nhsdesigns.com Open in urlscan Pro
51.178.211.233 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nhsdesigns.com/
Effective URL:
https://nhsdesigns.com/
Submission: On September 30 via api (September 30th 2021, 11:00:41 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 51.178.211.233, located in France and belongs to OVH, FR. The main domain is nhsdesigns.com.
TLS certificate: Issued by R3 on September 23rd 2021. Valid for: 3 months.

This is the only time nhsdesigns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 13	51.178.211.233 51.178.211.233	16276 (OVH) (OVH)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
56	11

13 51.178.211.233 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ip233.ip-51-178-211.eu

www.nhsdesigns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nhsdesigns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	205 KB
13	nhsdesigns.com 2 redirects www.nhsdesigns.com nhsdesigns.com	68 KB
7	ampproject.org cdn.ampproject.org	126 KB
4	doubleclick.net googleads.g.doubleclick.net	27 KB
2	google.com adservice.google.com www.google.com	2 KB
1	exactag.com m.exactag.com	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	853 B
1	googleadservices.com partner.googleadservices.com	656 B
56	9

	Domain	Requested by
20	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	nhsdesigns.com	nhsdesigns.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	nhsdesigns.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.nhsdesigns.com	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	m.exactag.com	googleads.g.doubleclick.net
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
56	12

This site contains no links.

Subject Issuer	Validity	Valid
nhsdesigns.com R3	`2021-09-23` - `2021-12-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://nhsdesigns.com/
Frame ID: B460AB1CBCFEFB5E0F0160D082336F1F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html
Frame ID: 4BA509D0B60662BE72605EB768FCF767
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4367901840443310&output=html&h=600&slotname=2005142711&adk=269399880&adf=3498200854&pi=t.ma~as.2005142711&w=160&lmt=1632999636&psa=0&format=160x600&url=https%3A%2F%2Fnhsdesigns.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636713&bpp=4&bdt=110&idt=72&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=2949804737243&frm=20&pv=2&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=440&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20210927&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=82V4QXCmP5&p=https%3A//nhsdesigns.com&dtd=88
Frame ID: 91C72CDF6D8312EC3134CA97172B51C8
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4367901840443310&output=html&adk=1812271804&adf=3025194257&lmt=1632999636&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnhsdesigns.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636729&bpp=1&bdt=126&idt=81&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=2949804737243&frm=20&pv=1&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210927&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=87
Frame ID: 48B56B90232BCB4CB3B710CCA5B5431A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7C936D11DE50730115A0EF60ADDB099F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55006741AC62B7CCF170DE2E129866BC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NHS Designs - Natomas High School Design Department - Sacramento, California

Page URL History Show full URLs

http://www.nhsdesigns.com/ HTTP 301
https://www.nhsdesigns.com/ HTTP 301
https://nhsdesigns.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

56
Requests

98 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

458 kB
Transfer

1251 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nhsdesigns.com/ HTTP 301
https://www.nhsdesigns.com/ HTTP 301
https://nhsdesigns.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
nhsdesigns.com/
Redirect Chain

http://www.nhsdesigns.com/
https://www.nhsdesigns.com/
https://nhsdesigns.com/

4 KB
5 KB

46ms
23ms

Document
text/html

51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: ff5e8621efe5d1def288512134a7cfdb56a748ce32f84261f1dd4a338bef159f

Request headers

Host: nhsdesigns.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Server: Apache
X-Powered-By: PHP/7.3.30
Content-Length: 4492
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

Redirect headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Server: Apache
X-Powered-By: PHP/7.3.30
Location: https://nhsdesigns.com/
Content-Length: 0
Keep-Alive: timeout=5, max=200
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK main.css
nhsdesigns.com/css/ 6 KB
6 KB 18ms
18ms Stylesheet
text/css 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nhsdesigns.com/css/main.css
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: c230ebc672c171132d466673ac1f170b7926b392e5fc29b2c8c5b783d74fd358

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://nhsdesigns.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "7432b8bc3b4df7e62c0fd547719eec32"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: text/css; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199

GET
H/1.1 200
OK homepage.css
nhsdesigns.com/css/ 626 B
936 B 36ms
18ms Stylesheet
text/css 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://nhsdesigns.com/css/homepage.css
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: db4a707643ab11dfa5653e2641d86f6e78cf3f8d05e412aa7096d626f120eb17

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://nhsdesigns.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "d72a5a7372e98daed5381021798ed4eb"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: text/css; charset=
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=198

GET
H/1.1 200
OK spacer.gif
nhsdesigns.com/images/ 73 B
373 B 45ms
26ms Image
image/gif 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/spacer.gif
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: 0bdc126fa7d36e74fef40f938451a34c52774afc6b5afc7128a761d9f82891c2

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "65e9e1a49d61535cd63777064edc1dd3"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200

GET
H/1.1 200
OK header_graphic-design_home.gif
nhsdesigns.com/images/ 4 KB
5 KB 54ms
35ms Image
image/gif 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/header_graphic-design_home.gif
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: 37257bd75b9a2f9bbc3450ba44fb6c255ea3eb9269c459305f5e630c2028dd58

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "977dac99e79aa0b5c0f95792f38fb796"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200

GET
H/1.1 200
OK header_graphic-design-2_hom.gif
nhsdesigns.com/images/ 4 KB
5 KB 65ms
42ms Image
image/gif 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/header_graphic-design-2_hom.gif
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: f1c0d611621def4fd556c8a1660c71b58473ec31c7678fee7c1b387939e0cb2b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "986c415fcf30aae49193c34ca49cecbe"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200

GET
H/1.1 200
OK header_web-design_home.gif
nhsdesigns.com/images/ 4 KB
5 KB 66ms
44ms Image
image/gif 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/header_web-design_home.gif
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: 8189e131d34accd30996c886f55c39bf25a3b2b86adccf193e62d06bff118e0b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "8b69a597f23b3fe2b6cea263761fb515"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
49 KB 64ms
41ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: nhsdesigns.com
URL: https://nhsdesigns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d363be539b88b5b2857c83762ce6c60de6d6bf178e911911617ae8e5fb628fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50047
x-xss-protection: 0
server: cafe
etag: 10429482936258256532
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 11:00:36 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H/1.1 200
OK container-bg-homepage.gif
nhsdesigns.com/images/ 245 B
545 B 37ms
37ms Image
image/gif 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/container-bg-homepage.gif
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/css/homepage.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: 90453b2a18f6ba2e22aa4d0a171561cfd1ddc635f7a55b25cde40748be172a6a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/css/homepage.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/css/homepage.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "0148175aa3dfada00963c6dfb2d0a80a"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=197

GET
H/1.1 200
OK banner.jpg
nhsdesigns.com/images/ 30 KB
30 KB 43ms
43ms Image
image/jpeg 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/banner.jpg
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: a26a44d500060087c218950268e8c7f9ef6a9a4e13131b92122fa93b1982a80b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/css/main.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "9a0312fdb35a564f94289a771d2fae5d"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=200

GET
H/1.1 200
OK bullet.gif
nhsdesigns.com/images/ 49 B
349 B 38ms
38ms Image
image/gif 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/bullet.gif
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: 01f7b3012c343c1b3242949c51dfea6116fe5538e545176ae3b40745e4ce4785

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/css/main.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "72c6175ad73f45d3a3c0a76e43b6e7b4"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199

GET
H/1.1 200
OK footer.jpg
nhsdesigns.com/images/ 10 KB
11 KB 37ms
36ms Image
image/jpeg 51.178.211.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nhsdesigns.com/images/footer.jpg
Requested by: Host: nhsdesigns.com
URL: https://nhsdesigns.com/css/main.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.211.233 , France, ASN16276 (OVH, FR),
Reverse DNS: ip233.ip-51-178-211.eu
Software: Apache / PHP/7.3.30
Resource Hash: 09edcad37f8aa7bb0eecd64ef5285cb680e578c5d1e3bb4e057cc3afa3c3a72d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: nhsdesigns.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://nhsdesigns.com/css/main.css
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 11:00:36 GMT
Etag: "f2e6ac489c58029b73272687df498918"
Server: Apache
X-Powered-By: PHP/7.3.30
Transfer-Encoding: chunked
Content-Type: image/jpeg
Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Keep-Alive: timeout=5, max=199

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/ 255 KB
95 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_with_ama_fy2019.js?client=pub-4367901840443310&plah=nhsdesigns.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad0ec366281df6e9aeb1a76d38edbf62c2d76dc0acfff428755b085c8d1ebb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96614
x-xss-protection: 0
server: cafe
etag: 11187776091410035689
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 11:00:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/ Frame 4BA5 10 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210927/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nhsdesigns.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 30 Sep 2021 00:18:12 GMT
expires: Thu, 14 Oct 2021 00:18:12 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 38544
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
656 B 42ms
18ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=nhsdesigns.com&callback=_gfp_s_&client=pub-4367901840443310

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109220101/show_ads_impl_with_ama_fy2019.js?client=pub-4367901840443310&plah=nhsdesigns.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a4be61e6264dfbc7ffd7f006213ede802fba25c224f56f3ccc2ce179d0d7478b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 43ms
18ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nhsdesigns.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 41ms
18ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nhsdesigns.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91C7 180 KB
21 KB 738ms
737ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4367901840443310&output=html&h=600&slotname=2005142711&adk=269399880&adf=3498200854&pi=t.ma~as.2005142711&w=160&lmt=1632999636&psa=0&format=160x600&url=https%3A%2F%2Fnhsdesigns.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636713&bpp=4&bdt=110&idt=72&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=2949804737243&frm=20&pv=2&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=440&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20210927&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=82V4QXCmP5&p=https%3A//nhsdesigns.com&dtd=88

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19fa785ea803e2c2be27b5b22397e1e0a905377bffc0ad4059e9ca3a55e15a41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4367901840443310&output=html&h=600&slotname=2005142711&adk=269399880&adf=3498200854&pi=t.ma~as.2005142711&w=160&lmt=1632999636&psa=0&format=160x600&url=https%3A%2F%2Fnhsdesigns.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636713&bpp=4&bdt=110&idt=72&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=2949804737243&frm=20&pv=2&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=440&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20210927&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=82V4QXCmP5&p=https%3A//nhsdesigns.com&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nhsdesigns.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Sep 2021 11:00:37 GMT
server: cafe
content-length: 21323
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 11:15:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 11:00:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27596
x-xss-protection: 0
server: sffe
etag: "1632742284803949"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 11:00:36 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48B5 0
180 B 18ms
18ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4367901840443310&output=html&adk=1812271804&adf=3025194257&lmt=1632999636&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnhsdesigns.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636729&bpp=1&bdt=126&idt=81&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=2949804737243&frm=20&pv=1&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210927&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=87

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4367901840443310&output=html&adk=1812271804&adf=3025194257&lmt=1632999636&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fnhsdesigns.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636729&bpp=1&bdt=126&idt=81&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=2949804737243&frm=20&pv=1&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&alvm=r20210927&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=87
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nhsdesigns.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 11:00:36 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 11:15:36 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 11:00:36 GMT
cache-control: private

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109102127000/ Frame 91C7 189 KB
54 KB 85ms
15ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4367901840443310&output=html&h=600&slotname=2005142711&adk=269399880&adf=3498200854&pi=t.ma~as.2005142711&w=160&lmt=1632999636&psa=0&format=160x600&url=https%3A%2F%2Fnhsdesigns.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636713&bpp=4&bdt=110&idt=72&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=2949804737243&frm=20&pv=2&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=440&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20210927&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=82V4QXCmP5&p=https%3A//nhsdesigns.com&dtd=88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55506
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 07:49:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c42e3b94efe0099e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 07:49:48 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 91C7 13 KB
5 KB 88ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 11449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4995
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 07:49:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc03df60ee69192f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 07:49:48 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 91C7 89 KB
29 KB 75ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 12110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 07:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "283b6526337df106"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 07:38:47 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 91C7 71 KB
17 KB 84ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b706a52c0ae673c9803f61e3a901a23c78f6e845a3dc68036c5a4f72602953a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 144819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16796
x-xss-protection: 0
server: sffe
date: Tue, 28 Sep 2021 18:46:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "72e3028abbd677c0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Sep 2022 18:46:58 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 91C7 4 KB
2 KB 80ms
13ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 12110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 07:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b3f838efba7b15f2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 07:38:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ Frame 91C7 40 KB
13 KB 80ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 12110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
server: sffe
date: Thu, 30 Sep 2021 07:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e8049efde94274d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 30 Sep 2022 07:38:47 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 91C7 2 KB
3 KB 32ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Sep 2021 14:19:22 GMT
x-content-type-options: nosniff
server: cafe
age: 74475
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 30 Sep 2021 14:19:22 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 91C7 295 B
399 B 33ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Sep 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 73768
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 30 Sep 2021 14:31:09 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 91C7 43 B
1 KB 102ms
31ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=5&extPu=14058-gaw&extLi=14720566980&extCr=126293997526-547137348147&cb=352787129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 30 Sep 2021 11:00:37 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 30 Sep 2021 11:00:37 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1053
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 91C7 0
322 B 21ms
21ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Couqp1JhVYdfDMoicgAeMvpH4BqDRkb5l_s3kgbwOv-EeEAEgtvDwAmCVgoCAoAegAaLs5aEDyAEJqQJo8dumZ3WzPqgDAcgDCKoExQFP0FjkjUhVcz_RnZ6vTWTpqryjXzLciKYNK2ik6DQZueeWOWDpEILomBltKKhuRTLGlTuo6IVsrRT5XZ_h6f-YWEwaxEFGPgN76SgJgJIFzL4Ilsk4X4f_UO3n7N2f8XEA1yFRv7KMHl7YhR0cmF5V1RjPOng6TktlG9ILFW6KbKQlacLfZuBM9gVGNgMt9vpEK4AuGkusbG-i2tiOEfT6FRPh1hZPUOEoIms4PSuBlPZLzqpbsEHZYk3S0Lp7Be2pp8fTv8AE1u_VvdYDkgUECAQYAZIFBAgFGASgBi6AB8aTml6oB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcFEIavnQHSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDM2NzkwMTg0MDQ0MzMxMBgA&sigh=RsMrvD4KNm4&template_id=419

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4367901840443310&output=html&h=600&slotname=2005142711&adk=269399880&adf=3498200854&pi=t.ma~as.2005142711&w=160&lmt=1632999636&psa=0&format=160x600&url=https%3A%2F%2Fnhsdesigns.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632999636713&bpp=4&bdt=110&idt=72&shv=r20210922&mjsv=m202109220101&ptt=9&saldr=aa&abxe=1&correlator=2949804737243&frm=20&pv=2&ga_vid=581947014.1632999637&ga_sid=1632999637&ga_hid=1707236325&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=440&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062579%2C31062920&oid=3&pvsid=3184673778044932&pem=25&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&alvm=r20210927&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=82V4QXCmP5&p=https%3A//nhsdesigns.com&dtd=88
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Sep 2021 11:00:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 30 Sep 2021 11:00:37 GMT

GET
DATA 200
OK truncated
/ Frame 91C7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 976557cc0da2fc3ed2e7045c7458c85f15ff94a38f1a104597c066e8d5f3d26f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 txt1.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 1 KB
1 KB 29ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c127ab263ca343d49416651e74978e0d40f11b9368704ba366dcf4cedae2542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1175
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt2.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 1001 B
1 KB 30ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c3d933cdfda19482450538fc1e2d68677655ecae1faa08c0442939059e6ad19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1001
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt3.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 1 KB
1 KB 18ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ceb15edc0b265ff6c8d29a280feb88e67069d44fa88fbc2d80e27b7d76346c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt4.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 1 KB
1 KB 17ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt4.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37c17729ed361c3575eda30632590da31d6a5a85aef648c6ca638662fcbd225d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:07:51 GMT
x-content-type-options: nosniff
age: 13966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1288
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 07:07:51 GMT

GET
H2 200 txt5.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 959 B
1 KB 17ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec5ddd833b30630b0f546931e5e22390222079117ace51e8bc1fc3dae714bb29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 959
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt6.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 1 KB
1 KB 22ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt6.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d394e17329cc11ce3e81cc1e149404c635d86eb7e96834ccf8ee994be4a9b141

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1141
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt7.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 533 B
626 B 21ms
13ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt7.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b63007a3174760c08108d0aa24d3e58427eb9c4cb13df603f018e6caae17d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 02:51:56 GMT
x-content-type-options: nosniff
age: 115721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 533
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Sep 2022 02:51:56 GMT

GET
H2 200 txt8.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 970 B
1 KB 21ms
14ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc4e9ba34056a41f3a00cafa3b5cae24abbc1b4d018d920d22f991ccefadd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 970
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt9.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 834 B
899 B 20ms
13ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt9.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9bd829af28a533b03724da81e7a5457b7c482cf739b636894724480ba7ffae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 834
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt10.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 925 B
990 B 20ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt10.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e40258d0e56fe6ceb57e97467575204243f33e9fe96c8ff1b58e26dcb4aaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 925
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 txt11.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 797 B
890 B 19ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/txt11.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973292875912f22d290cf8349cb014daf9d9e812a0236c5eab08106788e3c3cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 06:44:01 GMT
x-content-type-options: nosniff
age: 15396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 797
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 06:44:01 GMT

GET
H2 200 puls.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 264 B
329 B 18ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/puls.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578cae41df0df65594afade1186fabac59635c17b0e4009c12da6dc5797cdd7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:20:23 GMT
x-content-type-options: nosniff
age: 304814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 22:20:23 GMT

GET
H2 200 pbc.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 4 KB
4 KB 18ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/pbc.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff209017101507ae884296ffa684849092551c04a63132727020d65bf267c751

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 06:36:52 GMT
x-content-type-options: nosniff
age: 15825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3771
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 06:36:52 GMT

GET
H2 200 CTA.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 771 B
864 B 19ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/CTA.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

881a66b3e64866371a3bbf0b4d1613860304514d3535f971ee98e9ab7d0e52a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 06:34:52 GMT
x-content-type-options: nosniff
age: 15945
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 771
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 06:34:52 GMT

GET
H2 200 DBx.png
tpc.googlesyndication.com/sadbundle/11499952086063864152/images/ Frame 91C7 5 KB
5 KB 19ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11499952086063864152/images/DBx.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82a198bbf42eb0a6355a17a7b0889412ad252c3fcf4a04ce2138fc8c57786cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 06:40:00 GMT
x-content-type-options: nosniff
age: 15637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4919
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 07:38:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 06:40:00 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012109102127000/ 20 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-host-v0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea837fce2c9f11270b9b941e875abb7403de8dcfa960350eab3524663869d6ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 144792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7337
x-xss-protection: 0
server: sffe
date: Tue, 28 Sep 2021 18:47:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "baff4e4cf8d00f8d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 28 Sep 2022 18:47:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 43ms
22ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00e014b5554fa02f4b8dfaded1e891758291fbb76584ddece6d6d254716e854f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10863
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 30 Sep 2021 11:00:37 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7C93 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nhsdesigns.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 30 Sep 2021 10:06:09 GMT
expires: Fri, 30 Sep 2022 10:06:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5500 783 B
1 KB 42ms
19ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c85852580f32672622c09a21abc9a02e4189fa6caecca967d60a6d978a85721

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bTF+U5r4U3TsCyzkhPq/1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://nhsdesigns.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 30 Sep 2021 11:00:37 GMT
date: Thu, 30 Sep 2021 11:00:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bTF+U5r4U3TsCyzkhPq/1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C93 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 06:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 30 Sep 2022 06:07:23 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5500 0
0 31ms
31ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=3184673778044932&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 7C93 0
39 B 11ms
10ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XZP4ow
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:00:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 33ms
33ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=3184673778044932&bg=!iYqlis7NAAZNQyuQTUM7ACkAdvg8Wgml1jAEE7Tf0ubgt8hpt7zMd24Npiya1g8LDaF5yyiNZDvfOwIAAAC0UgAAAAtoAQcKAA6AfRgj4BprqiYXPg15RZkDWmYAEmGpYAB0TNbN4cxzEqEp3-kVOOJumGwDJaSFNaiN1zqzm2HFQV4658evKZvq-APhesM18sxxPYb868HODgepzHvFPl0oRC5ipUvl2U3J7WsMsynuTako2xh8B7EU7dPpcokjW69tXyhAQd1lOF1jTmix1qZj___PcIf_RXF8wwZ1LkC4mqNWA0MdjpIiVeb_yGwiGtSssYVzbpcAC6Fn0Aeaw3fa5Va5Unf0JuE0sMoNi09dpFZNRhjLiT1D9IWYNIJ6ZjXg5dEiEZTz7RXJ0hZE_wPTc9STFa2cd0WP8rmsQxmCTF5KwW8pTH5_wRzZb6C9FSE-r5OkE1CHlXymMrqB0M1nARYofky9O936N7zSsYkBOpvxh2FTeeycojxp9NBSBDAA7ekcUvNNBfXN5DPvwS3w-Gb6qauJ3j2P9W7u2bdqLq40Qy5X2hRSeeU4YPHPk6O2LQEePkG-fdQyNNnrRn9aB_vG4RrYmqaxKdhoKw9fcdqobe1dgimMIWvisohdLD-9cV7COJwYacLcMfRosfxOW1Up5KY1ADwsfT_Z59p3xatR4lMujMRejL_3zLKayVsRXmeVnbdzL2v92WP2pKwu3qHGeTSamEJ1KvZTXVEh7pqD_YbGVSo6uUZi05i2Og823WPpkfTdKf5QrKbxBpEUeGySFILdJBgcOb4mKHOBVnFe-OPZoy0zPItnPkBb-ETbDBo_v103cEHTRIIJLKofLQ8OL7YD17DW6olCDnv_cM15Mm6lx8xnjmRZDU2XZb0bWHDGAtBh-DbP1CQ1RHB5llEgrdAxoCvbCFFeVcbEvCApCKOQMOvuZzaiI3PAVJu8f0Aq4b9fg5LTIMlM_KAvWF91mYtVs44ZNBdnXdzIMD7XpTl31-yi9IF6GQGKh_at-T8Lj1sPublpJHp1ySFIKUDNtxq1mTv5-VYF_nYyh3Ge6jhp_5uwgI0K0eNr8K3AlWSc3Z6FzM0SyX6i8HIctdC4sVZ0KnWPWSjZuCKIC30smxFG7BukpF1fWxq8i2Q7XO_24lw53Mpis9BubOVz3tdoEbxzmlwPHf8XEAZk-Qnw4ipzBXh_U3xFZwlDQrgPDInldN-FVH3IvSU9TfRbp6DNabnmtIrnT4htv9IrgwKl_w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nhsdesigns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 91C7 42 B
176 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8CF2A9e0u23JwEElr2jrnqJGQEHbgno1fKi6CHJWnSk_mnP8hgBqPlWIHWm2I0v0PStjdyPJAgK7kCzhfn1QBx32ZpC3FfJlGZkcYE_QVJ6c9MW4g8Q&sai=AMfl-YSeAP5klTkXgdWnBxJulh_CslFUg04wZhREz2NYb1yVLSgzffiED9SZkLihEg7P9wD2SMLK7CgObzIB&sig=Cg0ArKJSzNIpuy7noN87EAE&id=ampim&o=440,666&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=106&tls=1106&g=88.99999856948853&h=88.99999856948853&tt=1107&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=269399880

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 11:00:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nhsdesigns.com/	1970-01-20 06:58:15	Name: __gads Value: ID=5820a3d379620c68-22eccc7483c90004:T=1632999636:RT=1632999636:S=ALNI_MZ-o3MScsp3eaBeI8miMpKZqyc-KA
.doubleclick.net/	1970-01-20 06:58:15	Name: IDE Value: AHWqTUkFOed6YOTpmVYztITBPIcEgvdbl5zyTmK3JkiDCTZo8OQC8mDks05eAX-gjUI
m.exactag.com/	1970-01-19 23:46:15	Name: exactag_new_gk Value: 2739d4c5dbe64720b3fc5338c46a7aed%7c29.11.2021+11%3a00%3a37
m.exactag.com/	1970-01-20 01:55:51	Name: exactag_new_uk Value: df039c27a0ef49b382649a5cbac9574a%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 8c607fc641c64c90b43370cf

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://nhsdesigns.com/ Message: Mixed Content: The page at 'https://nhsdesigns.com/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.ampproject.org
googleads.g.doubleclick.net
m.exactag.com
nhsdesigns.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.nhsdesigns.com
pagead2.googlesyndication.com
142.250.186.130
213.202.235.8
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2001
51.178.211.233
00e014b5554fa02f4b8dfaded1e891758291fbb76584ddece6d6d254716e854f
01f7b3012c343c1b3242949c51dfea6116fe5538e545176ae3b40745e4ce4785
09edcad37f8aa7bb0eecd64ef5285cb680e578c5d1e3bb4e057cc3afa3c3a72d
0bdc126fa7d36e74fef40f938451a34c52774afc6b5afc7128a761d9f82891c2
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
19fa785ea803e2c2be27b5b22397e1e0a905377bffc0ad4059e9ca3a55e15a41
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37257bd75b9a2f9bbc3450ba44fb6c255ea3eb9269c459305f5e630c2028dd58
37c17729ed361c3575eda30632590da31d6a5a85aef648c6ca638662fcbd225d
3ad0ec366281df6e9aeb1a76d38edbf62c2d76dc0acfff428755b085c8d1ebb6
4c127ab263ca343d49416651e74978e0d40f11b9368704ba366dcf4cedae2542
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
578cae41df0df65594afade1186fabac59635c17b0e4009c12da6dc5797cdd7f
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
5b706a52c0ae673c9803f61e3a901a23c78f6e845a3dc68036c5a4f72602953a
6b63007a3174760c08108d0aa24d3e58427eb9c4cb13df603f018e6caae17d62
7dc4e9ba34056a41f3a00cafa3b5cae24abbc1b4d018d920d22f991ccefadd1f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8189e131d34accd30996c886f55c39bf25a3b2b86adccf193e62d06bff118e0b
82a198bbf42eb0a6355a17a7b0889412ad252c3fcf4a04ce2138fc8c57786cd9
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
881a66b3e64866371a3bbf0b4d1613860304514d3535f971ee98e9ab7d0e52a2
90453b2a18f6ba2e22aa4d0a171561cfd1ddc635f7a55b25cde40748be172a6a
973292875912f22d290cf8349cb014daf9d9e812a0236c5eab08106788e3c3cb
976557cc0da2fc3ed2e7045c7458c85f15ff94a38f1a104597c066e8d5f3d26f
9c3d933cdfda19482450538fc1e2d68677655ecae1faa08c0442939059e6ad19
9c85852580f32672622c09a21abc9a02e4189fa6caecca967d60a6d978a85721
a26a44d500060087c218950268e8c7f9ef6a9a4e13131b92122fa93b1982a80b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4be61e6264dfbc7ffd7f006213ede802fba25c224f56f3ccc2ce179d0d7478b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b8e40258d0e56fe6ceb57e97467575204243f33e9fe96c8ff1b58e26dcb4aaca
b9bd829af28a533b03724da81e7a5457b7c482cf739b636894724480ba7ffae4
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
c230ebc672c171132d466673ac1f170b7926b392e5fc29b2c8c5b783d74fd358
ceb15edc0b265ff6c8d29a280feb88e67069d44fa88fbc2d80e27b7d76346c34
d363be539b88b5b2857c83762ce6c60de6d6bf178e911911617ae8e5fb628fb4
d394e17329cc11ce3e81cc1e149404c635d86eb7e96834ccf8ee994be4a9b141
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
db4a707643ab11dfa5653e2641d86f6e78cf3f8d05e412aa7096d626f120eb17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
ea837fce2c9f11270b9b941e875abb7403de8dcfa960350eab3524663869d6ff
ec5ddd833b30630b0f546931e5e22390222079117ace51e8bc1fc3dae714bb29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c0d611621def4fd556c8a1660c71b58473ec31c7678fee7c1b387939e0cb2b
ff209017101507ae884296ffa684849092551c04a63132727020d65bf267c751
ff5e8621efe5d1def288512134a7cfdb56a748ce32f84261f1dd4a338bef159f

nhsdesigns.com Open in urlscan Pro 51.178.211.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

98 %HTTPS

70 %IPv6

9 Domains

12 Subdomains

11 IPs

3 Countries

458 kBTransfer

1251 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

nhsdesigns.com Open in urlscan Pro
51.178.211.233 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

98 %
HTTPS

70 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

458 kB
Transfer

1251 kB
Size

5
Cookies

56 HTTP transactions
1 data transactions