag: 5118275130362868059
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:50:35 GMT

GET
H2 200 tax-calculator-philippines-logo.png
taxcalculatorphilippines.com/images/ 2 KB
2 KB 736ms
735ms Image
image/png 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxcalculatorphilippines.com/images/tax-calculator-philippines-logo.png
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9a95a08a0127de910d72e2ba594453369733395c9d7469861525cea10fab4269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
last-modified: Tue, 27 Aug 2019 20:59:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2137
expires: Fri, 08 Dec 2023 12:50:35 GMT

GET
H2 200 bir-tax-table-for-tax-calculator-philippines.jpg
taxcalculatorphilippines.com/images/ 86 KB
86 KB 368ms
367ms Image
image/jpeg 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxcalculatorphilippines.com/images/bir-tax-table-for-tax-calculator-philippines.jpg
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9846a7c9c6bba965eb99a7f26c99867b5978352f8b0af1f2c5986cdde6c53ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
last-modified: Sat, 31 Aug 2019 07:30:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 87862
expires: Fri, 08 Dec 2023 12:50:35 GMT

GET
H2 200 nav.js Show response
taxcalculatorphilippines.com/assets/ 702 B
464 B 184ms
183ms Script
application/javascript 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/assets/nav.js
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 83f20cebf2b01ff7902f42417acc3edaa6a53993fbaaa9d504656a30d5f10179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
content-encoding: br
last-modified: Sat, 31 Aug 2019 04:44:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 230
expires: Fri, 08 Dec 2023 12:50:35 GMT

GET
H2 200 app.js Show response
taxcalculatorphilippines.com/assets/ 8 KB
2 KB 185ms
184ms Script
application/javascript 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/assets/app.js
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e95f7d34cfdedb8755d7103701316c6bd973748c82ca875d3b086af3dcbf9ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:35 GMT
content-encoding: br
last-modified: Thu, 16 Feb 2023 13:56:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1527
expires: Fri, 08 Dec 2023 12:50:35 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JPJ3E6T5V&gtm=45je3bt0v869651364&_p=1701435035714&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=167862363.1701435036&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701435035&sct=1&seg=0&dl=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&dt=Tax%20Calculator%20Philippines%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1698
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JPJ3E6T5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://taxcalculatorphilippines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 110ms
110ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9270849806571319&plah=taxcalculatorphilippines.com&bust=31079811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

afd574306d774e7cfef4153280134b0b8c4f9c8820f10acf8fea042178a1a84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137292
x-xss-protection: 0
server: cafe
etag: 12239867447334813307
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:50:36 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame C0B2 9 KB
4 KB 126ms
40ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FB3 202 KB
55 KB 549ms
548ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&adk=1812271804&adf=3025194257&lmt=1701435036&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036011&bpp=5&bdt=1036&idt=232&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7251946930518&frm=20&pv=2&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=242

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9270849806571319&plah=taxcalculatorphilippines.com&bust=31079811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f9189b1deeee4c19d9d09276be793f6b23a7f74c21c870a020bf616fb890837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55600
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:36 GMT
expires: Fri, 01 Dec 2023 12:50:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1981 105 KB
39 KB 694ms
694ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1701435036&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036016&bpp=1&bdt=1040&idt=241&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2737372b386be8eeb514846a37ca86165557aa87780b422674bf0ab03ecbea1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39463
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:36 GMT
expires: Fri, 01 Dec 2023 12:50:36 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js?bust=31079811

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0659ee1d9db273594fdf4f64ddbd8383058ae91e757038cc3a385d76c778da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55848
x-xss-protection: 0
server: cafe
etag: 7952102679156344631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:50:36 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E81 138 KB
44 KB 572ms
572ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2457fff374b978ffc6c671a89d62ee59bb62acd884866ac24324e35ed360b133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
expires: Fri, 01 Dec 2023 12:50:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1A0 89 KB
29 KB 499ms
498ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e74cb41637dc17f4cc91bc445225386a9a699f7baf9ccb9a67267fe88a077cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
expires: Fri, 01 Dec 2023 12:50:37 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6331408022268599824
tpc.googlesyndication.com/simgad/ Frame 1981 19 KB
20 KB 163ms
76ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6331408022268599824?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk4x7C0RB4f7gh5FxJMFQ-Pv86ieA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1701435036&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036016&bpp=1&bdt=1040&idt=241&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75e1a67f7d82d661dd60148321a286a6498b0f27bbf622810e43bb5d15575d05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:58:56 GMT
x-content-type-options: nosniff
age: 89501
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19891
x-xss-protection: 0
last-modified: Tue, 19 Sep 2023 08:23:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 11:58:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1981 24 KB
9 KB 132ms
45ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1981 3 KB
1 KB 133ms
53ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 10:34:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1981 20 KB
9 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1981 202 KB
64 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1981 36 KB
15 KB 171ms
91ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3273
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 11:56:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D789 143 B
166 B 41ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1701435036&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036016&bpp=1&bdt=1040&idt=241&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=243
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:48:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CE60 247 B
869 B 179ms
76ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

e6c533c05a4bde1df93810a5cf39cfb07954e518a0b6e048ffbe3db8be84ae89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-LEe4A_9ZEGXcQpcPruo_PQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D789
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
57ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
expires: Fri, 01 Dec 2023 12:50:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 1ED1 9 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 00:05:06 GMT
etag: 12051592065903069241
expires: Fri, 15 Dec 2023 00:05:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1ED1 4 KB
1 KB 136ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 11:27:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1ED1 205 B
652 B 127ms
39ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options: nosniff
age: 156113
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 28 Nov 2024 17:28:44 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1ED1 604 B
694 B 128ms
40ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:04:20 GMT
x-content-type-options: nosniff
age: 6377
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Nov 2024 11:04:20 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 1ED1 16 KB
7 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 23:44:00 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 1ED1 22 KB
9 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9189
x-xss-protection: 0
server: cafe
etag: 14682237860056745894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:46:45 GMT

GET
DATA 200
OK truncated
/ Frame 1981 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03069baf77430ee33f6b92dd673fdd9590fa33ae3bc5e42413fe83ccc50c5ef0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe.html Show response
p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame CE60 5 KB
2 KB 74ms
74ms Document
text/html 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

ae7e15c74e195fa02287e1508b0057f5caca4eb258c8ab14c3818d3ecc60d2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1987
content-security-policy-report-only: script-src 'nonce-GngqnY38W6NUj0ngYW-RYQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame DED2 14 KB
1 KB 50ms
49ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 11:29:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DED2 2 KB
875 B 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame DED2 24 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F1F7 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:48:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DED2 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 10:34:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame DED2 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DED2 202 KB
64 KB 54ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame DED2 37 KB
15 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1981
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C_GJUnNZpZZ7tEezOjuwPuYSnkA_18fqlcpLpnuiBEseTj48MEAEgo7H6JWCVgoCAsAegAfvk35gDyAECqQIOqMvSYEeyPqgDAcgDyQSqBIMCT9Dq-I3EPbcUMf-sCn2ALYILMivkdBogR1z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211994604574557109110%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%222...

0
0

155ms
75ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211994604574557109110%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225094852097091017617%22}&andc=true

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11994604574557109110","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"5094852097091017617"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 12:50:37 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11994604574557109110","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"5094852097091017617"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E4F 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F1F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
63ms

Document
text/html

2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
expires: Fri, 01 Dec 2023 12:50:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 168ms
74ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 12:50:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame D1A0 24 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D1A0 8 KB
750 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 11:28:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame D1A0 15 KB
3 KB 133ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 08:27:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 08:27:12 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame D1A0 376 KB
131 KB 134ms
41ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 11:48:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame D1A0 20 KB
8 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D1A0 0
0 48ms
48ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgM9bSONU7Y2bLukiiJbpszq36i3aO9hyTSuQZH0QaFSuBvtLYPdiwCKOKcPxETSRCaDWq6sKeZLBjKMpi1eZgQpFULQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E17 50 KB
19 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0E81 2 KB
566 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 11:28:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0E81 2 KB
822 B 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0E81 46 KB
46 KB 142ms
40ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQiNHv81JlWVGSc7eRpqtCzOiRBpkJKt-IS6Pnk36gh3KI59yGFbAsKepuVFw&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5097b5cb7bf7a73410b7851bd039c117490c64475ea90faf4c70c05d1eb4aef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 00:14:59 GMT
x-content-type-options: nosniff
age: 477338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46727
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 14:16:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 25 Nov 2024 00:14:59 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0E81 42 KB
42 KB 198ms
96ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTC3zOhpvGyIfjFMbxCR8BeJWAkKtAcyVlgqlKUXDIwytsd4V2M86N8Vv3D3A&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6f4c9fe422b6c1493e46ab880c959ead2b75de48a96d6fd7bc10cf952f75006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:33:00 GMT
x-content-type-options: nosniff
age: 119857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43147
x-xss-protection: 0
last-modified: Sat, 26 Mar 2022 01:47:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 29 Nov 2024 03:33:00 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0E81 31 KB
32 KB 140ms
40ms Image
image/jpeg 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ5cZzd7YuiNjO0hs9BFGVH7QKck5R4cbjCCn-Yykg65M3UEcxBIVOq1K-DfA&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c57a4703e0f20f36605f12efa2fa68082f3d7aa86deef7ab2a3934704532df57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 02:23:28 GMT
x-content-type-options: nosniff
age: 37629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32195
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 03:13:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 30 Nov 2024 02:23:28 GMT

GET
H3

200

10663996155657709309
tpc.googlesyndication.com/simgad/ Frame 0E81
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDn1cDsTxDoBxj6ATIIsk3W6KMRaAw
https://tpc.googlesyndication.com/simgad/10663996155657709309

8 KB
8 KB

40ms
40ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10663996155657709309

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b2bca7259ebfab8dcc8778eb3f32334b877798f0fc64933b6e735d504dbc818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 19:56:47 GMT
x-content-type-options: nosniff
age: 579230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8176
x-xss-protection: 0
last-modified: Tue, 19 May 2020 12:13:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Nov 2024 19:56:47 GMT

Redirect headers

date: Fri, 01 Dec 2023 09:17:35 GMT
x-content-type-options: nosniff
server: cafe
age: 12782
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/10663996155657709309
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 31 Dec 2023 09:17:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0E81 24 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0E81 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 10:34:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 10:34:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A5E 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sat, 02 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0E81 20 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60507
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0E81 0
0 49ms
49ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqT5QoW5BbA5C2PLwzbMtO7YC4rjJeIEzg2T2U7Ut6LGcOZUaDDiNNZ9lS4WbNQtk9IAgeGEDZY7pgmsWRXyRxKUqhGA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E81 202 KB
64 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 12:50:37 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 0E81 37 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 10:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 10:09:15 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5A5E 35 B
465 B 132ms
42ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENoyyx17bTGC-NPL7f6wVt0&google_cver=1&google_push=AXcoOmSuT5M80weto4gZAyrYW-969Klh6u_yuixJYsnstr_y3N5Xk7tRWNe7FlfbMYvp-tS4kcc0vsAiUaAikFiGq_JQwFBe3z0jEGXj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 5A5E 0
104 B 245ms
129ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESED6LaG0EZDrtHYaTc6LHoVg&google_cver=1&google_push=AXcoOmR8_syGN3U7yxL6QDJSxLsKqREvcx21LkAwfNySxwykWVaH92qGZcH3CisGDj9Ub3bYP4xslqv3uyJmn2nlk3hHmEQCCsQQiLXI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A5E
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG_9vVm5x266_8jhtWCmPaU&google_push=AXcoOmTQkIPRISRxVxHHjV4dIaAMw1eF-fJ6szJFpRT_tmds9myekk0Qjx...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG_9vVm5x266_8jhtWCmPaU&google_push=AXcoOmTQkIPRISRxVxHHjV4dIaAMw1eF-fJ6szJFpRT_tmds9myekk0QjxDk0aWgJ2L65T4xW-MsDq-I1X7B6_KS5JLMKnXCUaqxdZw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230109-FRA
pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701435038.690097,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEG_9vVm5x266_8jhtWCmPaU&google_push=AXcoOmTQkIPRISRxVxHHjV4dIaAMw1eF-fJ6szJFpRT_tmds9myekk0QjxDk0aWgJ2L65T4xW-MsDq-I1X7B6_KS5JLMKnXCUaqxdZw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5A5E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPPF09of5UraJIQMSVM_5-w&google_cver=1&google_push=AXcoOmRyEaCZicsk_k7B1j1QkM1cV2exrjK5JXJ9-TiG6J_dSTgjCwkf9tUkG1i9QKRPwmthEWffTlxZ8ReECSYc1cYb3_v...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRyEaCZicsk_k7B1j1QkM1cV2exrjK5JXJ9-TiG6J_dSTgjCwkf9tUkG1i9QKRPwmthEWffTlxZ8ReECSYc1cYb3_vNLiGC3qlp&google_hm=eS1nWWVRY2xSRTJwSF...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRyEaCZicsk_k7B1j1QkM1cV2exrjK5JXJ9-TiG6J_dSTgjCwkf9tUkG1i9QKRPwmthEWffTlxZ8ReECSYc1cYb3_vNLiGC3qlp&google_hm=eS1nWWVRY2xSRTJwSFhsbFpZS2twNzdfLkF4TmFnUU93eH5B

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 12:50:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRyEaCZicsk_k7B1j1QkM1cV2exrjK5JXJ9-TiG6J_dSTgjCwkf9tUkG1i9QKRPwmthEWffTlxZ8ReECSYc1cYb3_vNLiGC3qlp&google_hm=eS1nWWVRY2xSRTJwSFhsbFpZS2twNzdfLkF4TmFnUU93eH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 5A5E 43 B
363 B 138ms
47ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQyz_Fg9zCuPYkaTvOV0xz2OJB7QEdjmmnBE6A4odb7NYhBKDki8cdXViBB7U4UrUVh4X5WSIPx4PSmmW9_cg53NhB4xX02DGWo&google_gid=CAESENuXtSxBImOr1SZ5PfhDhc0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 171201
expires: Fri, 01 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A5E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIq_UqD_lqv4_pYAq8Np0t0&google_cver=1&google_push=AXcoOmSJe6t4r0TtKW_CjNQh4hKcyDTun1SH4X8d31FKpVPBFMWmqzoVSB1ZL7lfQfC6vgaaVyIvKqyiG8rE...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJe6t4r0TtKW_CjNQh4hKcyDTun1SH4X8d31FKpVPBFMWmqzoVSB1ZL7lfQfC6vgaaVyIvKqyiG8rE-GoGmlIOLNkTggM4GFq0

170 B
329 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJe6t4r0TtKW_CjNQh4hKcyDTun1SH4X8d31FKpVPBFMWmqzoVSB1ZL7lfQfC6vgaaVyIvKqyiG8rE-GoGmlIOLNkTggM4GFq0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSJe6t4r0TtKW_CjNQh4hKcyDTun1SH4X8d31FKpVPBFMWmqzoVSB1ZL7lfQfC6vgaaVyIvKqyiG8rE-GoGmlIOLNkTggM4GFq0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame 5A5E
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKS8ISk2FAjp...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSs8dtkm1-rhvJc9mUWf4gFo5DYwNb1ZoxKX685CJuU87EJT10xR8fauh7weAQpTSOdVCQm6jxhXQE-ECIjhPjpUB9AgksmyrCw
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

68ms
68ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Fri, 01 Dec 2023 12:50:37 GMT
pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A5E 0
130 B 147ms
47ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IjYB2GEffjBfKeCWv6lKLpY0_ot2HCd0Wb6pV1I-35BenCkOH0A5UoGnDKOGNpVy6xHfrHIg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0E81 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ecfe176cc0dbde85a2799289f23a3bc132ac9aff1b86004b5df138025ed1257

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 0E81 20 KB
21 KB 127ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 09:20:48 GMT
x-content-type-options: nosniff
age: 530989
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 09:20:48 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D1A0 0
234 B 198ms
72ms Ping
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpmmhp7d&c=1952717338582&slotId=976358669291&qqid=CNbd8Lej7oIDFZSXgwcdWPQLLQ&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D1A0 15 KB
16 KB 150ms
76ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 591076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D1A0 15 KB
15 KB 161ms
89ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 515608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 13:37:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D1A0 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CMZO0nNZpZdafOZSvjuwP2Oiv6ALkwtuKdLfY_eL8EfmPvO30LxABIKOx-iVglYKAgLAHoAGp_-XGAcgBBagDAcgDmwSqBKUCT9BUaZysr2kXsRSRX6ZdsRtVkpT4uAOxQz0ICogDGus6ZZvmiK9LxA4-c0f8U5N8Mg5n9NVMwjv7w2KM1NQIBddm3hqDYRdg9HlVtwA7WSvQriZm1aXeRg5071VygjeCv6LmfU0slN7oN552XMaIBVmRXvbTusdoYBDJf-WQ7SDMYec8Uoql7zmacDkC-hCKxz9w5vmTrrTEJzRT8k9gyPa1MHmDfN3SCgKzWdv0NAVvGMLlRDa94ftwqVfSh20ZvATDDGKF9RFRFgZPaedU5pbfYfSiJvdYdS-exENcJXOznQeYPVLHpFR-8BtjIC-ONdpDwx7jSOd6JoBx0q62CIaeaBu-8h_d6_ARqdVIfKirT9RlK_oOV--W1PIvxd_-UQ6Oc8HABOmP8u2gBOAEA4gFx7OHsUiQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjrnwt6PuggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOnxfYU2BMNiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1701435037662&ai=CMZO0nNZpZdafOZSvjuwP2Oiv6ALkwtuKdLfY_eL8EfmPvO30LxABIKOx-iVglYKAgLAHoAGp_-XGAcgBBagDAcgDmwSqBKUCT9BUaZysr2kXsRSRX6ZdsRtVkpT4uAOxQz0ICogDGus6ZZvmiK9LxA4-c0f8U5N8Mg5n9NVMwjv7w2KM1NQIBddm3hqDYRdg9HlVtwA7WSvQriZm1aXeRg5071VygjeCv6LmfU0slN7oN552XMaIBVmRXvbTusdoYBDJf-WQ7SDMYec8Uoql7zmacDkC-hCKxz9w5vmTrrTEJzRT8k9gyPa1MHmDfN3SCgKzWdv0NAVvGMLlRDa94ftwqVfSh20ZvATDDGKF9RFRFgZPaedU5pbfYfSiJvdYdS-exENcJXOznQeYPVLHpFR-8BtjIC-ONdpDwx7jSOd6JoBx0q62CIaeaBu-8h_d6_ARqdVIfKirT9RlK_oOV--W1PIvxd_-UQ6Oc8HABOmP8u2gBOAEA4gFx7OHsUiQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYjrnwt6PuggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOnxfYU2BMNiBQB2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D1A0 0
54 B 211ms
94ms Ping
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpmmhp7i&c=1952717338582&slotId=976358669291&qqid=CNbd8Lej7oIDFZSXgwcdWPQLLQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.lb&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D1A0 31 KB
18 KB 186ms
76ms XHR
text/xml 64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DRdKCMN7mywN-ibfpgcIDMIabS1dAEAjPm1ObJesbUdcGRuUa6uQCcwm9PxaKJ876Snen3azf6r7cVMouKNPNzoKdRfw&cry=1&dbm_d=AKAmf-D0VbI3DnrC4A3HZ5xnz-UOsB-E9XKwI2bSigkS0WpdO4yR8KS13upGLO9g8YnFgzUeDC35HJZBU1JmoaIWn-AZ0kN70nYZktFShCbwjhBa9VbPakBMcY92dNS4k4pu_DnJabBm6txNIfoFTiUWLBlxVE-ZJSIQl7Vuvh0OOs03WGsGsepNoWjm195u8mim4DS_u-Ww-EfQH_n_gwDNxoMNSQ6cyJtpx8ijGI9V0-CC5zuuJmYIdAMncSSUBfSDwgo3d7KtukpL3d2dR8LEBS79o-2toVqGzo8Cd_aoNbQaZFESrI8xNHmj-6WvXu_OowLr-N0fWMmHWeDX_1zBLU4lLQseLYSbnbrUNcH4P97DlGobNuWYnjH14eX9m9lwHNJJPZSEtUlY8g2f4Kxb6g-VMpx7OO-b8bJflT13gYXbLO0VHPcwMq173R61ImY92ZIrTZGNbr_sAgCNOK9p7OMCXjRh-r3aN83yCD6qYdTXf_JplkxZU4oMaqL1IhTVLY8bqwmQDkPEcAsZyMT8Odr5OZt_7Ho5MCMQLIS6IEl2a7H33dXybv1Q54T3B9CvVulE2PRxlygpqoZmnaDWNk5xuET4HMVSiwDDzGP9jeangP9z_0qRF342swVzt08y1plcAkzRI833qf6l1c8CpU7QYiQUj15atXEYxydzLlASllSX_AzMDtmoS6Oy-oAhov-WDsWjiWsaNmeRZZOOzC0ztbxgJabSTufDVqDhluQFMOtnRfNdCBsAEcwijszXyzvWP69kNcB2lx2GJJoXgr5zzDR4PYbXs26CDV0XWdkY6-BmLgp41CWyqqQK4zJNXXP9W9IJmci_sefgpoHcsAZttqU4GFSX6azY4_CCA_sXA9PZ1o1n20GJLwiBSgTfi1LbHnb18dIIlQJlZcarSxmDn86b_087mCON4arZek_Dr12kejTMjxRhdGjJ5QQOsAvJPQf1SnVKZ4BKhFHlRwct1ztsLjMQBueYlDic0uD5rhlsZH6ZKKZLl8Ni9NO-QrOyBrzT0v5NoAwuHhgG1YOg7S2cABVINhNJe5wnbmO0BNG8BghC7CLMTVPz7YGeXCqyYh2S4UZdLkolEErZdTaHc5eLzzQuOE8PxPVSkWOGM2fb7QekqxKFDU7LAxy9a3nh-9Pq8-36S-bjT-inK1n4OYCSON9BHrSYeJ_OPHSokRdOlb4rUpZHHmBsSfteJ81fa_aqrCs1O8NiADSclL8CAHtGiPeqULeKTa7yglG3GpU-aCiqDuXP0itYeci_CRKm0uqfR9gWircmESbso19YDom2voGiznofRi0to1N6xSvf-2HhC92vTCccb2bBb6YN036jMhHZQn_nRIj7gcoOgVJogJSBCREhDxNmtoErZfdgdTuFP8vQaqZphHr90dDr5AyzQ31MKHHTPWP7J42Dmc7FtjhlvloXdp9mPyZqHJ7EDXDpxyRfF0CUY3MyXnbP6zlZ6tOSuCA835Q-OiopHwJmg728LdV66JKhtXAxv9JYOyD_u_ejKxH1VcdaxUaZCyxOHhvbnfX1pHiwQyiBuSIbxVFMjycB-2pnnCwuw9ZRSWNm7UKUM6ZMjBM2UG4zj01aL0KC4HZ_1cvrvWoaAXMzStxwhknEBybxcP8dmorfslLny8vGordQYdZbh75SuGXNjOHyXfk6equRx5o8pErUedN3hNs61O06cEK6IihzIPCn2TLR83o1_IC0kC42iDmw0CB_K6WpZFkj8Pwme559tRvheaqp8aeF20QRdDYuCX1FrfWlMLVf9zpfknPsT8UhgjcgvR0DIoSzfho4ahB2KqODT_00NtnUTvt_y0ISWLExiAIkwnwEquT-yTX2M9X4_i1HnkG_IcbNTEyC3j09W_SL6iTBIk0duIzdWy9odDnDVttZ0opqUazuVXro4XY18HDRiChL-GB6q1XqvzT-wIH8scRLyBnuu0kaFpXrQF499JSxqsf4hgsY-9nonb0P4-BHjPNxDKzdR-hcJ8bA1xO0UQkXAxu-hTckQ4M_JqXXHRvFXpdEVEGrtELbzcKA9rXe-n-y3BnCEEE_5HdKTWsYzUL1y7YQ-gG5RG3CF-DhyeuZzrH7sAGcs5vD6-mO7deig_b1v3axTSRZaxuYEULRO9_Dsmm5-8QdsI2nLlybhsBSILIFNSV5lqCoZueaO7vnr5kuq4NV45ZpKLe-zIDHS5miYOikro-sr5UYg_S0ZrHbenZlMrTFmSbfVsxY_9zbAid20lr3nX2iSQp6tkFyXkyVWbZ3gt4quYb06T-HWHIi1tXEljebtEFUSAJQqATa-9A_1svBZQnLGjA4E2bc_LGTkgkkbuwJGOJW-4iLUTOvU4iFtbmA6fXH6FKMwuCB4eNgKMr4pf3cFmJem-2p0DdehQUObKv82-47uCvyARcAdG5Vh1FWj7N0AZX-9JMsh8GLTyWwe4KhsKoy3K7WlMtfOehT1kB136Dad60fkgDJFzq6kEYByAntNphFfpw-n0J-KXIUkGog8RJLATaFxGEbbiwdSBnfH0CoqMjkSSeBcTw3LG-u2CzgO4x0QSmeZ95Tau9UMLNTMggyF_70JyB0hGuoYMGCpFUfEIa1pBwTjcTxltTZJjU6QGx8w4yCtKAIQP_Huc9k3vipCLSBPWfOqQ5Z3Pa2ywnJzy5N9hGCJ1jqxo4etiNl0PlGlU_q9Ig2Co5kD4sfd3-JEIclRTVySXDd9cZB0P6PpJIN3syUBRvhJSLcBi5QR7N3z0juuDbw2UE00rOThgF9afawb92VHWZJZ98HSwRyZ_Iykn7SY31ov_hnc-XM0S0Skke0neJ9uVXEm2DM33xyukV-tAKjG1TXZRI558t20_kThapMBJhsLyWcWGufWIhMpNtGcW36yy0D1rK27M1_r_LIlJW3yooA_A9gkztwgAOzvzGiFNdjztmLtkDp28Rq_FgU19IOA9sQGukd5rN7NQ0DUovH5ryaAggqnDmTJVm8EZMt6B2mAbqc6Oq7YpnD-HirOCi39v8BUPy_9xHdD0sW-HPb3m4WlT0iLOkmlQX6g8_IFilvDI2Q-LUehs_Vb76jDJa2dn9hnXT4IzyCxnzLO7ls3p4BwHmtthjLztk18wYG-lzz6O1d7pxgEFU3DbaW17NIpdiDPan1cBF-awd2P96fDJ8FE6lzMCwcaexAiiNNOHOSQ7fTc_Biet1V-pE0Jv3YVmA83I6kSvjP47hS7WVCH-I8iptcUNCD_0vEi1Qr4snA4UJ5q7NkUcXpp3KHiA1Uh7zQhvnfgCtnhtcv9lUvUEPSDfryEU4Z6pyjhRQwhQIcrTM8uBzwUZOcmmez0c9edXJnOI45JYhotupHPB2Au3f28UoH16vqfjKdoR5HauZVxp2nCqKbinpTdD6qZrxE6BpLFh5TcvMnf8nFFX04awo2wRdupIo1U575Nk2-qoKfhctqdjmhZk4HzHqyrPBGocPmjNBicrRUsBta4Yb9G87rSn8vLG6H1_RNLt78Ndid861OmtckR-7BlAnR2bdEkZayETcymRNMT7n0fcJrxv5FY4WC8pVgLXlKh7n9yAwVzRVMufak6CbapMBmtfldHiWr8DKSQcL3UmSys4XSr_DfUv0zNhblv-KkObi3h5JSM5Q5yaWmfARfZe5eFPowANd-RLr4qNl4Ra9pyXTDk7b1zRX-DMn0SfSU0YH_ShfH_uvNcKDIwm6Y&cid=CAQSOwDICaaN_FK4EeFn2LKWdZ25P2RtQITCzBzg0gz2yeTpPx3R1OBamlLLH_KBli-nv0fbL1GH1LC0CbQHGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

0a37f485e93f5f19422a1598b2ed9d3f6c4b6039e64ba0ef81c92e398f34f2af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17766
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2074 1 KB
643 B 38ms
38ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7107
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 10:52:10 GMT
etag: 48472445140208031
expires: Sat, 02 Dec 2023 10:52:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D1A0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 763ab271d8fc3d4506fe33bfd6b500bdd0a8163c6f27e6bc0e346358491db5e9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2074
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPkALA5xA3P9oO_cCP7FqqU&google_cver=1&google_push=AXcoOmRSy5bcpF1ZrWfDwVQAltVpmSP9JPTr_CGcNI2dbz4L2yDrCMLCeT...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRSy5bcpF1ZrWfDwVQAltVpmSP9JPTr_CGcNI2dbz4L2yDrCMLCeT0Jjo1WQ9FMDmIgEF-YrOY_-Aq7OwPk0MaDU-q1Ll_dWg8&google_hm=NouifKq4p...

170 B
232 B

51ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRSy5bcpF1ZrWfDwVQAltVpmSP9JPTr_CGcNI2dbz4L2yDrCMLCeT0Jjo1WQ9FMDmIgEF-YrOY_-Aq7OwPk0MaDU-q1Ll_dWg8&google_hm=NouifKq4pH7PJc9ljeqf5A

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmRSy5bcpF1ZrWfDwVQAltVpmSP9JPTr_CGcNI2dbz4L2yDrCMLCeT0Jjo1WQ9FMDmIgEF-YrOY_-Aq7OwPk0MaDU-q1Ll_dWg8&google_hm=NouifKq4pH7PJc9ljeqf5A
pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2074 0
103 B 96ms
95ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBlZvuDEnmIjaJuecRNZsqs&google_cver=1&google_push=AXcoOmQ-qUMMOmPTLkyma8xuYki-vsYWQlJ0ZW7Ivip9eUF7DrNVyJ8PbpXwnvnz2QEVxmbFv1p6xzbd1zJ9V51v3Sv21CHWyDRp2go
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 2074 70 B
149 B 174ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEFnT7UcvR-w4fcnsactoy-s&google_cver=1&google_push=AXcoOmTiFYVUJz9GScBqn2FZ-k1ZV733_H9rgCZzn0YCYIIKrS927Ee045hJ6vrMnSQuJCZ2CbJ5nqmbeTMHJIXRjiaCvHem9s2gKnM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 sync
x.bidswitch.net/ Frame 2074 43 B
146 B 126ms
40ms Image
image/gif 52.28.146.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEF-XLWezpp4-bzpvX3jj-oY&google_cver=1&google_push=AXcoOmSkvQh-hjCUDv4NWI1uvzPYthJ_0GFIIUHgn6QmMxr8G1VdjDXGDy8xZfSX8lSpbZo0V4z4Cg-Q8xZlQPNnXlacjDeqR7uPWFw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.146.18 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-146-18.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2074
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFNajrbadsTZNsOKKjONfa8&google_cver=1&google_push=AXcoOmR5gJFEpzrbEix9twqJoUKSsVZFmpmBrLQvhuRlyQRug7uz5krYRu6VfpGgVAEw6NgO4FI-oP9IssrtzobBKS9GSFb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR5gJFEpzrbEix9twqJoUKSsVZFmpmBrLQvhuRlyQRug7uz5krYRu6VfpGgVAEw6NgO4FI-oP9IssrtzobBKS9GSFbxPtp72Ek&google_hm=eS0wQ0M1NTN0RTJwR19...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR5gJFEpzrbEix9twqJoUKSsVZFmpmBrLQvhuRlyQRug7uz5krYRu6VfpGgVAEw6NgO4FI-oP9IssrtzobBKS9GSFbxPtp72Ek&google_hm=eS0wQ0M1NTN0RTJwR19SRjRydm93QlV0VFQ5MjFfZWdBY35B

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Dec 2023 12:50:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR5gJFEpzrbEix9twqJoUKSsVZFmpmBrLQvhuRlyQRug7uz5krYRu6VfpGgVAEw6NgO4FI-oP9IssrtzobBKS9GSFbxPtp72Ek&google_hm=eS0wQ0M1NTN0RTJwR19SRjRydm93QlV0VFQ5MjFfZWdBY35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2074
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED9X-68Jb5iHi801NGWhsv4&google_cver=1&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejM...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED9X-68Jb5iHi801NGWhsv4&google_cver=1&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdre...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejMF9b3roGY

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejMF9b3roGY

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTi0zf0PTxoi_MK5R5Sgkqb8yH7WOkyM8Aaov-YrQLiIgtmjIRdS99tafFbtCroR4PN-IBM4JlpsFM27NTFbjdrejMF9b3roGY
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 2074 43 B
362 B 42ms
41ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQlqUV602fOHSCHVcBsQpe_gLxjToCOy0c4e2OPaxnqYTG1o2fKZE0jHBFjyFbv-qKQCnTamqxHFegpZkfxF9INEuED5EJkgLs&google_gid=CAESEBlwOctRYl4q1ibhRtXDopg&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 171982
expires: Fri, 01 Dec 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2074 0
49 B 47ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KOK2Yyf6hySTTOod4msvqS9HM62Vf2H9pm5pbXhopJUxSj_DDtd73DU80oNZB3GuwgWZka

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0E81
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCTh2nNZpZen-OK2yjuwP19K1yA_jhYXAdNu7i-rbC-DWzIzxGhABIKOx-iVglYKAgLAHoAG9gNj9A8gBCakCDqjL0mBHsj6oAwHIA8sEqgT7AU_Qs4X5J4oS82fZPntMUq5AUfSEkyAyvCZ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216978427329373102327%22,%22debug_reporting%22:true,%22destination%22:%22https://soldan.de%22,%22event_report_window%22:%22...

0
0

74ms
74ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216978427329373102327%22,%22debug_reporting%22:true,%22destination%22:%22https://soldan.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221068892221%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218124908449487577809%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:38 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16978427329373102327","debug_reporting":true,"destination":"https://soldan.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1068892221"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"18124908449487577809"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 12:50:38 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16978427329373102327","debug_reporting":true,"destination":"https://soldan.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1068892221"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"18124908449487577809"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame F471 50 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=-M&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D1A0 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMgA4nNZpZdafOZSvjuwP2Oiv6ALkwtuKdLfY_eL8EfmPvO30LxABIKOx-iVglYKAgLAHoAGp_-XGAcgBBagDAaoEogJP0FRpnKyvaRexFJFfpl2xG1WSlPi4A7FDPQgKiAMa6zplm-aIr0vEDj5zR_xTk3wyDmf01UzCO_vDYozU1AgF12beGoNhF2D0eVW3ADtZK9CuJmbVpd5GDnTvVXKCN4K_ouZ9TSyU3ug3nnZcxogFWZFe9tO6x2hgEMl_5ZDtIMxh5zxSiqXvOZpwOQL6EIrHP3Dm-ZOutMQnNFPyT2DI9rUweYN83dIKArNZ2_Q0BW8YwuVENr3h-3CpV9KHbRm8BMMMYoX1EVEWBk9p51Tmlt9h9KIm91h1L57EQ1wlc7OdX5mnp1Q2Euwu88RI7SlxBrTj_hRUVsFUMuLoibyMj7dw63gdPz0-IDyHzYTsC9n9TdsF1haLMim8MH1ufIkR9MAE6Y_y7aAE4AQDiAXHs4exSJIFBggDEAEYAZIFBggbEAMYAZIFCggiEAIYAUiYrHySBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB7-AmrkCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ_rwHGNuP2PoB0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliOufC3o-6CA4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7ECsBOnxfYUyBO5qeHhA9gTDYgUAdgUAdAVAYAXAbIXHAoaCAASFHB1Yi05MjcwODQ5ODA2NTcxMzE5GAA&sigh=xvFuqIpIYXQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN_FK4EeFn2LKWdZ25P2RtQITCzBzg0gz2yeTpPx3R1OBamlLLH_KBli-nv0fbL1GH1LC0CbQHGAE&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1701435036&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701435036893&bpp=1&bdt=1917&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=7251946930518&frm=20&pv=1&ga_vid=167862363.1701435036&ga_sid=1701435036&ga_hid=1212523419&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31078238%2C31078301%2C31079811%2C44807753%2C44806141%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1690714351961024&tmod=2103305156&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=8
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 178ms
98ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06f6782c5ea8625880fe875f0153e885ebbfe86f14e3b2ec7ed4b5c65aed0849

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12333
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame D1A0 0
54 B 73ms
73ms Ping
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpmmhp7r&c=1952717338582&slotId=976358669291&qqid=CNbd8Lej7oIDFZSXgwcdWPQLLQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D1A0 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5lzner.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D1A0
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-4g5lzner.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

147ms
40ms

Fetch
video/mp4

2a00:1450:4001:15::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5lzner.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/68A8A2E42790C55802C249195FC5F840AA9D1766.6E5B72D69CED5A587D511735EE2CAE426449B500/key/cms1/cms_redirect/yes/mh/OY/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5lzner/ms/onc/mt/1701434678/mv/m/mvi/4/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:15::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 12:50:38 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4322612
Last-Modified: Mon, 16 Oct 2023 12:44:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 01 Dec 2023 12:50:38 GMT

Redirect headers

date: Fri, 01 Dec 2023 12:50:38 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 649
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5lzner.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/68A8A2E42790C55802C249195FC5F840AA9D1766.6E5B72D69CED5A587D511735EE2CAE426449B500/key/cms1/cms_redirect/yes/mh/OY/mip/2a01:4a0:1338:92::5/mm/42/mn/sn-4g5lzner/ms/onc/mt/1701434678/mv/m/mvi/4/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
73ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 12:50:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 55ED 23 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 519785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 12:27:32 GMT
expires: Sun, 24 Nov 2024 12:27:32 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 55ED 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 12:50:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 55ED 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BHo5JndZpZcvZMYLob93Cr-gNAAAAADgB4AQC&bg=!Q0ClQA_NAAY3kmNgF5I7ADQBe5WfOFXGPz6gh9Gqgn3ZBbJYcva4sZO6hK-WJSk2KLevl5tijfYtnV1uB580c5TYYdoTAgAAAChSAAAAAWgBBwoADSMf_ui9ZErqRatfSyGZAvV_SbkqTSpSvXqeowFQwoLVSLyBp7Hi_vKs1DfB9tCYDoeS_qYkM7A-pnzgF5nk0OgjBAhwzgbgyCFwJy0Ik0_TNwVfjtW5uYx3B5VTN1dptql-62RAxUDtq4G4rhdLIIiUesVV5TtrFkVGNLj-B8pTUHEF7rzu0vx0xIpyflAc1uCfbaDFEXFKUvihaa0XZS3PkbpLXixvEc3kdPU9WQIjOkPjHDx0fGDLJF7z1WDgnftRWyZtucucUq9t60_cRhpe18ZhqwcTwFcmWByKixOJ-biq6zu-BuWGo6xqJi1UyLJeFU3vx0TJ_OaYoEAKUvgO_dRz1U6xWqVuF6VfjD3vHaz8G3TKMkw-ffS_-0fwAp4cdX0KD_C1p8VHLi1CEneozd5dlXpXPbcIX381TDBq3vY3PnjjwmstMc_n2xhTUuA-wj7HbzUs0wSp3Nzot-CLSdKHQcYP55_3XcNHYB1hZCXWxEymi900HA3yriCIgnp8wUfuhNjJmn5kG-NsGGzG15f-Vnoo2RNzKREBwFlJtF0yzgfTWfSaSRGU_WX4o2HXPqNH1S9JRqlZ5p-PTSKS81vrNMFuynOdHxaSkVFfcuvrOWp41ZYCAAttcfDAJrT3TGyRcEzpBCfJywn3tXLw04lfI8iCFMWQEjxPbpeMXhdzsHIysyfiecjzJaBVF4d5VZQRYVX12mIa7hxwWxxlYRjTpk31ihrpA-A3SuBDmlbJwirzpCvNORu7NeyHbb7u9_IcHV7O3b8m3v3fOAxAgTw-jsAHoAKaVGQmRUnKSAEay5qTloj5EtiDzQgrvX2fbEc6yPtV2_0-rdNss5Gwh-PLFu2EVow7ojbeRCNAc8pON4bzJo0xaXbSsD4vLdgFz5T9qIyqVNp5hnjsCz5B6CAmIZk6l2UPtZv59WFrNaNN8wd6YanokiGOd0n7p3PQMF8M4cvcX4G-WwzfRC188lyJ7kNiE0Jx6qg1NktZPm7MUvS_gQCZzHODKTix_nX1zMwE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7FFF 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5017
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 11:27:01 GMT
expires: Sat, 30 Nov 2024 11:27:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B444 829 B
559 B 50ms
50ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98b98d36fdcd933943d98650f9bfa0dc39563936ba4f6cfd7d6fd5ff322bd692

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SYn8EvttNPRNe5_MyeCGZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SYn8EvttNPRNe5_MyeCGZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 12:50:38 GMT
expires: Fri, 01 Dec 2023 12:50:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7FFF 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 11:27:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 11:27:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B444 0
0 73ms
72ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1690714351961024&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 206 file.mp4
r4---sn-4g5lzner.c.2mdn.net/videoplayback/id/d5da1ce92f23a85e/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841908307/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D1A0 257 KB
0 80ms
39ms Media
video/mp4 2a00:1450:4001:15::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:15::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 01 Dec 2023 12:50:38 GMT
date: Fri, 01 Dec 2023 12:50:38 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4322611/4322612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4322612
last-modified: Mon, 16 Oct 2023 12:44:01 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1981 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttSgCXdY3Ka-Q8RxTIEnaclmCjUhcmXYAS2Jp7iJukC4wvreuZR-1VSxrBK6S43pjmtXQfxwWlwDb1CRRZaQxa5WHfiWmFzBUhLJTxpdeK9BaOGOw26Q2EYS_BnwxukbdtIsZKxgI9KEga&sai=AMfl-YSIpnFIbww7Pdpo-pG_sdhPgnJaQ8xbXQqA3fp5kjgC1f0aFt_CPcAtnEI3zmXYNyRgBdc28yQ_X_Ib-l1hRR9aqSMHRADPrdc1iMBFxb97ePV_EnINlMBB7Zjlkn0p_lCa3Bm8_R33djgcTT5OHa1WgVMEelGQ2Uc&sig=Cg0ArKJSzLrfz3HAtfV9EAE&cid=CAQSTgDICaaNY8QaCzWr8y_XuzNBt-hRWiENyuYAV12gOsLDTdNkqJM1zVS9CUQNvEJPIfcyoRg61iUmditbkFFeGCAdTCzE_qUZr9YXeF-O8BgB&id=lidar2&mcvt=1000&p=0,0,188,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1304435780&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701435036260&rpt=955&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7FFF 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0DYHYg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 12:50:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1690714351961024&bg=!FBelF1jNAAY3kmNgF5I7ADQBe5WfODFeseap89qTzinqbXlFCehblozhxIUHm9zfw6kmYvE6Q8BWUjMQbE_Yf__l5OMhAgAAADhSAAAAAWgBB5kCxik0Emp6QnB5QeMCBxEj7AHEXjmdG7Q_t951USljoDFsmkiQs7iuQQGgfVwVNnJrZXuunX9YCFwiiEXDO54buEQv2U0rpmnaIasJYlta9hC6gIEHmcuUOyTC2aqgZZkCV-EhVFupxIVESM5PmPO0D1kTWBKdrMd2oq8-VoFyq5i2aInpGA0q-AkZ0QDwGzWGhoPqgtlp7SMr7E9ZA3nja-jdIozyveOMQ2f6AzE5yh3ln0-jAzrZHiWO2aR8uZH-G4LfQKGIKBvW7klfK0oh27GeWdVd3lOD51fvAZzgoM6GqSOYiLr4-M3lp8dH130r-fjdjyN2LD45-QsPYTnhcckxqXmbvRxEN9CKNyE4cDQ5i1Y18qEI8M6qzchA6yvfTxvV7pm1JFJLke8egsy4h28SmFlWzpL0poBIxbs7bWLPaQkTw9ingeLb7L0PDBK28iZJv0rZ7Jw0fBRvlC11aLor6dYjc6FVktGXH9bsICQnSK7e3NHLvMPp79Cg__WqEj-bJXvYATajXi_QfMgjrPDq_Xv-8CwRIhB_CsZkTKCTJqMJx9XJlgOoMzRYC-OS64nPJeNyWWrUhzETQLAkXdb85TnD4Jg1Fn07Fh_aqN81sD1MYikyCdbxgApiNmpceZjH90E3KdOkW7BVYSpMbCiKAdsFl0TIKl3WaLl14z45y2CEgNqKWrAuAq6Vr62p_td4sMGuH6Q7DLYmPfnDXHOw9xnZrbgDa-CFwK77qq4jRW2jSy5L-9XKVjC-IGD1owTUjaxZvi990QGReRb3LfR2OaigVyJizN20IPkVm6BLpCIjfNYR19ZWI4BsgJ-lcpWmegGYvnsBy6tqRKEhy5zH2K2xH606Crc_GDRtw_XSucI5WKuWV9Hh73TEXpsmZiWhhTaLqVK7pwkPkGiA7JbZIv2amk7fumfgTNEPfdcu3zCMqRXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame D1A0 0
17 B 73ms
73ms Ping
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpmmhpdd&c=1952717338582&slotId=976358669291&qqid=CNbd8Lej7oIDFZSXgwcdWPQLLQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2095&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.r1~vil.14y&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 12:50:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taxcalculatorphilippines.com/	1970-01-21 02:13:15	Name: _ga Value: GA1.1.167862363.1701435036
.taxcalculatorphilippines.com/	1970-01-21 02:13:15	Name: _ga_5JPJ3E6T5V Value: GS1.1.1701435035.1.0.1701435035.0.0.0
.taxcalculatorphilippines.com/	1970-01-21 01:58:51	Name: __gads Value: ID=18c99641583a240b:T=1701435036:RT=1701435036:S=ALNI_MYP7TLsXSU5S5jJ9wA25ao5LP7fVQ
.taxcalculatorphilippines.com/	1970-01-21 01:58:51	Name: __gpi Value: UID=00000cffbc1899d7:T=1701435036:RT=1701435036:S=ALNI_MbY_QE0hdPTZguo559PMnWK_gtU3g
.doubleclick.net/	1970-01-20 16:37:18	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 01:58:51	Name: IDE Value: AHWqTUncyPsjv-E5u-GZ05d8_1jHTnlasXZve_JFJnB1dBF_q3hd98FeAwcLKVmZZFs
.googleadservices.com/	1970-01-20 18:46:51	Name: ar_debug Value: 1
.quantserve.com/	1970-01-20 18:46:51	Name: d Value: EHUBCQHHKoEA
.quantserve.com/	1970-01-21 02:07:29	Name: mc Value: 6569d69d-a659b-6bbff-8f070
.everesttech.net/	1970-01-21 01:22:51	Name: everest_g_v2 Value: g_surferid~ZWnWnQADt-y2jwBH
.doubleclick.net/	1970-01-20 20:56:27	Name: APC Value: AfxxVi5xdfanRxAD89eZj8qb4K2pzyto4Eiwg3gHL_j8sFppoaet4w
.de17a.com/	1970-01-21 01:15:39	Name: guid Value: 1.7239114745146951096
.yahoo.com/	1970-01-21 01:23:12	Name: A3 Value: d=AQABBJ3WaWUCEC0In9ZWm2Bf0kcOjjFCU0sFEgEBAQEoa2VzZQAAAAAA_eMAAA&S=AQAAAg4xPl1C-haYWkIuCDLO61k

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
match.adsrvr.org
onetag-sys.com
p4-endakneg5adco-2xeyh7figvdz56ex-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r4---sn-4g5lzner.c.2mdn.net
region1.google-analytics.com
sync-tm.everesttech.net
sync.teads.tv
taxcalculatorphilippines.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.185.130
142.250.186.131
151.101.194.49
178.250.1.9
198.54.115.143
2001:4860:4802:34::36
213.155.156.180
23.32.185.35
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:15::9
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
2a00:1450:400d:805::2003
2a02:fa8:8806:12::1370
2a05:d018:d29:3605:e656:41e3:3e80:bff1
51.89.9.254
52.223.40.198
52.28.146.18
64.233.167.154
03069baf77430ee33f6b92dd673fdd9590fa33ae3bc5e42413fe83ccc50c5ef0
06f6782c5ea8625880fe875f0153e885ebbfe86f14e3b2ec7ed4b5c65aed0849
08a99a3a639df4bbd0c23c97891d1ae067855d7f0e294695b92d0fde28947399
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0a37f485e93f5f19422a1598b2ed9d3f6c4b6039e64ba0ef81c92e398f34f2af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f9189b1deeee4c19d9d09276be793f6b23a7f74c21c870a020bf616fb890837
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2457fff374b978ffc6c671a89d62ee59bb62acd884866ac24324e35ed360b133
2737372b386be8eeb514846a37ca86165557aa87780b422674bf0ab03ecbea1a
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e74cb41637dc17f4cc91bc445225386a9a699f7baf9ccb9a67267fe88a077cd
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
49d6d09cf7fd9fc3ed1cd9b41096ac556396fb3b06b89e3724c96e6076ad7083
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecfe176cc0dbde85a2799289f23a3bc132ac9aff1b86004b5df138025ed1257
5097b5cb7bf7a73410b7851bd039c117490c64475ea90faf4c70c05d1eb4aef1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b2bca7259ebfab8dcc8778eb3f32334b877798f0fc64933b6e735d504dbc818
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
75e1a67f7d82d661dd60148321a286a6498b0f27bbf622810e43bb5d15575d05
763ab271d8fc3d4506fe33bfd6b500bdd0a8163c6f27e6bc0e346358491db5e9
83f20cebf2b01ff7902f42417acc3edaa6a53993fbaaa9d504656a30d5f10179
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef4e18c88bb7b0a322fefe9dfe4a27afba8583f29ad89a918d218e194391375
9846a7c9c6bba965eb99a7f26c99867b5978352f8b0af1f2c5986cdde6c53ec2
98b98d36fdcd933943d98650f9bfa0dc39563936ba4f6cfd7d6fd5ff322bd692
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a95a08a0127de910d72e2ba594453369733395c9d7469861525cea10fab4269
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae7e15c74e195fa02287e1508b0057f5caca4eb258c8ab14c3818d3ecc60d2f5
afd574306d774e7cfef4153280134b0b8c4f9c8820f10acf8fea042178a1a84a
b0659ee1d9db273594fdf4f64ddbd8383058ae91e757038cc3a385d76c778da8
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
c57a4703e0f20f36605f12efa2fa68082f3d7aa86deef7ab2a3934704532df57
c6f4c9fe422b6c1493e46ab880c959ead2b75de48a96d6fd7bc10cf952f75006
db0c7117ba80e8b83046f75fb14eb206eb10e12cf3a83dd493151052f476eb71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c533c05a4bde1df93810a5cf39cfb07954e518a0b6e048ffbe3db8be84ae89
e95f7d34cfdedb8755d7103701316c6bd973748c82ca875d3b086af3dcbf9ba9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

taxcalculatorphilippines.com Open in urlscan Pro 198.54.115.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

90 %HTTPS

63 %IPv6

21 Domains

31 Subdomains

26 IPs

7 Countries

1424 kBTransfer

3811 kBSize

13 Cookies

1 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

taxcalculatorphilippines.com Open in urlscan Pro
198.54.115.143 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

90 %
HTTPS

63 %
IPv6

21
Domains

31
Subdomains

26
IPs

7
Countries

1424 kB
Transfer

3811 kB
Size

13
Cookies

109 HTTP transactions
3 data transactions