www.astrodreamadvisor.com Open in urlscan Pro
192.111.153.210 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.astrodreamadvisor.com/
Submission: On December 23 via api (December 23rd 2023, 6:57:52 am UTC) from US — Scanned from DE

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 81 HTTP transactions. The main IP is 192.111.153.210, located in United States and belongs to DACEN-2, US. The main domain is www.astrodreamadvisor.com.

This is the only time www.astrodreamadvisor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	192.111.153.210 192.111.153.210	31863 (DACEN-2) (DACEN-2)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2 2	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
81	12

42 192.111.153.210 (United States)

ASN31863 (DACEN-2, US)
PTR: vint.valisinternational.com

www.astrodreamadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	astrodreamadvisor.com www.astrodreamadvisor.com	352 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	340 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	82 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	46 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1965	2 KB
2	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 2085	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
81	10

	Domain	Requested by
42	www.astrodreamadvisor.com	www.astrodreamadvisor.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com pagead2.googlesyndication.com
9	pagead2.googlesyndication.com	www.astrodreamadvisor.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	www.googleadservices.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.paypalobjects.com	www.astrodreamadvisor.com
2	www.paypal.com	2 redirects
2	www.google.com	www.astrodreamadvisor.com tpc.googlesyndication.com
1	fonts.googleapis.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
81	12

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://www.astrodreamadvisor.com/
Frame ID: BBEF5E2185F94E0830B4870AC8604D3D
Requests: 51 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 9935E5F93CFC6B2668ED0E99714729E0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5986741026628340&output=html&h=90&slotname=6952500379&adk=2265315341&adf=370553860&pi=t.ma~as.6952500379&w=728&lmt=1495145487&url=http%3A%2F%2Fwww.astrodreamadvisor.com%2F&ea=0&wgl=1&dt=1703314667694&bpp=233&bdt=232&idt=436&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&correlator=7050740017145&frm=20&pv=2&ga_vid=29638131.1703314668&ga_sid=1703314668&ga_hid=1118968410&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=3646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44795922%2C95320884&oid=2&pvsid=2354272396417802&tmod=1838342696&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=462
Frame ID: E58F9B4DB5B76BC4EC2E8DFDF27715D7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5986741026628340&output=html&adk=1812271804&adf=3025194257&lmt=1495145487&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fwww.astrodreamadvisor.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703314667949&bpp=3&bdt=487&idt=218&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6952500379&nras=1&correlator=7050740017145&frm=20&pv=1&ga_vid=29638131.1703314668&ga_sid=1703314668&ga_hid=1118968410&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44795922%2C95320884&oid=2&pvsid=2354272396417802&tmod=1838342696&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=238
Frame ID: 103AB8A6DBF060D8461C60E888270DE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html
Frame ID: C72AEA90EBE1DB3FC0D44AB8682595C2
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 0C00EFB44920D288E85CAD746A60AFCC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 67DCF15CEF93999F350A451D2F3667B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A081A9F221C75865CCB84360FECE645
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

81
Requests

42 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

891 kB
Transfer

1772 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif

Request Chain 20

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 50

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ7iu7ISGZeGEDKeN9fgP8Pad4AWS7LikbPDxmeyUEJrdutyODhABIK2-xwpglQKgAeK_oeIDyAEJqQIJyejZMkmpPqgDAcgDSKoE1QFP0HCl16LQ-NkKi2gZSyIFGu4ubmv1MpkHaUUqInGWR1FGd9ML5hP7VNqldAWJ_lb3iLmseTu7K4ElXjix4KTtQy23pbaMz0ZIZG5Fz3n93tQpfuM2q7GMhmPe_JqX00S2q3-g6qD6ZAd_GhC8kEtkEoZa-A08dlZlhN7yVZeHtu1ub-PEt-0Poqh7fMIRRfrvRT61Z9X0gK5MFzFsl9YvU9Fx0dzpGQc9wI88tWBhJGVGgOnKOT8JaGm9Z3YGSdxT0V8iVSPqhDAerk7EjU2qgyU6snLABIak8r-HBIgFiIrC-z6SBQQIBBgBkgUECAUYBKAGLoAHhsDeHagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJqTA9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY7vbzzf2kgwOaCWVodHRwczovL2Rvd25sb2FkLnBjc3lzdGVtZml4LmNvbS9kcml2ZXJzLz9icmFuZD1XaW5kb3dzJmxvZ289d2luZG93cyZ0bT10dCZhcD1nYWRzJmFhaWQ9YWRhOFhEWUpDVjVOd4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItNTk4Njc0MTAyNjYyODM0MBgA&sigh=3YyolLly2wY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_iZ0Mx2wm16TYfgexFuLDv0ZfUmsDU9LrY8s2ZDjkNBwgxBdRDVWJ11y_A2wkOVb2wr9bH4EwKKSGEQccu3kEwOh3TIoKwL2Lg1cYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22551553570164117050%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218113619102678611393%22}&andc=true

81 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.astrodreamadvisor.com/ 34 KB
34 KB 1089ms
142ms Document
text/html 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to

Full URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 372be688e845f11a4b4573e342ff4b0ac565d98dacdd8e06a9d35016268d9bb6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 34637
Content-Type: text/html
Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:27 GMT
Server: nginx

GET
H/1.1 200
OK Light_Center_Logo_2.gif
www.astrodreamadvisor.com/images/ 6 KB
6 KB 287ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Light_Center_Logo_2.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 9e90cfe121bb393b8862584646d8423ca1f27229344d6d4e80d34a0c4278a5d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:38 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5725
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Magical_Approach_INX.gif
www.astrodreamadvisor.com/images/ 10 KB
11 KB 288ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Magical_Approach_INX.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 6acca8235010003cccecb17adae1b51751e7bd80b77193fc83fa1de33e7a2503

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:38 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10689
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Self_Index.gif
www.astrodreamadvisor.com/images/ 13 KB
13 KB 268ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Self_Index.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 9db8806409a6faea28f77e800c6a0c8a2660a6d2c3bb4f481e8daa1aab5ac93f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:39 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12994
Content-Type: image/gif

GET
H/1.1 200
OK Current_Events.gif
www.astrodreamadvisor.com/images/ 1 KB
1 KB 274ms
138ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Current_Events.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 7244aa86951c77b73672aa9f94f2cdfb63f3fdd98fe3958be49527ce12992a26

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:39 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1164
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Exercises_Index.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 169ms
143ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Exercises_Index.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 936fc26f24d904e9a61c0fa0e6e9ff64d198ad101dea550112c5ee45fabd212d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7973
Content-Type: image/gif

GET
H/1.1 200
OK Seth-Message.gif
www.astrodreamadvisor.com/images/ 1 KB
1 KB 295ms
148ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Seth-Message.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: eb70a8f8a90ca4b880e7533dde7eebbc0baced626956062fb4db076641cce019

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1035
Content-Type: image/gif

GET
H/1.1 200
OK Edgar_Cayce_Index.gif
www.astrodreamadvisor.com/images/ 6 KB
6 KB 143ms
142ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Edgar_Cayce_Index.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: fee1d6ce225ce833a452e19ff471fc71e592c703c50b7f5a69d91c9acef4a48d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:40 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5634
Content-Type: image/gif

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
11 KB 86ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 8188157995017847591
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10584
X-XSS-Protection: 0
Expires: Sat, 23 Dec 2023 06:57:47 GMT

GET
H/1.1 200
OK musings.gif
www.astrodreamadvisor.com/images/ 7 KB
7 KB 145ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/musings.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 5880a129f190db62c29668de687f818d80109ef1d0f92a76bc3c84e4ead15193

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:41 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6927
Content-Type: image/gif

GET
H/1.1 200
OK FacebookBadge.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 137ms
137ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/FacebookBadge.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 8f26adcf4d5c77b70370429c72b4fee8ceb984846d8c4c4f05c7336669fd0820

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:41 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7920
Content-Type: image/gif

GET
H/1.1 200
OK Logo_25wht.gif
www.google.com/logos/ 2 KB
2 KB 52ms
29ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/logos/Logo_25wht.gif

Requested by

Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4488333adcd7deb7572caaa680e1a4d9df638ed0738f20b064408fd67fac9428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Oct 2019 12:00:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 1607
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Sat, 23 Dec 2023 06:57:47 GMT

GET
H/1.1 200
OK Pages_Body_Home.gif
www.astrodreamadvisor.com/images/ 3 KB
3 KB 144ms
143ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Body_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: a387ff4a942b08b486b4f2f3d9960f07730d739708cf8bfad9b9da3108755018

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:42 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2683
Content-Type: image/gif

GET
H/1.1 200
OK pages_mind_Home.gif
www.astrodreamadvisor.com/images/ 4 KB
4 KB 146ms
146ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_mind_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 149907408b7f6b6306e89285716bc09867f22bb2f356d790a509a69f4ae5f88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:42 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4361
Content-Type: image/gif

GET
H/1.1 200
OK pages_spirit_Home.gif
www.astrodreamadvisor.com/images/ 2 KB
2 KB 144ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_spirit_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 7ff75687adb8341f10a09ab05e228997287173e41649f849538317f907814667

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:43 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2327
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Dreams_Home.gif
www.astrodreamadvisor.com/images/ 4 KB
4 KB 138ms
137ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Dreams_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: b70b594be3c2d44a6e8417dce6b4a6c1ac8afaf4d82719bb37e09ad57644cb1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:43 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3590
Content-Type: image/gif

GET
H/1.1 200
OK permaculture.gif
www.astrodreamadvisor.com/images/ 5 KB
5 KB 148ms
148ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/permaculture.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 7821774c5ff964f8eb6fbb52e4fa72b2704c1a0fb78813650a81e721e7c69e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:45 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4978
Content-Type: image/gif

GET
H/1.1 200
OK Pages_SacredGeometry_Home.gif
www.astrodreamadvisor.com/images/ 5 KB
6 KB 144ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_SacredGeometry_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: d4510dd9051067615ffcad20570858256bb46c8087e256184eaec3ff514d0034

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:45 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5621
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Sayulita.gif
www.astrodreamadvisor.com/images/ 7 KB
7 KB 144ms
143ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Sayulita.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: f20de2848dd5f9934f0d23f42a2cef6edc90c2de5b7c8dbf8142d3efb8af94fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:47 GMT
Last-Modified: Thu, 18 May 2017 22:11:45 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6842
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Mayan_Home.gif
www.astrodreamadvisor.com/images/ 11 KB
11 KB 138ms
138ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Mayan_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 1affb4d1eabc9de58f3fa68993da8ebe62fb75dc2fa2e3c66e512d1fc2dfd732

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:48 GMT
Last-Modified: Thu, 18 May 2017 22:11:46 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11277
Content-Type: image/gif

GET
H2

200

btn_donate_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donate_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif

2 KB
2 KB

113ms
22ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif

Requested by

Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCD) /

Resource Hash

4fb15dce7fe6fe37f90017fb3a173263d2698ca0d530da6a30d4383afebdfffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: ec52a6b6ebd53
dc: ccg11-origin-www-1.paypal.com
content-length: 1597
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/4CCD)
traceparent: 00-0000000000000000000ec52a6b6ebd53-8c6270d4d6193633-01
etag: "5d5637bd-63d"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 23 Dec 2023 07:57:48 GMT

Redirect headers

date: Sat, 23 Dec 2023 06:57:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f687126c6e2ca
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-fra-eddf8230097-FRA, cache-cph2320028-CPH, cache-cph2320028-CPH
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f687126c6e2ca-29030c6a2f2ff3b0-01
x-timer: S1703314668.711733,VS0,VE169
location: https://www.paypalobjects.com/en_US/i/btn/btn_donate_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
185 B

114ms
23ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 44dbe3fea9359
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
traceparent: 00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 23 Dec 2023 07:57:48 GMT

Redirect headers

date: Sat, 23 Dec 2023 06:57:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS, MISS
paypal-debug-id: f687126c89a8f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-fra-eddf8230130-FRA, cache-cph2320028-CPH, cache-cph2320028-CPH
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f687126c89a8f-db9c83015a5ef388-01
x-timer: S1703314668.711925,VS0,VE169
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0, 0, 0

GET
H/1.1 200
OK pages_astrology.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 143ms
143ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_astrology.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 7128375e893d61f5c0164d1a649656e5ff5e5b14e9c58c5a6fe12fe9b2d3eee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:48 GMT
Last-Modified: Thu, 18 May 2017 22:11:46 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8038
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Books.gif
www.astrodreamadvisor.com/images/ 4 KB
4 KB 144ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Books.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: c0ed1f02e94a467045105e8ec2d242d52a614ba6028f8c7d926edab4fdbef736

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:48 GMT
Last-Modified: Thu, 18 May 2017 22:11:47 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3963
Content-Type: image/gif

GET
H/1.1 200
OK TCM_Home.gif
www.astrodreamadvisor.com/images/ 9 KB
9 KB 147ms
147ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/TCM_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 1e7439b128eaa99049ec8850b25ef27016eac502147f37ee0f3e44ddea0b9c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:48 GMT
Last-Modified: Thu, 18 May 2017 22:11:47 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9169
Content-Type: image/gif

GET
H/1.1 200
OK ilsa-tees.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 148ms
148ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/ilsa-tees.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 7d725a13e19e019283d5fee08ed0135495e5ad4b1e97f951a02967117b8b36ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:48 GMT
Last-Modified: Thu, 18 May 2017 22:11:48 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7740
Content-Type: image/gif

GET
H/1.1 200
OK pages_service_Home.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 144ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_service_Home.gif
Requested by: Host: www.astrodreamadvisor.com
URL: http://www.astrodreamadvisor.com/
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 1fb6f01f183a1ac24999d1dbacfc1ab7150ee3b114435db3828822a83e9225bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:48 GMT
Last-Modified: Thu, 18 May 2017 22:11:48 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7758
Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 154ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

694d090429f195703de7eccc28fec8201942eb66874e9a209dbe997743d216f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51300
x-xss-protection: 0
server: cafe
etag: 15998599017316891895
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 06:57:47 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=pub-5986741026628340&plah=www.astrodreamadvisor.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f559b968cc98847ed02f84bc79bddb944811a7cec7f8162dae6590f3fd556b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137956
x-xss-protection: 0
server: cafe
etag: 3847475087412116860
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 06:57:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 9935 9 KB
4 KB 77ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.astrodreamadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 61690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Fri, 05 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E58F 131 KB
41 KB 881ms
873ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5986741026628340&output=html&h=90&slotname=6952500379&adk=2265315341&adf=370553860&pi=t.ma~as.6952500379&w=728&lmt=1495145487&url=http%3A%2F%2Fwww.astrodreamadvisor.com%2F&ea=0&wgl=1&dt=1703314667694&bpp=233&bdt=232&idt=436&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&correlator=7050740017145&frm=20&pv=2&ga_vid=29638131.1703314668&ga_sid=1703314668&ga_hid=1118968410&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=3646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44795922%2C95320884&oid=2&pvsid=2354272396417802&tmod=1838342696&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=pub-5986741026628340&plah=www.astrodreamadvisor.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e640de8e3bfb9c7f4d7ffbbaff6e85b1f15416db093353e09d5652d4201adae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.astrodreamadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42251
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 06:57:49 GMT
expires: Sat, 23 Dec 2023 06:57:49 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 103A 0
180 B 32ms
31ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5986741026628340&output=html&adk=1812271804&adf=3025194257&lmt=1495145487&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x945_l%7C404x945_r&format=0x0&url=http%3A%2F%2Fwww.astrodreamadvisor.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1703314667949&bpp=3&bdt=487&idt=218&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_slotnames=6952500379&nras=1&correlator=7050740017145&frm=20&pv=1&ga_vid=29638131.1703314668&ga_sid=1703314668&ga_hid=1118968410&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44795922%2C95320884&oid=2&pvsid=2354272396417802&tmod=1838342696&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.astrodreamadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 06:57:48 GMT
expires: Sat, 23 Dec 2023 06:57:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame E58F 9 KB
4 KB 78ms
26ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5986741026628340&output=html&h=90&slotname=6952500379&adk=2265315341&adf=370553860&pi=t.ma~as.6952500379&w=728&lmt=1495145487&url=http%3A%2F%2Fwww.astrodreamadvisor.com%2F&ea=0&wgl=1&dt=1703314667694&bpp=233&bdt=232&idt=436&shv=r20231207&mjsv=m202312070101&ptt=5&saldr=sd&abxe=1&correlator=7050740017145&frm=20&pv=2&ga_vid=29638131.1703314668&ga_sid=1703314668&ga_hid=1118968410&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=3646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079759%2C44795922%2C95320884&oid=2&pvsid=2354272396417802&tmod=1838342696&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 01:04:19 GMT

GET
H2 200 f3d12415f986ed3504122551351bc1d0.js Show response
www.gstatic.com/mysidia/ Frame E58F 42 KB
16 KB 78ms
27ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 07:10:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16637
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 18 Mar 2024 07:10:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E58F 2 KB
875 B 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 01:54:19 GMT

GET
H2 200 50459845d1cbd526a76ea757de42d266.js Show response
www.gstatic.com/mysidia/ Frame E58F 23 KB
10 KB 74ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 15:24:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9842
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 19 Mar 2024 15:24:56 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame E58F 23 KB
9 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28652
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 23:00:17 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E58F 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E58F 20 KB
9 KB 77ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E58F 203 KB
65 KB 104ms
43ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Dec 2023 06:57:49 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame E58F 37 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 406866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 17 Mar 2024 13:56:43 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/ Frame C72A 12 KB
5 KB 25ms
23ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf48807a84b1856327f8d8dace38ff704b03a10e006b2c5c54978be54a163f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 335764
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3172
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:41:45 GMT
expires: Wed, 18 Dec 2024 09:41:45 GMT
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E58F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85cf8ad45486925e12baef5a62c06666cf0f860dd340bebb92f4659199ba281f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C72A 6 KB
3 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:35:55 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C72A 34 KB
13 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42629
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:07:20 GMT

GET
H2 200 56c26d12eb4fae81ed7ea8d50513f97f.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/ Frame C72A 68 KB
18 KB 29ms
28ms Script
application/x-javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/56c26d12eb4fae81ed7ea8d50513f97f.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f46fab7af64ed7ccd261853a904f4575ec569f96189425ad76b8992b814edc38

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 15 Dec 2024 08:47:07 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 16 Dec 2023 08:47:07 GMT
age: 598242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18000
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 css
fonts.googleapis.com/ Frame C72A 4 KB
1 KB 88ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/56c26d12eb4fae81ed7ea8d50513f97f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

de04008749cf9cfc88fc1a95d1566c053297e39fbba5376181b843f3ee798e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 23 Dec 2023 06:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 06:45:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 23 Dec 2023 06:57:49 GMT

GET
H3 200 cdca4b68d1e702f1982f67810c2e1c6d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/media/ Frame C72A 5 KB
5 KB 25ms
25ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/media/cdca4b68d1e702f1982f67810c2e1c6d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47c16b8572a745ba01457021e38c6f958fdcc41876ef32fa49e2a97a139cefa3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 22:36:44 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 18 Dec 2023 22:36:44 GMT
x-content-type-options: nosniff
age: 375665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4944
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 62dd309a803999f75708e6da938e6d76.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/media/ Frame C72A 4 KB
4 KB 23ms
22ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/media/62dd309a803999f75708e6da938e6d76.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a51e917ab7b05f99fe534bb85455422c1fd053f5da85132b1248ee59123584

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12036032517379468252/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 03:45:24 GMT
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 19 Dec 2023 03:45:24 GMT
x-content-type-options: nosniff
age: 357145
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4021
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 15:19:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ Frame C72A 20 KB
20 KB 79ms
27ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:51:33 GMT
x-content-type-options: nosniff
age: 338776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:51:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C72A 15 KB
16 KB 73ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto+Condensed:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tpc.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 338630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:53:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E58F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ7iu7ISGZeGEDKeN9fgP8Pad4AWS7LikbPDxmeyUEJrdutyODhABIK2-xwpglQKgAeK_oeIDyAEJqQIJyejZMkmpPqgDAcgDSKoE1QFP0HCl16LQ-NkKi2gZSyIFGu4ubmv1MpkHaUUqInG...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22551553570164117050%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22...

0
0

107ms
57ms

Fetch
text/css

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22551553570164117050%22,%22debug_reporting%22:true,%22destination%22:%22https://pcsystemfix.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221011376098%22],%2222%22:[%22true%22],%224%22:[%2212-23%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218113619102678611393%22}&andc=true

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"551553570164117050","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"18113619102678611393"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 23 Dec 2023 06:57:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 23 Dec 2023 06:57:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"551553570164117050","debug_reporting":true,"destination":"https://pcsystemfix.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1011376098"],"22":["true"],"4":["12-23"],"6":["true"]},"priority":"500","source_event_id":"18113619102678611393"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK Pages_Body_Home_RO.gif
www.astrodreamadvisor.com/images/ 6 KB
6 KB 145ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Body_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 607119050104843e315d355b44b1f37878d53031008a40c1f949f7674d369033

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:28 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5833
Content-Type: image/gif

GET
H/1.1 200
OK pages_mind_Home_RO.gif
www.astrodreamadvisor.com/images/ 6 KB
6 KB 150ms
148ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_mind_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 8d68091fdbcbded2ed9f8a83f5844d3746d3e90760017a5483b18692d043f073

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:29 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6442
Content-Type: image/gif

GET
H/1.1 200
OK pages_spirit_Home_RO.gif
www.astrodreamadvisor.com/images/ 6 KB
7 KB 147ms
145ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_spirit_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 802ebef34690190997f2df16679eede5f2b77e3fea52e677f4949dbc55dbd1bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:29 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6520
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Dreams_Home_RO.gif
www.astrodreamadvisor.com/images/ 9 KB
9 KB 147ms
145ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Dreams_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 3c8e6def56728231435aed30c385114c7823eea5779628bca826b762e3f33d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:30 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9069
Content-Type: image/gif

GET
H/1.1 200
OK Pages_SacredGeo_Home_RO.gif
www.astrodreamadvisor.com/images/ 7 KB
8 KB 145ms
143ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_SacredGeo_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: ab00920a9d5d0d862c2e71a344a8bab1a5e157fa127f678a798ff90826db2f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:30 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7651
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Mayan_Home_RO.gif
www.astrodreamadvisor.com/images/ 7 KB
7 KB 140ms
138ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Mayan_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 4a88c977ae00f5e28f01fa8c9326ec67d5c2ff48a500df6cd6153307a876fb84

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:30 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6935
Content-Type: image/gif

GET
H/1.1 200
OK pages_astrology_RO.gif
www.astrodreamadvisor.com/images/ 11 KB
12 KB 138ms
137ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_astrology_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 06c21810a25490008992a167dff7a2edeeec5df9b49bb17fdaa1a32a3100ada6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:31 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11629
Content-Type: image/gif

GET
H/1.1 200
OK TCM_Home_RO.gif
www.astrodreamadvisor.com/images/ 11 KB
11 KB 146ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/TCM_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: e57cda6879edd9e99af440e21cc7514a1fd488e07fe20866a89c971186f6d15a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:31 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11196
Content-Type: image/gif

GET
H/1.1 200
OK ilsa-tees-RO.gif
www.astrodreamadvisor.com/images/ 31 KB
31 KB 143ms
143ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/ilsa-tees-RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: d203a5122a17fb56ef4fbbdded8bca3939c1debd00143e45446df6b5c051a7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:32 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31237
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Books_RO.gif
www.astrodreamadvisor.com/images/ 6 KB
6 KB 145ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Books_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 90c6e6af93994981046eb99ab04666fb71d7f896b8c4a90716460de7be257482

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:34 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6236
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Sayulita_RO.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 145ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Sayulita_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: c8e3991a60951b26a50ba41a36c8a55dd09593fcb556d1368ed5e2dc04be3ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:34 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7980
Content-Type: image/gif

GET
H/1.1 200
OK pages_service_Home_RO.gif
www.astrodreamadvisor.com/images/ 8 KB
9 KB 149ms
148ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/pages_service_Home_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: ad38d8b4f11190203d064d676411357a65ab8e6c525b6b011e7f83181c2e4875

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:34 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8701
Content-Type: image/gif

GET
H/1.1 200
OK musingsRO.gif
www.astrodreamadvisor.com/images/ 13 KB
13 KB 138ms
137ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/musingsRO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: ea0a8ef8b50fa1400580a7bfdd922f505bafc7ecdf0592fc4d0b3dd81aebb9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:35 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13050
Content-Type: image/gif

GET
H/1.1 200
OK permacultureRO.gif
www.astrodreamadvisor.com/images/ 10 KB
10 KB 145ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/permacultureRO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: d1295cc68308afb667f70a733dfd0858a77e5198040e5aa5bbf196615a6040b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:35 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9837
Content-Type: image/gif

GET
H/1.1 200
OK Current_EventsRO.gif
www.astrodreamadvisor.com/images/ 2 KB
3 KB 145ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Current_EventsRO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: b909cb6a8638e4bbfce915aed3413ced0acfebe11bdb51bb43ea95e0b9680cd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:36 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2542
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Self_IndexRO.gif
www.astrodreamadvisor.com/images/ 8 KB
8 KB 144ms
144ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Self_IndexRO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 54c9a7c7c3389fdbbe82968ac8778e3c67da4d05cf34c112b459748696bb3493

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:36 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8316
Content-Type: image/gif

GET
H/1.1 200
OK Edgar_Cayce_Index_RO.gif
www.astrodreamadvisor.com/images/ 6 KB
7 KB 148ms
148ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Edgar_Cayce_Index_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 0eaca057888d6395b46ed9302eee57488dd905f7d753fd102278b31d463c6b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:36 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6616
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Exercises_Index_RO.gif
www.astrodreamadvisor.com/images/ 5 KB
5 KB 138ms
138ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Exercises_Index_RO.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: 881e549ac88d1303e743c3b3450a75bcd4d0eb4230c0bb0f5c41398a08dc37a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:49 GMT
Last-Modified: Thu, 18 May 2017 22:11:37 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4915
Content-Type: image/gif

GET
H/1.1 200
OK Pages_Magical_Approach_INX1.gif
www.astrodreamadvisor.com/images/ 13 KB
13 KB 147ms
147ms Image
image/gif 192.111.153.210
DACEN-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.astrodreamadvisor.com/images/Pages_Magical_Approach_INX1.gif
Protocol: HTTP/1.1
Server: 192.111.153.210 , United States, ASN31863 (DACEN-2, US),
Reverse DNS: vint.valisinternational.com
Software: nginx /
Resource Hash: c3e924e789f3078ec8f166eafac1d28142a93e9e827cbe00818669cfb02fe1fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sat, 23 Dec 2023 06:57:50 GMT
Last-Modified: Thu, 18 May 2017 22:11:37 GMT
Server: nginx
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13529
Content-Type: image/gif

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 130ms
82ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e09494b7bc09fe0d4dd8e389b158296ec7e06a486d7e76cfe69714fb171458f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12136
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0C00 51 KB
19 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:35 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C72A 51 KB
19 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 09:13:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 251054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 19 Dec 2024 09:13:35 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 122ms
56ms Preflight
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 23 Dec 2023 06:57:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 06:57:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67DC 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.astrodreamadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36950
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 20:41:59 GMT
expires: Sat, 21 Dec 2024 20:41:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A08 829 B
1 KB 89ms
34ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c08f916458d7bdeaa4f6788d85890fc30bfd1ff34e70b6febe9f001c25af3d1c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hj2soy14I53XcrY_4n9dfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.astrodreamadvisor.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hj2soy14I53XcrY_4n9dfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 06:57:49 GMT
expires: Sat, 23 Dec 2023 06:57:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 67DC 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:41:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A08 0
0 56ms
55ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2354272396417802&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 67DC 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bw1LdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 06:57:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2354272396417802&bg=!DwylDEPNAAY3kmNgF5I7ADQBe5WfOGKbd710T6wgPkeGmMU-rGHr5YFZSep-71qpMp_Yarp3jlxSWBdtz1jq1Rk3_omfAgAAAGJSAAAAA2gBB5kDB7c95TEjEC60t2z1mB67xTO1JMx1PRED9u-ngrUvBauxTH7tzdsF75G2jOifCJURJeywmYmIh-Bqtmv1Jucqtlh5wFnTPs9Y45qG1Rnr3OVyUGWjD-WTNqxhIPilG9jIAJokEsWsxTVcDgvqBNKRKm-afq3mX0cB4dT41oVFvF8zy163LuurQ7DygVdQxB_GOldCFGbmtxLQKnTdgApLbOcEl7gbu4L1ioKPh0isNognxZu2R9kw5v6hVjLPz9S_UoKj-zudMqVtczHehFig1NdVKfu9tpm2y3PcItA7I2-hwXS8FPUZvTUsiGo3EpuOcjEq_bUNOeDkMLZv5VyJMfj15bXd0dqUpbH74x71MJ2PWgvk4OfhyzbLW3bIjrxnjgcN-BnT8HNt-p__29aXv78Yt0dnY-f9my8wAaZ_Zo0_pJwTQTrOcgxPB52U5R7ZmH6HSG_esAr4FazLN9BHeHcNoqh5vooMAT17FoXIssbSFmK1SNdtTR2VN8D_2XFliTGOBK8mf2EJAvOX-J3LL-7Ey1M_-p0OokNxkqmz90raST5R2U6Anpy2sYT-hmbOgbuRsAmfMMa-rOWjEPP5s_ZuaJ30jE25qH8kMCwFwkVEXjvQrDu5xWORweB18e3ljpDZGAF9R8wr-2_G0hmdFMu764ydRD0UiM9yfIYsxjzVRMmjQgAKXgPmHFBEquOhtO9mmuj5G_N6lmATa3kBgNgEF3gZnOcj7THDikwzQBWAtg0eIim33dq6gxvInWcQ8S1xkIG34U8WFLJu4uzqarAXddKps3Tsv7we3QEQ2lfKqJp4FLBgBGHy_Rlb9NdW7pTIiMwMg25ogAwPH6tSPCTNt6cWxXxXNEIoYuvZKj_1uFZ26ExbZG7h-7QElwDMmv8-O6D8Zdv5Zh4HBlEjwUAvJs2B9149jKtjnstDVBXxhCnrSIwGbmJTVTzz_hR19xUag1RircSHiKDr6qlsp7RGTZlv5WxJBk2lERTlyqHSJ4Jm-cTsQS8-KiY56xDrXUggEeZTB2M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.astrodreamadvisor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-21 02:44:34	Name: ts Value: vreXpYrS%3D1798009067%26vteXpYrS%3D1703316467%26vr%3D9577391818c0a552e0458253fe25d790%26vt%3D9577391818c0a552e0458253fe25d78f%26vtyp%3Dnew
.paypal.com/	1970-01-21 02:44:34	Name: ts_c Value: vr%3D9577391818c0a552e0458253fe25d790%26vt%3D9577391818c0a552e0458253fe25d78f
.astrodreamadvisor.com/	1970-01-21 02:30:10	Name: __gads Value: ID=f4e5b84cf35fe53a:T=1703314668:RT=1703314668:S=ALNI_MZt0yQWJhMMgBMZZABHfKxqgVHyMw
.astrodreamadvisor.com/	1970-01-21 02:30:10	Name: __gpi Value: UID=00000d2765a0deed:T=1703314668:RT=1703314668:S=ALNI_MZk9uy-XQ9VYXu_0HovUXPoVX5H6g
.doubleclick.net/	1970-01-21 02:30:10	Name: IDE Value: AHWqTUnxjhbVLKOGDqZeayWeKV69thtzBpqWl0m7UAITbgocNiZuDwjiEppKXMdhS0Y
.googleadservices.com/	1970-01-20 19:18:10	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.astrodreamadvisor.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
142.250.185.130
151.101.65.21
192.111.153.210
192.229.221.25
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
06c21810a25490008992a167dff7a2edeeec5df9b49bb17fdaa1a32a3100ada6
0eaca057888d6395b46ed9302eee57488dd905f7d753fd102278b31d463c6b6b
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
149907408b7f6b6306e89285716bc09867f22bb2f356d790a509a69f4ae5f88b
1affb4d1eabc9de58f3fa68993da8ebe62fb75dc2fa2e3c66e512d1fc2dfd732
1e7439b128eaa99049ec8850b25ef27016eac502147f37ee0f3e44ddea0b9c4a
1fb6f01f183a1ac24999d1dbacfc1ab7150ee3b114435db3828822a83e9225bb
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
372be688e845f11a4b4573e342ff4b0ac565d98dacdd8e06a9d35016268d9bb6
3c8e6def56728231435aed30c385114c7823eea5779628bca826b762e3f33d0e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4488333adcd7deb7572caaa680e1a4d9df638ed0738f20b064408fd67fac9428
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
47c16b8572a745ba01457021e38c6f958fdcc41876ef32fa49e2a97a139cefa3
4a88c977ae00f5e28f01fa8c9326ec67d5c2ff48a500df6cd6153307a876fb84
4fb15dce7fe6fe37f90017fb3a173263d2698ca0d530da6a30d4383afebdfffe
54c9a7c7c3389fdbbe82968ac8778e3c67da4d05cf34c112b459748696bb3493
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5880a129f190db62c29668de687f818d80109ef1d0f92a76bc3c84e4ead15193
607119050104843e315d355b44b1f37878d53031008a40c1f949f7674d369033
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
694d090429f195703de7eccc28fec8201942eb66874e9a209dbe997743d216f9
6acca8235010003cccecb17adae1b51751e7bd80b77193fc83fa1de33e7a2503
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7128375e893d61f5c0164d1a649656e5ff5e5b14e9c58c5a6fe12fe9b2d3eee0
7244aa86951c77b73672aa9f94f2cdfb63f3fdd98fe3958be49527ce12992a26
7821774c5ff964f8eb6fbb52e4fa72b2704c1a0fb78813650a81e721e7c69e92
7d725a13e19e019283d5fee08ed0135495e5ad4b1e97f951a02967117b8b36ff
7ff75687adb8341f10a09ab05e228997287173e41649f849538317f907814667
802ebef34690190997f2df16679eede5f2b77e3fea52e677f4949dbc55dbd1bc
85cf8ad45486925e12baef5a62c06666cf0f860dd340bebb92f4659199ba281f
881e549ac88d1303e743c3b3450a75bcd4d0eb4230c0bb0f5c41398a08dc37a7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d68091fdbcbded2ed9f8a83f5844d3746d3e90760017a5483b18692d043f073
8f26adcf4d5c77b70370429c72b4fee8ceb984846d8c4c4f05c7336669fd0820
90c6e6af93994981046eb99ab04666fb71d7f896b8c4a90716460de7be257482
936fc26f24d904e9a61c0fa0e6e9ff64d198ad101dea550112c5ee45fabd212d
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9db8806409a6faea28f77e800c6a0c8a2660a6d2c3bb4f481e8daa1aab5ac93f
9e90cfe121bb393b8862584646d8423ca1f27229344d6d4e80d34a0c4278a5d5
a387ff4a942b08b486b4f2f3d9960f07730d739708cf8bfad9b9da3108755018
ab00920a9d5d0d862c2e71a344a8bab1a5e157fa127f678a798ff90826db2f55
ad38d8b4f11190203d064d676411357a65ab8e6c525b6b011e7f83181c2e4875
b70b594be3c2d44a6e8417dce6b4a6c1ac8afaf4d82719bb37e09ad57644cb1d
b909cb6a8638e4bbfce915aed3413ced0acfebe11bdb51bb43ea95e0b9680cd5
c08f916458d7bdeaa4f6788d85890fc30bfd1ff34e70b6febe9f001c25af3d1c
c0ed1f02e94a467045105e8ec2d242d52a614ba6028f8c7d926edab4fdbef736
c3e924e789f3078ec8f166eafac1d28142a93e9e827cbe00818669cfb02fe1fa
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c8e3991a60951b26a50ba41a36c8a55dd09593fcb556d1368ed5e2dc04be3ed6
c93dd298a227decbcbc5fcc458c787f081db10425e322950458c08e0656384d7
d1295cc68308afb667f70a733dfd0858a77e5198040e5aa5bbf196615a6040b8
d203a5122a17fb56ef4fbbdded8bca3939c1debd00143e45446df6b5c051a7c4
d4510dd9051067615ffcad20570858256bb46c8087e256184eaec3ff514d0034
de04008749cf9cfc88fc1a95d1566c053297e39fbba5376181b843f3ee798e90
e09494b7bc09fe0d4dd8e389b158296ec7e06a486d7e76cfe69714fb171458f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57cda6879edd9e99af440e21cc7514a1fd488e07fe20866a89c971186f6d15a
e640de8e3bfb9c7f4d7ffbbaff6e85b1f15416db093353e09d5652d4201adae5
ea0a8ef8b50fa1400580a7bfdd922f505bafc7ecdf0592fc4d0b3dd81aebb9e2
eb70a8f8a90ca4b880e7533dde7eebbc0baced626956062fb4db076641cce019
ecf48807a84b1856327f8d8dace38ff704b03a10e006b2c5c54978be54a163f3
f0a51e917ab7b05f99fe534bb85455422c1fd053f5da85132b1248ee59123584
f20de2848dd5f9934f0d23f42a2cef6edc90c2de5b7c8dbf8142d3efb8af94fd
f46fab7af64ed7ccd261853a904f4575ec569f96189425ad76b8992b814edc38
f559b968cc98847ed02f84bc79bddb944811a7cec7f8162dae6590f3fd556b16
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
fee1d6ce225ce833a452e19ff471fc71e592c703c50b7f5a69d91c9acef4a48d
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.astrodreamadvisor.com Open in urlscan Pro 192.111.153.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

81 Requests

42 %HTTPS

67 %IPv6

10 Domains

12 Subdomains

12 IPs

2 Countries

891 kBTransfer

1772 kBSize

6 Cookies

0 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.astrodreamadvisor.com Open in urlscan Pro
192.111.153.210 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

42 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

12
IPs

2
Countries

891 kB
Transfer

1772 kB
Size

6
Cookies

81 HTTP transactions
1 data transactions