www.healthguidehub.com Open in urlscan Pro
2606:4700:3033::6815:52a0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.healthguidehub.com/
Effective URL:
https://www.healthguidehub.com/
Submission: On October 14 via manual (October 14th 2022, 4:29:08 am UTC) from AE — Scanned from DE

Summary HTTP 107 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 107 HTTP transactions. The main IP is 2606:4700:3033::6815:52a0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.healthguidehub.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 6th 2022. Valid for: a year.

This is the only time www.healthguidehub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:303... 2606:4700:3033::6815:52a0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:89b9:9490:4cb5:a17d	16509 (AMAZON-02) (AMAZON-02)
107	19

16 2606:4700:3033::6815:52a0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.healthguidehub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:89b9:9490:4cb5:a17d (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	475 KB
18	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	154 KB
16	healthguidehub.com 1 redirects www.healthguidehub.com	125 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	122 KB
7	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	186 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8724	914 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1565	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	460 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	350 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 987	356 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	465 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	701 B
107	16

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net www.healthguidehub.com tpc.googlesyndication.com pagead2.googlesyndication.com
16	www.healthguidehub.com	1 redirects www.healthguidehub.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.healthguidehub.com googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	www.healthguidehub.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	cm.g.doubleclick.net	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
107	20

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-06` - `2023-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.healthguidehub.com/
Frame ID: 2A3FF42FFB09AB8B260E97855F39F166
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 5C98B8BE8A87DEBCE5FDFEE2AD165770
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&adk=1812271804&adf=3025194257&lmt=1665721743&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.healthguidehub.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721743329&bpp=9&bdt=196&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8158589739359&frm=20&pv=2&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186
Frame ID: A2717AC7D831E6FBB7DD4F7DCE6A7D22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=280&adk=2618270785&adf=2754292982&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665721743&rafmt=1&to=qs&pwprc=6421834571&format=1200x280&url=https%3A%2F%2Fwww.healthguidehub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721743338&bpp=2&bdt=204&idt=183&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gJ8mazaxyC&p=https%3A//www.healthguidehub.com&dtd=186
Frame ID: 2F2A9FB9985399CA5DE76D3EC55E2CBF
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Frame ID: 16F4A7EA797D03E8642ED7128457035C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1FF63152DE481149488E6B76A0BD55B1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: C3DAD41756251BEB77C931C5BAF50048
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html
Frame ID: 3F44ACF7D4A3D063A8DBAEDA369D71C8
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C095A3F6C30C4A6152B177B0844E8954
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5F31D2A2FCDA1A78424AABD7FFB91BAD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 13FA88F57B8D9DB14B8DD4D4B6FB5B6B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: 504BF9084C1663B73C31372FC1CDDBCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E945009AF514F0F172882502D81C2B4B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F659E9023E25E692AAB205CFA931C343
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js
Frame ID: D6F872219C0C56CA3A274EFD5733469F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3F0E93641A355202F87D2A25AD6E4D52
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 487BDD72460E7FC6FC09090F122EEEF5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

قاعدة معرفية واسعة النطاق – الإنترنت مليء بالمعرفة والأجوبة لجميع الأسئلة التي لديك

Page URL History Show full URLs

http://www.healthguidehub.com/ HTTP 301
https://www.healthguidehub.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

107
Requests

98 %
HTTPS

65 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

1070 kB
Transfer

2933 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.healthguidehub.com/ HTTP 301
https://www.healthguidehub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPePB_svVzcFC5kHlujbMEY&google_cver=1&google_push=AZmPxg-EqATXxTd557ZOp6Wu5daI5ZCxMeRcRz5xE9RdaGjHn1KoVXMQvZLSb9uIgGHhzdwpb_rYaPUMXepwKUbwqY2cK8HQqvw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlBXOEstMVItS0RVTg==&google_push=AZmPxg-EqATXxTd557ZOp6Wu5daI5ZCxMeRcRz5xE9RdaGjHn1KoVXMQvZLSb9uIgGHhzdwpb_rYaPUMXepwKUbwqY2cK8HQqvw

Request Chain 94

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_cver=1&google_push=AZmPxg-R5NOaKFhiPHuJ2lnqc36vN7dXxUZtQAMEeR7SceijVAV6IW4V9J3R_Wb57IisZTpyIyhr6eo11kjDwlXkSuYV7uqxNQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_push=AZmPxg-R5NOaKFhiPHuJ2lnqc36vN7dXxUZtQAMEeR7SceijVAV6IW4V9J3R_Wb57IisZTpyIyhr6eo11kjDwlXkSuYV7uqxNQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_hm=Y0jlkcwDP06d9WkNbipKLwAABKwAAAAB&google_nid=index&google_push=AZmPxg-R5NOaKFhiPHuJ2lnqc36vN7dXxUZtQAMEeR7SceijVAV6IW4V9J3R_Wb57IisZTpyIyhr6eo11kjDwlXkSuYV7uqxNQ

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

107 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.healthguidehub.com/
Redirect Chain

http://www.healthguidehub.com/
https://www.healthguidehub.com/

90 KB
13 KB

802ms
756ms

Document
text/html

2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.2
Resource Hash: 6f5ded0e9f30e18aafb4347700bab7a7354680cc144bf201c04e56c52a4e0b1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 759d9259efbc9a17-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 14 Oct 2022 04:29:03 GMT
link: <https://www.healthguidehub.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHYc0UZrLbUkItZ52Nco5KTq1YGyvMCrIOuUju2%2BCiNzzVB89Y%2Bl1qMbZT18sOSf8ayqXNxgJsZ3mMmu%2FvnI9P4wGeJyb3js2lsGyZf6Gfrzct%2FA7Rp0HSo5S1NBrlZcbuMXs6ji%2FQAQC4V9g74vbBmZL3MV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding,Cookie
x-powered-by: PHP/8.1.2

Redirect headers

CF-RAY: 759d92596c2bbbbb-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 14 Oct 2022 04:29:02 GMT
Expires: Fri, 14 Oct 2022 05:29:02 GMT
Location: https://www.healthguidehub.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYQieuldunl2Pj8O2dtq7xD2wfqFMwkYU2jBjnhx63JOO0Yfbm2TESDBgeSH%2FO6q06LLEVRrAx3ALQa3w0eke35hkfpG0CMX1XYEVFwyTq0hEjxj1HPB7nQ%2FNQntCXNl3uXBHD4cwE%2BP%2BaENgp3jiU8oUAEO"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style-rtl.min.css
www.healthguidehub.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 50ms
49ms Stylesheet
text/css 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0.2
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 564f37c76d73946c72b6466889f189406262443e8fbab414b00579a2f7c579d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jul 2022 00:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3765418
etag: W/"62ce0db5-15ac5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr73VECOgtH8UM2%2F7Qvhtd%2B%2BmcbnISL5PDZ5Klb%2BNw56WjsTZ3zgOpaQdTSLDBbNQe78tDCpl92%2BbA%2BLjXhlm0FTsNje%2FKBdUrn6l1uMmzho2JeoiwbnIWkVxhV2qu%2FCLIY6KhIAEeBLEiYuf8gc24s0wEiO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 759d925eaf2f9a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.css
www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/ 94 KB
19 KB 30ms
29ms Stylesheet
text/css 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/main.min.css?ver=1.8.51
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afb0b077b0f9d3a58ca5e70bf5a3daecee076f99126de42a0161ef1d0a1f997a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 03:16:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176138
etag: W/"634631a5-17893"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BPQ%2BnsItAI50mlWIIHBFpkF054V9RFuQUMA9g23mFKpfWW%2BM4hmXXr2OkqO0MvhwX9NwZ%2FxWpdfHUDH6bV3NX%2FGDpIwmY70r%2BnWPyCiuJrZi%2F%2Frxcc0KhTIqW9Yjg8kfYOtVFfHykM%2F6mCDHmMkwNmG2uyH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 759d925eaf319a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 back-to-top.min.css
www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/ 1 KB
807 B 27ms
26ms Stylesheet
text/css 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/back-to-top.min.css?ver=1.8.51
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5987e753df7b968f9ab112f4fc365cc265e2b59090a78ef208067db54a6c6f66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 03:16:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176138
etag: W/"634631a5-44d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=btklg1Gxp7aUpkHBHL4%2BfK9%2BQJUPvT4FC%2BO1aCs0UMn7VDugumJpwdADeLYZMhU1nqslxWQ41ZAVX1ScXyJBasWNNqKYwhQufetPZ6nClZqGmubctcu8kORdaARqRpqXcnoV0IorxmMEwiFcZHu5M4XHum0J"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 759d925eaf329a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main-rtl.min.css
www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 29ms
28ms Stylesheet
text/css 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/main-rtl.min.css?ver=1.8.51
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1243be7becb15355e84925a14b94e0123f64c7f3efe50b759e7b6fbe42a75db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 03:16:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176138
etag: W/"634631a5-1762"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3L6cjiIjl5yqaKIIRIB6QhABFajeyBUBinmCO1aPDw7nFbH9YEr1YOmcduvpOPddQAVeD%2F1FNYT1n9Oazb%2B%2FYKyPU5U27H3rxi8CUN%2FsQiBDe%2FGRVm9ondOqZdj7g1Qn2a%2BIyVoYHFw8kEZc2mFUgEsnVE%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 759d925eaf349a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sidebar.min.css
www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/ 3 KB
1 KB 27ms
26ms Stylesheet
text/css 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/sidebar.min.css?ver=1.8.51
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3362c2422af727e6f97af0c79981c516b3fd87be11febaaa954471cf6fcaa0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 03:16:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176138
etag: W/"634631a5-cef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Y82yU%2BnnSB5zecLnaY6LmGyqSYmkR%2BX6x0zp4SU%2BWjrTrinkozm4JOj6dxJ%2FleCTlXjCuoAyw9PNhAHsmiG8FVszhhhlLCefFtagSBy3Z90VVqjpawZksPEmkOcYqJUF793zLtDuU7zel%2FMlvoja%2BZSL1t9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 759d925eaf359a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.healthguidehub.com/wp-includes/js/jquery/ 87 KB
32 KB 31ms
30ms Script
application/javascript 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 8535046
etag: W/"6048e0ac-15db1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOow4%2FtqyU6qIvzN0QP8IRXyJJA2wmSLcZ2SpjjMZltFTt1r31tL6YK%2FQZGRwQDle3vlGeEizjPmyWH9HHmnelD1YTcGp5EcdUyJyH91QqwG9ZpP2i%2BjVLKXTsr6DOptPU7ahA2Cci2nrJZBgr4N3uepPBIU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 759d925eaf369a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.healthguidehub.com/wp-includes/js/jquery/ 11 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11831848
etag: W/"5fb4e3fe-2bd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FR%2Fd5arrBuv0dhtJOkQhY7cpSqkLHi0CbYKYshoo35%2B6aM%2BLUlF86KBBIXMRnmo3ApAhl%2FhYxEbCZZXxOzVDcVS3zWDqptCP%2FHSdNQRQuM%2Fco%2BJhFvKNDgGIj7PBSqQVqoA3R0f17kWZMf%2FHQWzL7Tdo3d3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 759d925eaf389a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
53 KB 96ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011585970220301

Requested by

Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

910760c744723d89825de6e3e3006a4e1ade1fed31808d2e8787a3b9839cb664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Origin: https://www.healthguidehub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54209
x-xss-protection: 0
server: cafe
etag: 5551330194419099807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 04:29:03 GMT

GET
H2 200 main.js Show response
www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/ 32 KB
9 KB 46ms
46ms Script
application/javascript 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.51
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4065bd71e2616fb14b9c8ddc529d0e0175d0044aed3a4144406b4b253dd345a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176138
cf-polished: origSize=33222
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 12 Oct 2022 03:16:53 GMT
server: cloudflare
etag: W/"634631a5-81c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxSP2lbuxAXhNc59e7WD1gBpQnHIUekQb%2F1F8zJVBUrYWe9wHMxal%2FXOkABvacFDC8rb%2BEGhGm4wlQsa7u%2BWrLRvjWRUiyw8DPfU3kl0HaG%2BQHWRSt1MCYeDvHqW9rDPAfVIvKUe2G1WBEO0HEkR9VVFpSRE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 759d925eaf399a17-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Samsung-Galaxy-S22.png
www.healthguidehub.com/wp-content/uploads/2022/07/ 7 KB
8 KB 158ms
158ms Image
image/png 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthguidehub.com/wp-content/uploads/2022/07/%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Samsung-Galaxy-S22.png
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9afb931b682b2c66ef7a531f0c91e30842dc5cae07ca2d63eae11a134c94d75c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jul 2022 04:56:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d0f367-1d8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCUCCCBqnG%2B0iFCUf6mDoXG08Sz7%2BvSF2h1ILZDLek%2Fik7lhBcb0ZnNEYwlEoHUlKzZx%2FxjjBO0k8wT2mH0TAa7%2F12IKSFNr7rjNKjiZWjanZhF4mxXJjr05uXUpare4%2B7%2BQU%2Fz%2FcD4JZb4Dbiqbi0Y2vRYZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 759d925f3d979b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7567
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-OPPO-A74.png
www.healthguidehub.com/wp-content/uploads/2022/07/ 4 KB
4 KB 110ms
108ms Image
image/png 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthguidehub.com/wp-content/uploads/2022/07/%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-OPPO-A74.png
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eef6ee14e38dc8fcead28adba161196df3f584f0e019afedbf5ff4959eef66f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
cf-cache-status: MISS
last-modified: Sat, 30 Jul 2022 08:41:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62e4eec1-f52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZfnizE7uR7NA7fexaKzLhcqCDl0aOZfH5RxNbkyQxTKoJGVYsWSa8DslxyE213%2BUQ2wVJrmULk%2BHBWWpa1uyv0vihG%2BPQNVPNT4NeFm7q4eCK3J%2FMiDAxQMt7wntaA4tbTO2tk2u6H7gl9eoAjXtmMl7eUZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 759d925f6dfb9b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3922
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D9%82%D9%85-%D8%A8%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Realme-GT-Neo-2.png
www.healthguidehub.com/wp-content/uploads/2022/07/ 8 KB
8 KB 123ms
121ms Image
image/png 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthguidehub.com/wp-content/uploads/2022/07/%D9%82%D9%85-%D8%A8%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Realme-GT-Neo-2.png
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5452f37b4d5e1e180e153a9bc111a79397983d2d6e7d85507a1f144e1ea127e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jul 2022 04:44:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d0f0a5-1e85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQiqR2HRxnWfaWgQPCIEynQ20wZFvNXpwQmEK%2B8e%2FSy15YO%2BjprVlSmGQphbsRN8Jy9DjE2w%2B33Fe2zr9ROonS%2FmbxlAURCDohrqGzQig2zicJldFpBYmdAWnJREYYYNyoEyql3LEB3QcC0nfCyIF%2BQzauad"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 759d925f6dfe9b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7813
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D9%82%D9%85-%D8%A8%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Samsung-Galaxy-S22-ULTRA.png
www.healthguidehub.com/wp-content/uploads/2022/07/ 4 KB
4 KB 29ms
27ms Image
image/png 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthguidehub.com/wp-content/uploads/2022/07/%D9%82%D9%85-%D8%A8%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Samsung-Galaxy-S22-ULTRA.png
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 438206dead5f418ab5436965e6f545c7dff6738d3ad4804dcc90cd7197ca3f7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37164
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3922
last-modified: Fri, 15 Jul 2022 04:50:00 GMT
server: cloudflare
etag: "62d0f1f8-f52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6nxqEosYesxIT1B13L9xUgUOh7S15n4IbOLs6CxvdH%2FafMqfH010%2BZ%2Fpnf9%2BuYwaYutQgRozWKdvMCPoc1HJDa24pEQdpZkZKx8atdto%2BsZdu1OCAF9ri5RADJLHhodZCusKlcVs2pHdwwGBsyOZdHwjEtI"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 759d925f6dff9b6e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 %D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Samsung-Galaxy-A12.png
www.healthguidehub.com/wp-content/uploads/2022/07/ 4 KB
4 KB 142ms
141ms Image
image/png 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthguidehub.com/wp-content/uploads/2022/07/%D8%AD%D8%B8%D8%B1-%D8%A7%D9%84%D9%85%D9%83%D8%A7%D9%84%D9%85%D8%A7%D8%AA-%D8%A7%D9%84%D9%85%D8%AC%D9%87%D9%88%D9%84%D8%A9-%D8%B9%D9%84%D9%89-Samsung-Galaxy-A12.png
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ac1398b37f33fa79c4802313914995559b5ca2283a7a8ed86ae53f144e411e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jul 2022 05:07:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d0f623-f52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TjNyH5UXWt05ZcUMvgGxTZiv0zrqaEw6%2Fz6giTKvAFJrVDo6rPB6gkMS5m60sDFle8xRhPPgT%2BN5NPzfM0VMFYub2Sd3ZSE9WntMrfSJ2KH41xnxTjS0yhKk5%2Frn0r7PoMRjYEWRFQRsJT6sRJnJNQdQbUo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 759d925f6e009b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3922
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 142.1364c41eb51f2529507d.js Show response
www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/ 6 KB
2 KB 27ms
26ms Script
application/javascript 2606:4700:3033::6815:52a0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/142.1364c41eb51f2529507d.js
Requested by: Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/wp-content/themes/blocksy/static/bundle/main.js?ver=1.8.51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:52a0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 835289d5cc31a66d9be3e7f0df6ccbe72b5068f3f2cda7ab325e5a2f56d92321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 168167
cf-polished: origSize=5726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 12 Oct 2022 03:16:53 GMT
server: cloudflare
etag: W/"634631a5-165e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko85yTGFwSfDbjzNrvOSkclLcyxvn%2BC4c6%2FZ3hVrhpgzRkHCHSpXLx4rQT6h0QPw3QrTwyEJCJPoCP5Ktbut7gEaD0t5%2F2bpgNsah7oGkxIU2UKVtlC7Kt%2F%2FEhhhd%2Bhyz1KgHKfdRu%2BibI%2FqPsBRcgLvyo%2FB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 759d925f6e029b6e-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
116 KB 107ms
63ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1011585970220301&plah=www.healthguidehub.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011585970220301

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

379637dbba0e5ecc136ab438618c654b5a881c19b21c32ec9f097512096f2de8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118619
x-xss-protection: 0
server: cafe
etag: 12529589899007030752
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 04:29:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 5C98 10 KB
5 KB 75ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1011585970220301

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5334
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 03:00:09 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 03:00:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 403 B
701 B 107ms
29ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.healthguidehub.com&callback=_gfp_s_&client=ca-pub-1011585970220301&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1011585970220301&plah=www.healthguidehub.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

2084b3a8c580979c2789492b019ddfdbe64de9752589c83b19f8bb582d5706ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 84ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.healthguidehub.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 81ms
29ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.healthguidehub.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A271 263 KB
67 KB 593ms
549ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&adk=1812271804&adf=3025194257&lmt=1665721743&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.healthguidehub.com%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721743329&bpp=9&bdt=196&idt=168&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8158589739359&frm=20&pv=2&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bceacaea3d70711c243242dfa5d1ac81a518bbe235be8823e96c250c40334ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 68806
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
expires: Fri, 14 Oct 2022 04:29:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F2A 86 KB
30 KB 792ms
757ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=280&adk=2618270785&adf=2754292982&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665721743&rafmt=1&to=qs&pwprc=6421834571&format=1200x280&url=https%3A%2F%2Fwww.healthguidehub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721743338&bpp=2&bdt=204&idt=183&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gJ8mazaxyC&p=https%3A//www.healthguidehub.com&dtd=186

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49116d73c435a1067eb760c5b64ef36a4315a0d8e525aa591ad42ab0cacfcc13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30707
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
expires: Fri, 14 Oct 2022 04:29:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 151 KB
54 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83e92dec77dabf457a99aba7667dcd20fa23e50ab2563ac88983cad8e847a080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55056
x-xss-protection: 0
server: cafe
etag: 4585988709579589168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 71ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.healthguidehub.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 75ms
31ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.healthguidehub.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16F4 111 KB
42 KB 383ms
376ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7e3d6429fa8b87d280e498deb930beb61373800d0d65a0bdf51ccd7bc19710b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
expires: Fri, 14 Oct 2022 04:29:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 1FF6 10 KB
4 KB 30ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 03:15:20 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 03:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame C3DA 10 KB
4 KB 31ms
24ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4424
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 03:15:20 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 03:15:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 2F2A 6 KB
745 B 79ms
30ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=280&adk=2618270785&adf=2754292982&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665721743&rafmt=1&to=qs&pwprc=6421834571&format=1200x280&url=https%3A%2F%2Fwww.healthguidehub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721743338&bpp=2&bdt=204&idt=183&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gJ8mazaxyC&p=https%3A//www.healthguidehub.com&dtd=186

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 03:09:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2F2A 2 KB
984 B 100ms
45ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:02:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 2F2A 23 KB
10 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:58:44 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2F2A 3 KB
1 KB 78ms
58ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 2F2A 17 KB
7 KB 80ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2F2A 152 KB
47 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame 2F2A 33 KB
14 KB 41ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 1FF6 4 KB
1 KB 73ms
30ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 03:19:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1FF6 205 B
742 B 70ms
20ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:42:45 GMT
x-content-type-options: nosniff
age: 2779
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Oct 2023 03:42:45 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1FF6 604 B
695 B 71ms
21ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 00:52:50 GMT
x-content-type-options: nosniff
age: 12974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Oct 2023 00:52:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 1FF6 19 KB
8 KB 77ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 5516984893510486959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:19:08 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/ Frame 3F44 18 KB
7 KB 72ms
46ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Requested by

Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f2a662e399f4a27bf05a772432a01733f6ba9320d77b8ddbc3c761a0e7ae69

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 13801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5480
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:39:03 GMT
expires: Sat, 14 Oct 2023 00:39:03 GMT
last-modified: Wed, 21 Sep 2022 09:48:56 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C3DA 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6g0ej-VIY8HYI4mTjuwPlYa3ONOpsKJs7PP0wLkQ5rO1iIcfEAEggqHee2CVgoCAsAegAbebzr4DyAEJqQJLX10lbmewPqgDAcgDSKoE-AFP0JUOaOWDEejVGOUsPQ_WGK3TDqeMaaUfa_F9xNhhxKFVOGhOjCUbNlSoxOX3h4lqEwE74XJqwT1b14s_tpb3FjYJnb3zrG4q-2v_ictz65bFSAPT2tz5w5zPvdnge1eelR8xGMVZtPyfdxyXMrjvFmDkssE9NaFj_KB_t9L2W5p1-xuBNRRxvsVzQ7nXUI8waxEdym9LdrupdJnR7pGmEolbPN42zwy7EhwbhLWwWY39umzvD97eWZ4yxRPdm_SqugkuqMQ__uV6EUmt4kN5ScxnEf3UoXcXBUui6Nl-VlCUDPotyklTeCI4N3Y6qL0HytStT2QAasAEzIDPi68DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7HksUGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDR_yXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMDExNTg1OTcwMjIwMzAxGAA&sigh=asHlcaf--X0&uach_m=[UACH]&cid=CAQSGwDq26N9FZjPdqN24_2ZLZR8sXKo-diXR5s0VhgBIA4&template_id=419

Requested by

Host: www.healthguidehub.com
URL: https://www.healthguidehub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 04:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame C3DA 23 KB
9 KB 65ms
42ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:58:44 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2F2A 0
0 74ms
74ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSY8rj-VIY7blI4KL3wOh_JOgDo3-xvBomaaLirkIwpWA_-EgEAEggqHee2CVgoCAsAegAcixqc0DyAEJqAMByAPLBKoEgwJP0EmqqcTYxi6SvmAUi1cBjfyYKIx4p46eeWS3SWCDBPge6Rsluhhq-o3jiFy5kI1lyx8VEPIHH4Q_O9HeNSXPJUcFz_dIOiyFzvWSwmetP8HkO4baCBtby-yEN_dKdz5Rlqfz-qE4jDT5sAntig99MO9SyeA0ltG7w88GVoETuSHELUC9ZA24K_rEoHmm8fCF3WdimOB-UkQUPcsvKe_5frKAAGonsRby0_R4_OuWC0U_gkDUqNlt-N_ECG_AW7Y2IGBlxDs5W3VWMHFP1MWhN3Y-AzdL_LBA4-aOUtxvDT5G4uSrY96qCN0f4iPZxNe-UYx4FcG4JdCjoXX2OurvlX-PwATP-7GC9AGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH5OriNagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMO5BdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDIgUEtAVAYAXAbIXHAoaCAASFHB1Yi0xMDExNTg1OTcwMjIwMzAxGAA&sigh=JBUV3Lg9f4s&uach_m=[UACH]&cid=CAQSGwCsnQUxO-xBezpSraestz4-DM8VJj_w7tZO4RgBIA4&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=280&adk=2618270785&adf=2754292982&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1665721743&rafmt=1&to=qs&pwprc=6421834571&format=1200x280&url=https%3A%2F%2Fwww.healthguidehub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721743338&bpp=2&bdt=204&idt=183&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=130&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gJ8mazaxyC&p=https%3A//www.healthguidehub.com&dtd=186
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 04:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1431823679815260853/ Frame 2F2A 21 KB
21 KB 62ms
47ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1431823679815260853/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2472f54ead6791203b6913547506ba702899a8c088f826315ae4637c4adbd1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 07:31:45 GMT
x-content-type-options: nosniff
age: 334639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21462
x-xss-protection: 0
last-modified: Tue, 05 Nov 2019 12:40:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Oct 2023 07:31:45 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13284761626149337627/ Frame 2F2A 3 KB
3 KB 71ms
57ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13284761626149337627/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09d07b3c1894d4aad79a535ba616f9e27ea726b3e6fc85c0b312f009c659689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 23:34:03 GMT
x-content-type-options: nosniff
age: 17701
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3240
x-xss-protection: 0
last-modified: Fri, 27 Aug 2021 12:48:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Oct 2023 23:34:03 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C095 8 KB
895 B 77ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 03:53:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C095 2 KB
902 B 69ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:02:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame C095 23 KB
9 KB 68ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:58:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C095 3 KB
1 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C095 17 KB
7 KB 70ms
26ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C095 152 KB
46 KB 87ms
42ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame C095 33 KB
13 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:48:28 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3F44 6 KB
3 KB 64ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Oct 2022 09:40:55 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3F44 34 KB
13 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 09:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Oct 2022 09:40:55 GMT

GET
H3 200 97020884.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/ Frame 3F44 278 B
230 B 23ms
23ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/97020884.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a1cc757e1b6b1a8fb9a3b2b7d4fe2eb8e2428b7864763ffea784251098fd08d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 07:21:33 GMT
age: 594451
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:48:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 07:21:33 GMT

GET
H3 200 97021328.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/ Frame 3F44 8 KB
8 KB 24ms
24ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/97021328.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c25a1e70c0f040546a3516fbcb2fdc2acdb495f33796b0a1ed4ce58beb0953

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 07 Oct 2022 11:31:47 GMT
x-content-type-options: nosniff
age: 579437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7724
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:48:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 11:31:47 GMT

GET
H3 200 97020891.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/ Frame 3F44 7 KB
2 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/97020891.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

399d149e6e521236f1387cf500349378dc1a18ac272332b6ce16c763819e56e7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 20:13:03 GMT
age: 548161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2509
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:48:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 20:13:03 GMT

GET
H3 200 97020900.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/ Frame 3F44 3 KB
955 B 23ms
22ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/97020900.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfc67d1a41c63fee6233b5e2c46e6705e21450099f7125738d38f661dea398c4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 15:54:11 GMT
age: 563693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 925
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:48:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Oct 2023 15:54:11 GMT

GET
H3 200 97021332.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/ Frame 3F44 7 KB
3 KB 23ms
22ms Image
image/svg+xml 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/images/97021332.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6fa871ae2ad40bfc04468540cda5f21ce491bd92e725dd0d02073adf306a7f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Oct 2022 17:15:06 GMT
age: 126838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2995
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 09:48:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 17:15:06 GMT

GET
DATA 200
OK truncated
/ Frame 2F2A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5896add95b897b34f3de75b3cb9ee5d8be581629c8ddd3e0395c662eb0c6818a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F31 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C3DA 3 KB
1 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C3DA 17 KB
7 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F2A 15 KB
15 KB 106ms
45ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 546500
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 20:40:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F2A 15 KB
16 KB 80ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 301452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2F2A 15 KB
15 KB 79ms
27ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 572495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 13:27:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 13FA 143 B
166 B 23ms
23ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5F31
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
expires: Fri, 14 Oct 2022 04:29:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C3DA 152 KB
46 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
DATA 200
OK truncated
/ Frame C3DA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d756fae248afd80e609acef968d337d607c24024f7dc7022e32e3ba163132d93

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 13FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
expires: Fri, 14 Oct 2022 04:29:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 16F4 8 KB
716 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 03:56:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 16F4 8 KB
716 B 33ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 02:55:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 16F4 35 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 19:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33329
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14245
x-xss-protection: 0
server: cafe
etag: 192306719259198832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 19:13:35 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16F4 152 KB
46 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:29:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 16F4 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 13 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 18:58:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 16F4 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4865
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 16F4 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 03:07:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 03:07:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 16F4 0
0 75ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4Us1NkAYvuItsjfU8FKLTD-4I6Zv19EQfoSptf_cw53al57T231M8BWW3GU48_Lv7k1szzL4YcoA8bNIAqbkWT3oGeg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 504B 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:19:38 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F44 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119366
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:19:38 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6261916763919344501/ Frame 16F4 9 KB
9 KB 76ms
76ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6261916763919344501/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIvQIQpgEYASABLQAAAD8wvgI4pgFFAACAPw&rs=AOga4qloTtXeEsSfH3w9iG5cici_mEru6w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08623639a7d6f57dbc4d5336a4701a56dd7649e3bc2908da3d07b93b6d48f45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:04 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9020
x-xss-protection: 0
last-modified: Fri, 02 Sep 2022 11:57:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 14 Oct 2023 04:29:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 16F4 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEBTrkOVIY8mFFJr9tgfJhKi4BqDvi5ls__GrpOAQmujS4LIBEAEggqHee2CVgoCAsAegAaT0r_MoyAEGqQJLX10lbmewPqgDAcgDywSqBPYBT9DpTGPawlVNtZqZZSGxpU6uZSWT7CdyyvIoEkMXXeb7D8kMlMKvGtbWyVGJQmh1UYTdCut_o772-0XNBIWXUxSaUC8Qy-02Q0LXUgEFBU9RRUQewhIEaceZ47cXxZ_BbsEaCIRL9H39JW08z_d04UfNK5j2j5JA0jZLv_H_zpU_c5Om7iGKBjm4sVLeBT3LyE-lrKQNJX77YBPcFoUMEb0i2ZZTABrpdD_6QbcEW3l-lxQ8P-grPcb9KDYq65rZSkfV5n0co1nyembjU9qgJWOfjXfHV4AF1T984bahwY2L1TdmODphaIv4RM-imTVDK5aaBSu9wASWp-vcjwSSBQQIBBgBkgUECAUYBKAGN4AHpKyA0wOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCXoAzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMDExNTg1OTcwMjIwMzAxGAA&sigh=epRPIUKmigc&uach_m=[UACH]&cid=CAQSPACsnQUxmegw63n_0Eiu_ZZCKPMqXaqk1iGs7dKPdcwpGMNrZHXyW79z09ytDayNz0r4jY_RAPzb4eTyoRgBIA4&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 14 Oct 2022 04:29:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 16F4 15 KB
16 KB 74ms
30ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 301452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 16F4 15 KB
15 KB 66ms
22ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 572495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Oct 2023 13:27:29 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 16F4 16 KB
16 KB 79ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 315179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 12:56:05 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E945 143 B
166 B 23ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F659 1 KB
749 B 22ms
22ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 13 Oct 2022 20:47:09 GMT
etag: 48472445140208031
expires: Fri, 14 Oct 2022 20:47:09 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 16F4 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25904bd96583a2770797ec23c6674dd3df7fc4953890dad6f916ca9ca6cc795e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame F659 35 B
465 B 78ms
24ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOBDyZlAHBb3KakUMd7TdiQ&google_cver=1&google_push=AZmPxg_ZG2iooylpmwXjdk0h2-wuG25aw9U-wEJuieToNOMRaUDgo9dWPqZu2ccFJ0UOUXTBqR0Kn98WdNnpj-zOPyf9SCfUxw

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:04 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame F659 43 B
356 B 112ms
29ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAaMvFZ3sIzT6ST9jN_HZJ4&google_push=AZmPxg-xrUIsPbkq4VhKB0U6MgAubeG_Z3BJ28oTUC_S7qYgVXrt9m26UM7ED3iJ5HcZglOxIIxqMgaexcO8OWcx7i43vnNry6c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F659 43 B
350 B 96ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDZqgUT8RYmx8g3WrZylAF4&google_cver=1&google_push=AZmPxg80vknB0HnokJmCSLsfCX4Xno6OglHfgkicH_0FovC_3NglR3CMQDYbSSuVvSBtv8Vst9umtTh2D66IYmBguYVqwmkFQ9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:04 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 97j0n0m8t183c4n03k0ri1ijop28jstp

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F659 0
166 B 491ms
33ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEYFGtKVuZ_9oLUG5CRCq3M&google_cver=1&google_push=AZmPxg_kq42kVRpAl8kTj9agVyRuBFIGSN4mF4BPXvo6wNPsOOlwjqawDdWWHtAH-v6-NClBU0grj4jhfe2jwhjNQrHhG__kn04
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 14 Oct 2022 04:29:04 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F659
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPePB_svVzcFC5kHlujbMEY&google_cver=1&google_push=AZmPxg-EqATXxTd557ZOp6Wu5daI5ZCxMeRcRz5xE9RdaGjHn1KoVXMQvZLSb9uIgGHhzdwpb_r...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlBXOEstMVItS0RVTg==&google_push=AZmPxg-EqATXxTd557ZOp6Wu5daI5ZCxMeRcRz5xE9RdaGjHn1KoVXMQvZLSb9uIgGHhzdwpb_rYaPUMXepwKUbwqY2cK8HQqvw

170 B
188 B

71ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlBXOEstMVItS0RVTg==&google_push=AZmPxg-EqATXxTd557ZOp6Wu5daI5ZCxMeRcRz5xE9RdaGjHn1KoVXMQvZLSb9uIgGHhzdwpb_rYaPUMXepwKUbwqY2cK8HQqvw

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk3WlBXOEstMVItS0RVTg==&google_push=AZmPxg-EqATXxTd557ZOp6Wu5daI5ZCxMeRcRz5xE9RdaGjHn1KoVXMQvZLSb9uIgGHhzdwpb_rYaPUMXepwKUbwqY2cK8HQqvw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F659
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_hm=Y0jlkcwDP06d9WkNbipKLwAABKwAAAAB&google_nid=index&google_push=AZmPxg-R5NOaKFhiPHuJ2lnqc36vN7dXxUZtQ...

170 B
188 B

30ms
30ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_hm=Y0jlkcwDP06d9WkNbipKLwAABKwAAAAB&google_nid=index&google_push=AZmPxg-R5NOaKFhiPHuJ2lnqc36vN7dXxUZtQAMEeR7SceijVAV6IW4V9J3R_Wb57IisZTpyIyhr6eo11kjDwlXkSuYV7uqxNQ

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAL3gbr2iW%2FTE%2FlxGvacuavEvodAMoX2vTbzhNFcn5886DmQRVaImUnEIACrgMrc3eWsflgbwGQrtAs72Mj9AHqV%2B2Qii5rJNgNdOaSReatCF8k5hTgcZAACJ86gZ8yEYvQfRZzXhhDMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHfar4PpRSZ98InFveGaWRY&google_hm=Y0jlkcwDP06d9WkNbipKLwAABKwAAAAB&google_nid=index&google_push=AZmPxg-R5NOaKFhiPHuJ2lnqc36vN7dXxUZtQAMEeR7SceijVAV6IW4V9J3R_Wb57IisZTpyIyhr6eo11kjDwlXkSuYV7uqxNQ
cache-control: no-cache
cf-ray: 759d926a8a139b6a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame F659 43 B
296 B 376ms
38ms Image
image/gif 2a05:d01c:1d8:8101:89b9:9490:4cb5:a17d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGCXl-5b4PUE1h0Akz_H8eA&google_cver=1&google_push=AZmPxg9jD3cF9tz4On80I4dpv28Rs9Q6vfqHjvG_vKOBjI1D_mEgfwasC_hzry4O2LrYjJIiDA7yMkXSt1YGr3zSQ7lSgKcxSV4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1011585970220301&output=html&h=241&adk=1132207560&adf=1436229289&pi=t.aa~a.1324467563~rp.4&w=890&lmt=1665721744&nsk=d6c787bb&rafmt=11&pwprc=6421834571&ad_type=text_image&format=890x241&url=https%3A%2F%2Fwww.healthguidehub.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665721744177&bpp=3&bdt=1044&idt=3&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db282366d4f51ef49-2266b44345ce0084%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q&gpic=UID%3D00000b728705a380%3AT%3D1665721743%3ART%3D1665721743%3AS%3DALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA&prev_fmts=0x0%2C1200x280&nras=3&correlator=8158589739359&frm=20&pv=1&ga_vid=87410678.1665721744&ga_sid=1665721744&ga_hid=1468200021&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=555&ady=1326&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C42531705&oid=2&pvsid=3978055268328446&tmod=140476144&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=2aB4PTBIfv&p=https%3A//www.healthguidehub.com&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:89b9:9490:4cb5:a17d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F659 0
223 B 109ms
27ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxdmZ1photIsvO86I6bJb25tlTiWfW7hwwYSwtSDvZse1-LWIyPmZuy1XfZsLJ8Fm7jCpv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:05 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E945
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
expires: Fri, 14 Oct 2022 04:29:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:04 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 93ms
50ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bcef31e4d2daa936cb01f4aaa24ca3c9ef0efdc276272909e6743ca782fa7d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11308
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame D6F8 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:19:38 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Oct 2022 04:29:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3F0E 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 03:08:47 GMT
expires: Sat, 14 Oct 2023 03:08:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 487B 783 B
533 B 32ms
30ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25d0c67135da460b4e122dbdb701f2d6344d1ec6f5a2898fc0d980d558fd036f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pLJMBiqmYB2feclgtQT9ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.healthguidehub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-pLJMBiqmYB2feclgtQT9ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 04:29:05 GMT
expires: Fri, 14 Oct 2022 04:29:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F0E 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 19:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 19:19:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 487B 0
0 55ms
55ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=3978055268328446&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3F0E 0
12 B 24ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oCeg5g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 04:29:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2F2A 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskk_7VqXlQbs7YVpM9DmubHrylviMm2kmtqrxz4bad1Io8pCPPFp9fm0E7aY1zinif40ZJCkXJATGSWCYW2_BKwPRTZ7lwL4O4w56ULPgYwJZyAkCRZ5fjxMhzr7sLtXfZDbfjew&sai=AMfl-YTvnIh9bUIshQ1xck6sJvNqwCaNPDuTY3r1mCvLe5hD8XBK3B2cEyJmdX29E0zMu9mJB9PYQpHmSAMyC5M&sig=Cg0ArKJSzBpT14Q9WtKWEAE&cid=CAQSGwCsnQUxO-xBezpSraestz4-DM8VJj_w7tZO4RgBIA4&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2618270785&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665721743525&rpt=1160&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C3DA 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZfKkX59JluH-tc0nZcB4JDZXGtIskzCVnsKvDubfPV1CiIg4u7y6PyaQiJtwFM5L55eKVI_zXOEEeYTSCfg9_a9hHuFymsAYZaUw2LRTxlXuUxduIVZmdpxumY6mT7O213ruCQg&sai=AMfl-YST7ba4MTWEFWV6gDwStAWFXqexzKur2yXYqqdpIzHmLQWyEcpElK6c2oN_zUr3l1MxTQ7InNSMnoE0P0Y&sig=Cg0ArKJSzLeCOrxUFEf_EAE&cid=CAQSGwDq26N9FZjPdqN24_2ZLZR8sXKo-diXR5s0VhgBIA4&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,848,1000,1000,1000&tos=0,848,152,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=0.77&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665721744224&rpt=506&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Oct 2022 04:29:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 58ms
58ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=3978055268328446&bg=!BQalBkLNAAYeOJy_Pjg7ACkAdvg8Wgxc6vrsKCPIHo3WFukNngFrcEi5EV1CLWY3Vu9cs_v3YH_U2AIAAABgUgAAAAJoAQeZAp8he60xD8qeJYjsbD4QmhIeyFAyasT3q_PDVEXUPFQ0KallP4oDRhdaKSkLoCw12gSk84aX3f3MUU-mFVtHDCYzlWCjylOEmsTheGxn9617xIylLo57T71qd6DGzE17IAui4VAc6Gwhk0HsASD7GrnYy77jwgSlPtHiQK762eWNkpVut164U_0q_2mQ_v54y7zebdaZw4tceiVEdK6VO-IrC_SOjuaplXHtEWIhnbBXS50Ab25AYeLbgN40YPXumK9Wgt8he4YDeCiyznjOeUA0qDc3ZOir5Wflp7RqecrYcMKAGPNZ1DBrPJEGpoeDbmUhCJekAhCYDJEZwqsWQBzmzYmh6ARrP8VuYEu-_j-h58Dzc4FGomOjsKNi7lZYeyQPV5VvmF36-d0iAXuJUNrqDKfzi0IP9TS_8iY-0BPpO1L78foDg0TLz3wbWfpYy47XG96NnWF0Y6tlN3t0gBacFdAMJWR7foNEQZOB9REpJsfgDPcCR2TOdh4TA4RdQ2I7zyxB2fSbP0QX9cj6EG8YeujmLCOsxHi7SbY1uMg6ZgX4kTnzoB_I24Ux4rOcHR5iWtXdj9fQeinFAIHudV1NsVRJ3Xxwt-_6EmYphHacOJvf9WShBv2Cg1vzD7cSKJN2TYmSfXQwEfQHVSNqQKPsGVJznL6umFdHfoWzWmfGYjx1Esi2rCrBTH4yH49T74mroaeNCKihkFPnBL9Do5CRkjwdmkJRvIMO2rQfkUIl0LmaZnhdBskE9y35rwf1YZNiXAY4lr5zEGXrKt3Wco2Q4h9hXhlJjWGNLAtGLwqERP1ufdmBMnPcvObSMUdaK1zR5huJzPgmlRsnE8JV1VPfiynfZeVfsi8iyqGGxn8bsNoREs6SWnWr2w18c-sB2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.healthguidehub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.healthguidehub.com/	1970-01-20 16:03:37	Name: __gads Value: ID=b282366d4f51ef49-2266b44345ce0084:T=1665721743:RT=1665721743:S=ALNI_MaJ9L62e-3t-UJDxlJMW76in6NZ9Q
.healthguidehub.com/	1970-01-20 16:03:37	Name: __gpi Value: UID=00000b728705a380:T=1665721743:RT=1665721743:S=ALNI_MbgT9zIv47JPc5kQhs4tE6lvKthgA
.doubleclick.net/	1970-01-20 16:03:37	Name: IDE Value: AHWqTUlnma2QaYRd6aGF2VWznfyR9hTNnyIY6uXO76MyoToXlOy3WicFxJh07eW_Hug
.doubleclick.net/	1970-01-20 06:42:05	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 08:51:37	Name: d Value: EBUBCQGqJ4EA
.quantserve.com/	1970-01-20 16:12:16	Name: mc Value: 6348e590-ef956-7f05f-9c1b5
.casalemedia.com/	1970-01-20 15:27:37	Name: CMID Value: Y0jlkcwDP06d9WkNbipKLwAA
.casalemedia.com/	1970-01-20 08:51:37	Name: CMPS Value: 1196
.casalemedia.com/	1970-01-20 08:51:37	Name: CMPRO Value: 1196
.casalemedia.com/	1970-01-20 08:51:37	Name: CMTS Value: 1188
.innovid.com/	1970-01-20 08:51:37	Name: uuid Value: de4bd713-36be-489e-b507-a00da5018fb5-20221014 00:29:05

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12720944298321783307/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.healthguidehub.com
104.18.18.126
142.250.185.66
172.217.18.2
185.64.190.78
2606:4700:3033::6815:52a0
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2004
2a05:d01c:1d8:8101:89b9:9490:4cb5:a17d
34.98.67.61
35.186.253.211
69.173.144.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1243be7becb15355e84925a14b94e0123f64c7f3efe50b759e7b6fbe42a75db9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
2084b3a8c580979c2789492b019ddfdbe64de9752589c83b19f8bb582d5706ef
2472f54ead6791203b6913547506ba702899a8c088f826315ae4637c4adbd1b4
25904bd96583a2770797ec23c6674dd3df7fc4953890dad6f916ca9ca6cc795e
25d0c67135da460b4e122dbdb701f2d6344d1ec6f5a2898fc0d980d558fd036f
3362c2422af727e6f97af0c79981c516b3fd87be11febaaa954471cf6fcaa0e2
379637dbba0e5ecc136ab438618c654b5a881c19b21c32ec9f097512096f2de8
399d149e6e521236f1387cf500349378dc1a18ac272332b6ce16c763819e56e7
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
4065bd71e2616fb14b9c8ddc529d0e0175d0044aed3a4144406b4b253dd345a7
438206dead5f418ab5436965e6f545c7dff6738d3ad4804dcc90cd7197ca3f7a
46c25a1e70c0f040546a3516fbcb2fdc2acdb495f33796b0a1ed4ce58beb0953
49116d73c435a1067eb760c5b64ef36a4315a0d8e525aa591ad42ab0cacfcc13
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5452f37b4d5e1e180e153a9bc111a79397983d2d6e7d85507a1f144e1ea127e5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564f37c76d73946c72b6466889f189406262443e8fbab414b00579a2f7c579d4
5896add95b897b34f3de75b3cb9ee5d8be581629c8ddd3e0395c662eb0c6818a
5987e753df7b968f9ab112f4fc365cc265e2b59090a78ef208067db54a6c6f66
5bcef31e4d2daa936cb01f4aaa24ca3c9ef0efdc276272909e6743ca782fa7d1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f5ded0e9f30e18aafb4347700bab7a7354680cc144bf201c04e56c52a4e0b1c
7108d3f9dc1ec6513e64bc020ac3e3f3262b2b2685a0c93431faa601fa0fdfa4
71ac1398b37f33fa79c4802313914995559b5ca2283a7a8ed86ae53f144e411e
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
835289d5cc31a66d9be3e7f0df6ccbe72b5068f3f2cda7ab325e5a2f56d92321
83e92dec77dabf457a99aba7667dcd20fa23e50ab2563ac88983cad8e847a080
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
910760c744723d89825de6e3e3006a4e1ade1fed31808d2e8787a3b9839cb664
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a1cc757e1b6b1a8fb9a3b2b7d4fe2eb8e2428b7864763ffea784251098fd08d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afb931b682b2c66ef7a531f0c91e30842dc5cae07ca2d63eae11a134c94d75c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3f2a662e399f4a27bf05a772432a01733f6ba9320d77b8ddbc3c761a0e7ae69
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
afb0b077b0f9d3a58ca5e70bf5a3daecee076f99126de42a0161ef1d0a1f997a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
bceacaea3d70711c243242dfa5d1ac81a518bbe235be8823e96c250c40334ffe
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6fa871ae2ad40bfc04468540cda5f21ce491bd92e725dd0d02073adf306a7f4
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
d09d07b3c1894d4aad79a535ba616f9e27ea726b3e6fc85c0b312f009c659689
d756fae248afd80e609acef968d337d607c24024f7dc7022e32e3ba163132d93
dfc67d1a41c63fee6233b5e2c46e6705e21450099f7125738d38f661dea398c4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e3d6429fa8b87d280e498deb930beb61373800d0d65a0bdf51ccd7bc19710b
eef6ee14e38dc8fcead28adba161196df3f584f0e019afedbf5ff4959eef66f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08623639a7d6f57dbc4d5336a4701a56dd7649e3bc2908da3d07b93b6d48f45
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.healthguidehub.com Open in urlscan Pro 2606:4700:3033::6815:52a0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

98 %HTTPS

65 %IPv6

16 Domains

20 Subdomains

19 IPs

4 Countries

1070 kBTransfer

2933 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.healthguidehub.com Open in urlscan Pro
2606:4700:3033::6815:52a0 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

98 %
HTTPS

65 %
IPv6

16
Domains

20
Subdomains

19
IPs

4
Countries

1070 kB
Transfer

2933 kB
Size

11
Cookies

107 HTTP transactions
3 data transactions