taxcalculatorphilippines.com Open in urlscan Pro
198.54.115.143 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://taxcalculatorphilippines.com/
Effective URL:
https://taxcalculatorphilippines.com/
Submission: On December 15 via api (December 15th 2023, 3:16:10 am UTC) from US — Scanned from DE

Summary HTTP 137 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 8 countries across 25 domains to perform 137 HTTP transactions. The main IP is 198.54.115.143, located in United States and belongs to NAMECHEAP-NET, US. The main domain is taxcalculatorphilippines.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 22nd 2022. Valid for: a year.

This is the only time taxcalculatorphilippines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	198.54.115.143 198.54.115.143	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4009:817::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	66.102.1.156 66.102.1.156	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:67::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:14::6	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:17::9	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 11	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:21::1720	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	213.155.156.181 213.155.156.181	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	23.32.185.35 23.32.185.35	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
2 2	3.121.34.204 3.121.34.204	16509 (AMAZON-02) (AMAZON-02)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:e076:33cd:685:7924	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:9b4::1ec4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	130.211.44.5 130.211.44.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
137	29

7 198.54.115.143 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server202-3.web-hosting.com

taxcalculatorphilippines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4009:817::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:67::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5ednly.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:14::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5lznek.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:17::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednde.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.181 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.35 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-35.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.34.204 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:e076:33cd:685:7924 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:9b4::1ec4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

secure.insightexpressai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.44.5 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.44.211.130.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	501 KB
31	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	204 KB
23	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	111 KB
11	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	406 KB
9	2mdn.net 3 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r2---sn-4g5ednly.c.2mdn.net — Cisco Umbrella Rank: 422343 r1---sn-4g5lznek.c.2mdn.net — Cisco Umbrella Rank: 398168 r4---sn-4g5ednde.c.2mdn.net — Cisco Umbrella Rank: 344002	2 MB
7	taxcalculatorphilippines.com 1 redirects taxcalculatorphilippines.com	97 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	815 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1299	451 B
2	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	725 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	653 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	316 B
1	doubleverify.com tps.doubleverify.com — Cisco Umbrella Rank: 505	162 B
1	insightexpressai.com secure.insightexpressai.com — Cisco Umbrella Rank: 1392	2 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	717 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	555 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	611 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	714 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	588 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	65 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	84 KB
137	25

	Domain	Requested by
22	pagead2.googlesyndication.com	taxcalculatorphilippines.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
14	csi.gstatic.com	imasdk.googleapis.com
11	cm.g.doubleclick.net	2 redirects taxcalculatorphilippines.com googleads.g.doubleclick.net
7	taxcalculatorphilippines.com	1 redirects taxcalculatorphilippines.com
6	fonts.gstatic.com	fonts.googleapis.com
6	imasdk.googleapis.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
3	ade.googlesyndication.com
3	gcdn.2mdn.net	3 redirects
3	bid.g.doubleclick.net	imasdk.googleapis.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	pm.w55c.net	2 redirects
2	sync.teads.tv	1 redirects
2	dis.criteo.com	googleads.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	r4---sn-4g5ednde.c.2mdn.net	googleads.g.doubleclick.net
2	r1---sn-4g5lznek.c.2mdn.net	googleads.g.doubleclick.net
2	r2---sn-4g5ednly.c.2mdn.net	taxcalculatorphilippines.com
2	region1.google-analytics.com	www.googletagmanager.com
1	tps.doubleverify.com
1	secure.insightexpressai.com
1	googleads4.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	www.googletagmanager.com	taxcalculatorphilippines.com
137	37

This site contains links to these domains. Also see Links.

Domain
www.bir.gov.ph

Subject Issuer	Validity	Valid
taxcalculatorphilippines.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-22` - `2023-12-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-12-05` - `2024-02-13`	2 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.insightexpressai.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-16` - `2024-03-15`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://taxcalculatorphilippines.com/
Frame ID: 5BCCF7FDBE4DB476B30724E11044ABBB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: CD19A9CEEAAAC91B039C9F2F4652CF5A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&adk=1812271804&adf=3025194257&lmt=1702610164&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164671&bpp=5&bdt=360&idt=196&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8717328310171&frm=20&pv=2&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=212
Frame ID: D18D457E3C3567177841FA4091E6B80F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Frame ID: DB13902B78EAB488F05040AA8575A226
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: 02245F5A712CD1746AEBB4F951A8F3FD
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Frame ID: 067A4D897D964A1EBF6232645E096475
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D781AD470ADD949842D56256FF7892EF
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 54E7115465E90146ED4DC7337578A5DD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C7F574B70F13F7F6DB6605E5A5C1798C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 2EFDFF1CD47F97DB7BAF180CE34E0267
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E657063292EACB58672A08A763B8080
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1121798339EDEA86889A8F3B447A84D8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5B86ED06C6AC25679E1C7F7F57D758E5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 75FD281F10495AAF7DE09EDB91EB2E36
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FFB6BE43ACCF5ED617845771056AAC29
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5E39C87367587F106A5A148E5179D19
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F075CD0065E1C791E38E4F6D4619BF8C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tax Calculator Philippines 2023

Page URL History Show full URLs

http://taxcalculatorphilippines.com/ HTTP 301
https://taxcalculatorphilippines.com/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

137
Requests

87 %
HTTPS

56 %
IPv6

25
Domains

37
Subdomains

29
IPs

8
Countries

3147 kB
Transfer

6558 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bir.gov.ph/images/bir_files/internal_communications_2/RMCs/2018/WT%20table.pdf
Title: BIR Tax Table

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://taxcalculatorphilippines.com/ HTTP 301
https://taxcalculatorphilippines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 58

https://gcdn.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/42E7D5F5A664CB39833C388C55C2731AC6D5805E.7A82513830BD98CE3D8060CAD6962D55EB72AD/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5115C65B5D2CCE5DA12C56405EE6B4FFC7A4D6CE.77BCBCFCBB20FC9DE93928BB4D24296D36EB40C4/key/cms1/cms_redirect/yes/mh/bJ/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5ednly/ms/onc/mt/1702608990/mv/u/mvi/2/pl/43/file/file.mp4

Request Chain 78

https://gcdn.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A665FDBF356EFAE212CA7EB9022114D778DBE067.99F2423C9E0B3B3839707D8811147255A86C3B6D/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/47D72A43AAEF4BDDD3245978666211CFB5B2A3FA.800D9F21CF61F6EE2C3EAF27E0260D246E99D827/key/cms1/cms_redirect/yes/mh/Xd/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5lznek/ms/onc/mt/1702608990/mv/u/mvi/1/pl/43/file/file.mp4

Request Chain 81

https://gcdn.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2B280648CD92E4DC8B4B7F2506B3DCEA02134B76.28A985E5ADB2BCB2AE4D356025775974E92D7ED9/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5D425962863C5B5F8519D1522D18CB959E4AD15D.6DC4F91E85ED80715B3869371535ABF755985DE9/key/cms1/cms_redirect/yes/mh/l4/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5ednde/ms/onc/mt/1702608990/mv/u/mvi/4/pl/43/file/file.mp4

Request Chain 83

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGCfETfiq_qA-3jEmSZeW9U&google_cver=1&google_push=AXcoOmTyfO4Z0JD9xOyc1Alcmet-oxjI-fxptZPfFCJWxyRnnuwT623gpl-Trb4OuUuwXPF-Tf5iKCTMlEOg0jC0vK2dGpdz9uN1DBD1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI5ODkzNzgxNTI5MDM2MzU5Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcSgl--GP8Qa3BmkNvey0Y&google_cver=1

Request Chain 86

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGulQqbhrChyh-13DK7vKOM&google_cver=1&google_push=AXcoOmSQufdI3mDgvtBZ84ZP0-qITNWc3etPS4SwE2dy4Rf882mcFQ73JrdA1jLDO50z37W_J6vpv-xCPf_55oMf2Z5LJnRsDIjU2nqG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjY1NDk4MDgwODg5ODcxMQ%3D%3D&google_push=AXcoOmSQufdI3mDgvtBZ84ZP0-qITNWc3etPS4SwE2dy4Rf882mcFQ73JrdA1jLDO50z37W_J6vpv-xCPf_55oMf2Z5LJnRsDIjU2nqG

Request Chain 87

https://d5p.de17a.com/cookies/google?google_gid=CAESEO_WDA4bHk0VJzFdN-eO79M&google_cver=1&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3yDn7aCLvM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO_WDA4bHk0VJzFdN-eO79M&google_cver=1&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3yDn7aCLvM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3yDn7aCLvM

Request Chain 89

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENRmok6fqg8m0nYB1X-rqf8&google_cver=1&google_push=AXcoOmRyM4L_GC2azjMfq_1RhTg0n5zkWGFufS45R6OVu7o-cLdGDUgVcGCRpmL7_2u0fmkmFers10M_0pywCYLFabhEf8fhXtd-_ezTuQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRyM4L_GC2azjMfq_1RhTg0n5zkWGFufS45R6OVu7o-cLdGDUgVcGCRpmL7_2u0fmkmFers10M_0pywCYLFabhEf8fhXtd-_ezTuQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 92

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cver=1&google_push=AXcoOmQ7TvqIG_hUoaLrCbTFfSkJ1xRZy7xoxTQJ9BwIAkijw5gtDvcu1_Rns4BP8q9Yr6eJ8PJsiZd_oQtL34gij6IJnCWo2tOuKIM HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cver=1&google_push=AXcoOmQ7TvqIG_hUoaLrCbTFfSkJ1xRZy7xoxTQJ9BwIAkijw5gtDvcu1_Rns4BP8q9Yr6eJ8PJsiZd_oQtL34gij6IJnCWo2tOuKIM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ODRiamRXUE8xUmRZR2k1&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cver=1&google_push=AXcoOmQ7TvqIG_hUoaLrCbTFfSkJ1xRZy7xoxTQJ9BwIAkijw5gtDvcu1_Rns4BP8q9Yr6eJ8PJsiZd_oQtL34gij6IJnCWo2tOuKIM

Request Chain 93

https://um.simpli.fi/gp_match?google_gid=CAESELnLlZ4DBMFEaDJeEeGLyqA&google_cver=1&google_push=AXcoOmR09xVJjGEvcj77YoMg9dvFFyKVGgu_q5i7pZR8ht6YodgHqRrGqESTFN0qNdtcWzFynnXa_fSM32Nfrg4XldeccWbBcJQrFxnE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8248667396AE4E40A42EE21C3780017F&google_push=AXcoOmR09xVJjGEvcj77YoMg9dvFFyKVGgu_q5i7pZR8ht6YodgHqRrGqESTFN0qNdtcWzFynnXa_fSM32Nfrg4XldeccWbBcJQrFxnE

Request Chain 94

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN43nBAg20LiXNhfGTFzM6M&google_cver=1&google_push=AXcoOmQhoxQiIokmgUQMjDLPkELOLSOgZP2dIzVSIkzEjK5e6fzLKxeoaoflUQP80jsw6UNGq4wZvq_zzPx0fmMzf0DJQlU0-GFx8aXl HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhoxQiIokmgUQMjDLPkELOLSOgZP2dIzVSIkzEjK5e6fzLKxeoaoflUQP80jsw6UNGq4wZvq_zzPx0fmMzf0DJQlU0-GFx8aXl&google_hm=fri5qOmgSDygcZgJ3srshCo

Request Chain 95

https://ads.travelaudience.com/google_pixel?google_gid=CAESED1AZV0OkuZHyTxSrYaShZQ&google_cver=1&google_push=AXcoOmTLwbNgzuuwaVPzRGKegGRKc2u916ZO0PtPhzfQY4fXvoxYbstC6urPIsXBKFlRIOtUJX9lRp0-5oRg1dD1zsuURbCQB7gN6li- HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yjxiuEi0SBke6saH3OLcuA&google_push=AXcoOmTLwbNgzuuwaVPzRGKegGRKc2u916ZO0PtPhzfQY4fXvoxYbstC6urPIsXBKFlRIOtUJX9lRp0-5oRg1dD1zsuURbCQB7gN6li-

Request Chain 96

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFLdiX-Zopd5lTTook3Egyc&google_cver=1&google_push=AXcoOmT9UPFaWTVzjFVhLgBnMIYKXl8C8BwborRM0bP7L4SlgECSoT_-ADkq6SeYK1Wdh1oWo2OdIl9uLzyKHi_0IVUnWLCsGzVmBvU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9UPFaWTVzjFVhLgBnMIYKXl8C8BwborRM0bP7L4SlgECSoT_-ADkq6SeYK1Wdh1oWo2OdIl9uLzyKHi_0IVUnWLCsGzVmBvU&google_hm=eS1uUjE0WXNWRTJwR1ltOHRlSVlGSHdVYm9TdEtDZFRMMX5B

137 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
taxcalculatorphilippines.com/
Redirect Chain

http://taxcalculatorphilippines.com/
https://taxcalculatorphilippines.com/

13 KB
4 KB

552ms
161ms

Document
text/html

198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 8ef4e18c88bb7b0a322fefe9dfe4a27afba8583f29ad89a918d218e194391375

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 15 Dec 2023 03:16:04 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 707
content-type: text/html
date: Fri, 15 Dec 2023 03:16:03 GMT
keep-alive: timeout=5, max=100
location: https://taxcalculatorphilippines.com/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 styles.css
taxcalculatorphilippines.com/assets/ 9 KB
2 KB 159ms
157ms Stylesheet
text/css 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/assets/styles.css
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 08a99a3a639df4bbd0c23c97891d1ae067855d7f0e294695b92d0fde28947399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
content-encoding: br
last-modified: Sun, 11 Apr 2021 05:00:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2040
expires: Fri, 22 Dec 2023 03:16:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 68ms
33ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JPJ3E6T5V

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb3a9b167229e33749d13ef5a3669d7b6d1b8faaef507d9a91ae32d844bb1f59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85454
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Dec 2023 03:16:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 142ms
105ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

987e41b7f23fa5f5466c31ac7c1755ae5448a32ca229769389c17b3c9a871b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51500
x-xss-protection: 0
server: cafe
etag: 16342422917974318953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 03:16:04 GMT

GET
H2 200 tax-calculator-philippines-logo.png
taxcalculatorphilippines.com/images/ 2 KB
2 KB 159ms
158ms Image
image/png 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxcalculatorphilippines.com/images/tax-calculator-philippines-logo.png
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9a95a08a0127de910d72e2ba594453369733395c9d7469861525cea10fab4269

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
last-modified: Tue, 27 Aug 2019 20:59:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2137
expires: Fri, 22 Dec 2023 03:16:04 GMT

GET
H2 200 bir-tax-table-for-tax-calculator-philippines.jpg
taxcalculatorphilippines.com/images/ 86 KB
86 KB 159ms
158ms Image
image/jpeg 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxcalculatorphilippines.com/images/bir-tax-table-for-tax-calculator-philippines.jpg
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 9846a7c9c6bba965eb99a7f26c99867b5978352f8b0af1f2c5986cdde6c53ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
last-modified: Sat, 31 Aug 2019 07:30:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 87862
expires: Fri, 22 Dec 2023 03:16:04 GMT

GET
H2 200 nav.js Show response
taxcalculatorphilippines.com/assets/ 702 B
464 B 511ms
511ms Script
application/javascript 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/assets/nav.js
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 83f20cebf2b01ff7902f42417acc3edaa6a53993fbaaa9d504656a30d5f10179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
content-encoding: br
last-modified: Sat, 31 Aug 2019 04:44:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 230
expires: Fri, 22 Dec 2023 03:16:04 GMT

GET
H2 200 app.js Show response
taxcalculatorphilippines.com/assets/ 8 KB
2 KB 483ms
483ms Script
application/javascript 198.54.115.143
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://taxcalculatorphilippines.com/assets/app.js
Requested by: Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.143 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server202-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e95f7d34cfdedb8755d7103701316c6bd973748c82ca875d3b086af3dcbf9ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
content-encoding: br
last-modified: Thu, 16 Feb 2023 13:56:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1527
expires: Fri, 22 Dec 2023 03:16:04 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
262 B 64ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JPJ3E6T5V&gtm=45je3bt0v869651364&_p=1702610164473&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1714929603.1702610164&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702610164&sct=1&seg=0&dl=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&dt=Tax%20Calculator%20Philippines%202023&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1082
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JPJ3E6T5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://taxcalculatorphilippines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9270849806571319&plah=taxcalculatorphilippines.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

465963ae676147393eed08151a76c8954cc623488cc28c3b46daa2548fa03e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137964
x-xss-protection: 0
server: cafe
etag: 12491899551853073925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 03:16:04 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame CD19 9 KB
4 KB 41ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D18D 202 KB
54 KB 358ms
357ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&adk=1812271804&adf=3025194257&lmt=1702610164&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x1080_l%7C404x1080_r&format=0x0&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164671&bpp=5&bdt=360&idt=196&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8717328310171&frm=20&pv=2&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=212

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9270849806571319&plah=taxcalculatorphilippines.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0a24f6dd7ecd009d85fe2529c35e0f976ac526febe52296f54f1c798bed9e74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55116
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:05 GMT
expires: Fri, 15 Dec 2023 03:16:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DB13 89 KB
28 KB 406ms
406ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d1765abfee5c7d55e9036969adbf8f84e0472da08ef7b8817b91345e282df58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:05 GMT
expires: Fri, 15 Dec 2023 03:16:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41448ce4891ad73962363ab2f22c05a38d45c057a987752611ae74cbb29b49e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56012
x-xss-protection: 0
server: cafe
etag: 7719666273244323917
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0224 90 KB
29 KB 377ms
376ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9828d8bed54348b860dc723db0b7033e80e3a9639e2c0948f4d44c197dbcdc65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:05 GMT
expires: Fri, 15 Dec 2023 03:16:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 067A 91 KB
29 KB 298ms
297ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99ac6932bb7cad441a4b165f38c2c167015ab2fa49b80df57729a971d255dbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29701
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:05 GMT
expires: Fri, 15 Dec 2023 03:16:05 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DB13 24 KB
9 KB 194ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 23:00:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DB13 8 KB
1 KB 68ms
32ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 01:41:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame DB13 15 KB
3 KB 187ms
4ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 03:37:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame DB13 376 KB
131 KB 188ms
6ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:21:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DB13 20 KB
9 KB 189ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:54:19 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame D781 9 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame D781 4 KB
744 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 01:49:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D781 205 B
651 B 136ms
7ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 19:41:52 GMT
x-content-type-options: nosniff
age: 286453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 10 Dec 2024 19:41:52 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D781 604 B
696 B 137ms
8ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:32 GMT
x-content-type-options: nosniff
age: 238713
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 11 Dec 2024 08:57:32 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D781 16 KB
7 KB 144ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:54:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame D781 22 KB
9 KB 144ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 02:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 02:16:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 54E7 14 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 01:49:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 54E7 2 KB
875 B 87ms
13ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:54:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 54E7 24 KB
9 KB 86ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 23:00:17 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C7F5 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 02:38:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 54E7 3 KB
1 KB 84ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 08:48:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 54E7 20 KB
8 KB 79ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54E7 203 KB
65 KB 110ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 54E7 37 KB
15 KB 79ms
8ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:08:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238037
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 09:08:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C7F5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
34ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:05 GMT
expires: Fri, 15 Dec 2023 03:16:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame DB13 0
54 B 236ms
27ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq624rot&c=3940083227759&slotId=1970041613879.5&qqid=CLPAyJC9kIMDFV7HuwgdBX8MHA&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DB13 15 KB
16 KB 209ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 238926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:53:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DB13 15 KB
15 KB 206ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options: nosniff
age: 294482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:28:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB13 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CGWla9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMByAObBKoErAJP0PFbu5Shc9oZFNahGCCGSHnNB7kRJW3EHIY-2XBFMtQhEwVYkR1ed-SJt4J_0P2ISQmqHGsY0X3DD1B2qzvjCJkular2WTW3JY40-jhxChfTgjLL8RuH9b4Q5DF-NHoYsmosugD9iCZ21VxybMx8dxxt7iQoFmstCy4lF57E1NZZQB0RUlxYcvKTMXVEgyVOCKYqz8DF8QYqeMLx8VykfxwrqaQVsDOwAsJxoOky_8ydR1460qirBiOh63Uzj4KkdKzC4wjRBbeLVnF5hTTueJCoWRTQMViTtM1GiEqK-EVQUs5laioBU48CXmpoRv1_W4i--V79PO9f6cWhUsD8VOSxFYYvlsyKJRnzTXX8tgYMm_aMI6qMT0rdkf1uqtr2tFNgfzJ2-aKFsCzABLuI28i-BOAEA4gFrcWtx0yQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg6PIkL2QgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1702610165560&ai=CGWla9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMByAObBKoErAJP0PFbu5Shc9oZFNahGCCGSHnNB7kRJW3EHIY-2XBFMtQhEwVYkR1ed-SJt4J_0P2ISQmqHGsY0X3DD1B2qzvjCJkular2WTW3JY40-jhxChfTgjLL8RuH9b4Q5DF-NHoYsmosugD9iCZ21VxybMx8dxxt7iQoFmstCy4lF57E1NZZQB0RUlxYcvKTMXVEgyVOCKYqz8DF8QYqeMLx8VykfxwrqaQVsDOwAsJxoOky_8ydR1460qirBiOh63Uzj4KkdKzC4wjRBbeLVnF5hTTueJCoWRTQMViTtM1GiEqK-EVQUs5laioBU48CXmpoRv1_W4i--V79PO9f6cWhUsD8VOSxFYYvlsyKJRnzTXX8tgYMm_aMI6qMT0rdkf1uqtr2tFNgfzJ2-aKFsCzABLuI28i-BOAEA4gFrcWtx0yQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg6PIkL2QgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DB13 0
234 B 216ms
26ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq624rp5&c=3940083227759&slotId=1970041613879.5&qqid=CLPAyJC9kIMDFV7HuwgdBX8MHA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ix&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame DB13 33 KB
19 KB 243ms
56ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AEI7Gcc50WGMpANN3SbnVb3zA6JpVrRWO5xO3AKKa2DpzP-Q8ii6B6K5zO-ASdQrUW7T3t-XopZ55CO5wsTNh1N3Oubg&dbm_d=AKAmf-Cva7qblA0fQD-6XUMDkmXrDVgD65T0DpHdjV_8OIONYQfvLOMQHBD1Cn3P99F-M3HrhiB7SwPj79xm7upAXB-m_-ZD04qNhPHNK5Iwf5vQUscY2mMA-FLq9ip3NIeWuZJV0OX5crA8FtDmhja32Au2pzcC2boWIXriVrIMyOdzSI2eVFvESyWI6vbQsK33S9868KmzwqS3GIc8nsIRuWI1ES6i9l0Bl1DX8ktM0XBWJ4UcYJbL1Qk9jTM2kBIg-w6S8ndc_8bXc4-Hml9gtLPOeLguc34yIDfEVbgOu2mC14zZj_CaZJOvkWyCi6nK1hVxUK_Gc-qOkd4Luyn-7FLQzLzXSMDtW-KFwTIHwr9EekXr9Sl30bjn5TW_1ys8jN7YIBU78Z-pOCrTPVVjgktcGWNSrVKX3PhXB85RGSxnr70HU5lwc0u6qQTCbnik9t1WKS97MBotHdRqsNJ5EX24g9bGwPO_rX7_usir9V41mlLEdVqNdZBLvAiv3Hz8PeFDyk7U8rdmdf8DK8TrZF1h_srgDVO3ZzbVmg0Ak_V-GHeCCJQ2s7pXdAFNUhpi4Iw4Ft1AhsZcRuJ_PzLiM7zw5acL6TyajPHiJk_JZTQcFY0ZC4oJKjxoMQ4qzkPiHaELE0rPhgMTk-Mp0Zg-0KYDFPXl7Sm3h0oV16DpCY7FncsUuxA_sgmedobvJlxX2LNvCoXi-ulEDPA3ZHuggYTrEnLTgWDHBGP5CiVkjVdTnd9nf3c33zu7MUDL5KDPx64M31c6Q5h2cwmgnM_Orz3-Jg3hjpOzjI6vbsr1gV81CYWPZlqJwJSHWnfsFxiwngprK47dcvNQOj4xtFwJUd2Q8_n7HorxrLZIk8ilG2bxhLXywfElbnuq075WgoLU_H33JuShsE1YzbHi4k4YmDLUuGnC5X0xjLcSy588x0H8r_YIcamuWJDQwKPqdGFvavogkMXhPYLVq2XXgngXf_gNo_OqlJtGb8Gk8t5124jwfGuF1P_cFmPYPAMHVRqJGd7NkK6Mr8uaYYqNCFghW0y3UGYQlYYlB5AjEJN-A265D-u8K-qxPmnSHP_f39FI5KKuxrHeawqisRFNPik3zhp_LEur0I35yIKOaH_ge8HjoETSAn3IxmWNONrUUAaFACab1rff4__spvhCbiNVM4-4FnqJnftoyfr-3f7DUiuAz5BnDZPnm7MVY9bIkjGlyBwNKqur_pGWGsGMOTl5wLxDH1aObY6GLICir79RYpH9Ci9M4tOxQqRs3wv6gg69YD-4ORi97DwDLDhaQy3hFdo_DLHuRATXrGBX7g-f_dX5wWpT32YHB_3MJxqDSszZh7i_09G5ktdCbri6bw0K9lLgTj43Lug2_WGo5dF5FPlPjLpTbe-5HGZ8vzlF3TWxPBBERChtVoih3vnsJi1I0JQP5yd22-OwmwL6cNEgJKFdpq7n5Ab255eiPmSwYZZ_dX6g058pnY5ldavFrlQTBLKbJsuHdGRm1tyPU1_24qqDQmrcTmEY5ULscq1wHDl2SZSdh3445Lk5navy0UKzXfw4PddjPGlF8Xe3eQC4rfExyHH78n_FkrEDs95VBxENxSacXcDAYg1O5Uo8649yI-QG1zOAN9z1waXZKA7b4RuaBsB2dmo0bK6_LmLl14izXl2fFLkFUg-XX7JO0SECpUkNYUHHoKQVwv6rESs0ZfqX4KDxZqBqCiCHQ3OJQIbDHbQoOLQq_yrpKR9cJiQ9Ux6wv56T6QsRYIfR8H__QwQ3cwH-A37bfa6GYzNHiWjRAV5tDDChQWWD5Jn5AUJtAKNntF_I2eYqeBHt8OfixU_zvXkpUNUX0Dxj6i12XvWMtASuw2qWQ52Y6IKnX8MS7fGvEpPTmpOeBH4gqa36PfVb36LGGiJUnxdGthKV82qPY40URQh4zjlEaJDmMMmZuzci8Y636fnjFZdVW4qNj22FeCFLiOPkWlBG20nfvBAr2KaJjlMahtiYhkiD-EroTgF7pu76JwYw0XCmrMmbfbFfgX59XUfFGFgQ1BKpM-h1BhE97B6_RlpTVMYfBL2RYRokifMWTo1S1h1NHOzZyZ2gLyjth8K2KHu434pwIgM1jza8U4j0_8AH4ho3CHrChzlPICi2sBBCbwTtgU32mL3DtH4Qqo1jOyhbTw6LevRZKGdoj85qAexj4M6QgxIjlGYZjy4K7Kz2XTi_oOadPiYSSapwpn0iBkJm6az8frArEKOa2IK_zIlCB5KyT9mhwoOkCAF8p9nOypxV99YrgCPbkKrL9XMFI_zER4dQ7BCna6_ECsxpIj4_TabskCa5tWkjn5_lJ7FVb9_VwzDRnLWT3XQO37GI8JO1N5N-iey7jJogYLAB8VRjOYW-5OvIxjhmRYdX18TPDO5w9XVDgCQXRpqldQxLV-hCrCzu_t9QbNvDmLW7bH5YPeFcPx9-dmjN7R9qB8Us0ugjtZRT6z7Zc9wDESmAYmfj0IGzIonCFAS8xn7oIuMJlDXLDq8BccjaCjJ--NkXF8t1ud1E6XG9yHMl1UqPHV8uRuRluiWZ4qruLLmGi0norVdK71f4HvhAWWFCihND1LnwSbIH__tXfI624RhXMNu1VoJCdeSFrS22gqQ5V-VNSJAKzfRgDCY2Ejj0TR5n3eP87HeCDBlnclirZ7EH79GrPHW1PRmJ5nOzo9zVee-Emb3biJDBSD59y9Yv4fqyu2mWUlxqX6lcafA90EYhM6QrFvW80kyHsM7iWFZAIXtLQ06eUMEt4ECMUFmck0PSfguJkppiwMPTxG07SnCVtxrgwsob8jmQXNGDDKaqnorRoLAiajdekg-OVB1MgTJ7_gMQEYzgXt1OuqzIvZt3i1dzYiXdgGz7yYJQT27OMShozyJhhwRCdL4wJpw77GoUa7p2qIWhM9reBQi04uUaAlFYvn88mUK_OgyCHtlbB1Vi7TkSt--69BtHayvcuEsPZRZXWwFyoOpyOXl2jbDGLqENJl4hH7-0zV4WMwuhUwGRnBAQKxo-dSp_xUQEttWl-Ei7KAKcGQFVZKYmR51A1i83s6xXZ4i3NWzkhTfygCD7dOfXtplsmAUX58lkOHyyQUEOLyDeb4_4J4_eGx2LwovcWerWUMMRV0fWB4FPtd7qH9K5SkWTvR_DbtVKqyB6VGqvy19w6yTTMt3NaxuIeIgfT9wgK67uB4nPhfnKx5VFT0OcEObZIJAtWZvdR6R-pqrCxrpTUFKTffpBchDGVNLigr2uNq0nazoOgxy0iqx70KtVgpZzwiJ1ZdKnqV7HfN8ODAYl4UxIwNSwE6XEnDukjzVufFYzp_oRr3KvdredN_pKgG0q0H1cK8XsSxGnTw74iC9dLZgWedzjqD4K3TqsI4yyxphfSys_DOFA_tMTlKmxGnTnkk6tuc_6U9GxHqtYbsDSN97ZO3ps6BNKFCDlwzruLpGCJllH2spXHAOjzVJECL_vGfYWGV_ldzYuqql6g90MfNhGihofjQU1Xfv3oceMMHXbN2WjQQIijlJe2iPx2meBM81T5AmVLdDtZ9vHTLi2J8b2CQQIxP4CxRL_3DvTgG-HhXa2WcDjS1zsmFIjuB786mbth3RnVgwyZcD8bieK_BhuGQ6TIBtsHDrj6_6p8GrqX8cMpi-jSygjgAVbiVbINrDMsN1DTXaXBG_s11K5dG5kekc2B6z7Eq0oeGiDgVAyHSx80J7EtpsHx76x6PNvTYFdN0hEY6bW78lmAulS3vhWLPuQ69I&cid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

48039d4ea2224e26f9a975569dc4e5574d7e532a2fad86733f7000ec6d240f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18155
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DB13 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 232746c4d8d99557b7bd8402efcd16c64cbb082b2f8c11a6f955a0e77bfae590

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 067A 24 KB
9 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 23:00:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 067A 8 KB
750 B 32ms
30ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 01:43:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 067A 15 KB
3 KB 12ms
9ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 03:37:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 067A 376 KB
131 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:21:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 067A 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 067A 0
0 24ms
21ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRueJsKNWK1Yupphtw0soUQh-2vMsnZUiwtPrTCtGWgEzPRX33Vd9EduYI_zqCSJdnuZ8zcml5nZIrBwBjN9abjjWIZuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0224 24 KB
9 KB 13ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 23:00:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0224 8 KB
750 B 40ms
35ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 01:50:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 15 Dec 2023 03:16:05 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 0224 15 KB
3 KB 14ms
8ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 03:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 03:37:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 0224 376 KB
131 KB 15ms
9ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:21:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 240897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:21:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0224 20 KB
8 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Dec 2023 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0224 0
0 38ms
32ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRSdFKqriQTkrP17IB2bxqyi6nzb-uep4IJz_BCeaJLyl9Nx9Eqlg1B9TYqwWdDQEw8r3NUeeBAv9xcqSAZ3MNNZ4wOw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DB13 0
0 46ms
45ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Clf8Q9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMBqgSpAk_Q8Vu7lKFz2hkU1qEYIIZIec0HuRElbcQchj7ZcEUy1CETBViRHV535Im3gn_Q_YhJCaocaxjRfcMPUHarO-MImS6VqvZZNbcljjT6OHEKF9OCMsvxG4f1vhDkMX40ehiyaiy6AP2IJnbVXHJszHx3HG3uJCgWay0LLiUXnsTU1llAHRFSXFhy8pMxdUSDJU4IpirPwMXxBip4wvHxXKR_HCuppBWwM7ACwnGg6TL_zJ1HXjrSqKsGI6HrdTOPgqR0rMLjCNEFt4tWcXmFNO54kKhZFNAxWJO0zUaISor4RVBSzmVqKgFTj1pfmMbVB2PJZG1vfwaqh_EAtTO7hlefjBr2diO-xaM9vkS8BW590SK17h2qeeTkoyS_0XZEPXiVqAOvQGJ98MAEu4jbyL4E4AQDiAWtxa3HTJIFBAgDGAGSBQYIGxABGAGSBQsIIhACGAFIj5PHAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHmpLo1QKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHChCsry0Yj56W_QHSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WIOjyJC9kIMDgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArATpYzeFcgTv6TE4wPYEwqIFATYFAHQFQGAFwGyFxwKGggAEhRwdWItOTI3MDg0OTgwNjU3MTMxORgA6BcF&sigh=Yc4UZLc6sYY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Dec 2023 03:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EFD 50 KB
19 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Dec 2024 08:10:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DB13 0
54 B 27ms
27ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq624rpo&c=3940083227759&slotId=1970041613879.5&qqid=CLPAyJC9kIMDFV7HuwgdBX8MHA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame DB13 41 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DB13
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

131ms
7ms

Fetch
video/mp4

2a00:1450:4001:67::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5115C65B5D2CCE5DA12C56405EE6B4FFC7A4D6CE.77BCBCFCBB20FC9DE93928BB4D24296D36EB40C4/key/cms1/cms_redirect/yes/mh/bJ/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5ednly/ms/onc/mt/1702608990/mv/u/mvi/2/pl/43/file/file.mp4

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:67::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 03:16:06 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1715588
Last-Modified: Tue, 05 Dec 2023 16:11:35 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Dec 2023 03:16:06 GMT

Redirect headers

date: Fri, 15 Dec 2023 03:16:05 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5115C65B5D2CCE5DA12C56405EE6B4FFC7A4D6CE.77BCBCFCBB20FC9DE93928BB4D24296D36EB40C4/key/cms1/cms_redirect/yes/mh/bJ/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5ednly/ms/onc/mt/1702608990/mv/u/mvi/2/pl/43/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame DB13 0
54 B 26ms
25ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq624rx0&c=3940083227759&slotId=1970041613879.5&qqid=CLPAyJC9kIMDFV7HuwgdBX8MHA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.qg~videopreviewvisible.qt&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 067A 0
54 B 28ms
28ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq624rwp&c=4043223067710&slotId=2021611533855&qqid=CIro4ZC9kIMDFZmd_QcdW3AEZQ&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 067A 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 238926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:53:59 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 067A 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options: nosniff
age: 294482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:28:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 067A 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CQ0Qz9cR7ZcqZFJm79u8P2-CRqAaN0fHIdPrX352fEsqYu6PpDhABIKOx-iVglfKGgpgHoAHcxoqJKcgBBakCXOhPu4Vwsj6oAwHIA5sEqgSvAk_Q6AchXkUhqIVumDEWoS8AZS_R7ZwgdKXkgdbhc39vNF9qrjKt7Yg-vEIHzhmD7H3FR3DQVZjyADKQZPgbOelkI-U1hQyhyF4QDr_PiqxoUgF7JQyGf3qGyLV8NGDVVkwF40Z74O5Oj-n3jzY4OqLvBp1ESWX99vCA7sITX2CNV7GJhrYBcfgrg-VKFHYe8nlOl-o_tdUrjc0-1-LLdiTIgxwY8VXn01DXLInvGaVLKAkpSwenl9CSWJZAXa46jyYGuFXbI2lhm4pRoy-fyIHZswBLvd8p8UtIdu7QScOq6RGvrZawX2Vgzpk_-YkMXv3AVJOkJ4x03xIZ7rEhn-CrqCXikchxmejQBfNRCb1m9HZMUMiEWQ1_hclSHU11qDg38Mkfndmg2HI2CKGEScAEsb6EtdAE4AQDiAXGkYbKTZAGAaAGdoAH3P7a6AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlinyOGQvZCDA4AKAcgLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJERbATsbLsFcgTzZn_4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU&eventType=clickstring&clientTime=1702610165873&ai=CQ0Qz9cR7ZcqZFJm79u8P2-CRqAaN0fHIdPrX352fEsqYu6PpDhABIKOx-iVglfKGgpgHoAHcxoqJKcgBBakCXOhPu4Vwsj6oAwHIA5sEqgSvAk_Q6AchXkUhqIVumDEWoS8AZS_R7ZwgdKXkgdbhc39vNF9qrjKt7Yg-vEIHzhmD7H3FR3DQVZjyADKQZPgbOelkI-U1hQyhyF4QDr_PiqxoUgF7JQyGf3qGyLV8NGDVVkwF40Z74O5Oj-n3jzY4OqLvBp1ESWX99vCA7sITX2CNV7GJhrYBcfgrg-VKFHYe8nlOl-o_tdUrjc0-1-LLdiTIgxwY8VXn01DXLInvGaVLKAkpSwenl9CSWJZAXa46jyYGuFXbI2lhm4pRoy-fyIHZswBLvd8p8UtIdu7QScOq6RGvrZawX2Vgzpk_-YkMXv3AVJOkJ4x03xIZ7rEhn-CrqCXikchxmejQBfNRCb1m9HZMUMiEWQ1_hclSHU11qDg38Mkfndmg2HI2CKGEScAEsb6EtdAE4AQDiAXGkYbKTZAGAaAGdoAH3P7a6AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlinyOGQvZCDA4AKAcgLAeALAYAMAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKqDQJERbATsbLsFcgTzZn_4wPQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 067A 0
54 B 32ms
31ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq624rxu&c=4043223067710&slotId=2021611533855&qqid=CIro4ZC9kIMDFZmd_QcdW3AEZQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.fv&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 067A 31 KB
17 KB 58ms
57ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-ClSXBVOrP3Zio8lxfIteCf6NH_i6OLeibXTzWIAb7AUFi4SGLsAYG9IE26xgZuPUeJxyPYvdjP4VCszpB4ptHrzhgD9w&cry=1&dbm_d=AKAmf-DFRRpiDuyIwSsWV3pB29Nut9iCvdtvXA1RzYeFoIJeLbAZG-3ZJc3r31nqOTaqR6UEFafVXHyQL_huqtaC7WTjl2M5watvqiI51rtekLd3xK0417ZZ24skhD-DV7kDaf8-7yQ_fdvdlo96gEUBvK05yCrofNSX-WwhMIn8ENLRsBLvvBzJzs_rrH4d2sn3m_dkxU4q6jiJ-aZUU6gMVaSLNaGTuhv7X1ew6fMEMmxMfOFkbLB_iTHPPrBEbeMZOwFo4vinRGw8rriuA_8ydIj9M0Wx7QAnlfeStozAwcMg1z09ZDVKMaNWw0MJztGgu2GsBmNygzwDpt961zIIaD1Sr9u4SPff6btefajsWNo84jG8dSgKpPeGOw1wAtIV2VcR68l-jL932V6Zw6izcY7ybuHyZQIpHEWLpKTKy4p8qoiRd5jcSOKsSGfR0eO30uNcN0ubJFuTa1Bp_e4l-qpUDFSPb12mgcE3Z2k4jERDxJ0pEv1nHpaS7zVZ7U_gWhW-AAMf2z5p3rA2xtzDb40bebd8PMWqhmuKl7r9n3JCZFLncsecKcnge-LrSdj91-ooegl7XMgemuNRWtZejUdf1pbyew8DVDpppVXDliRARKXkFqr-g92PU1t2I0E3bovQlzSTxbUct8VhloefaUy2gELC5J1DOZTrFOlrgmKNFq6uKLzG0k52_CgNa3qb-YvxTfAg6WeuDG2_BITuGZN88Zwjn9X-XmfuYBLg4G0lyEJmVwGZnSNQwjCtrYrELIM9CPB94qqxe9J_juhkk-5mJ45rwpxd0xrJ3cM9MJwyOfw2flnn2aaNHcfOgOhwc7-08-13sCGd7SijApZUa25DOFZ6QVodazoAvgyPM7jg-Z6Is8If4hRVF54v90Tvi_EWCnXFkgI6eE8OwzBhjv-53cJKB0szDrAynh9cWpMNb_d6gwvpt-SpkfaCvjStaDB-JX_40QyaTxLT2jORWW6W3RfCZZ8UZIp9Zz9tM6x779NcmlTcVyh0XT7uqeJ4OiR0jZrMcmfMRfYy60U9JaLfwZKFHxGUuK0swscJSLt9ceJK7L5CRFPkZRW0onkpjQHVzcENgjdrBPEiZcsuwK5lpUgK51Z6k-PSN9p5I0m9UAf7YygY_eqpQuR1sxvL4QyCkMlDBPF8_OBVWdiVm5elIbTkuNKzA9-bF72JsNxKd8FzZZGfFTgv9mhDAb4EwBixaRRZ3qBxioKuNApi9J9fLlzjZK7EgX2LczieyE7j7HUutJfMxSKalRRXv56qGuP9VUzXcWfhDJ3nYoUvYdmWsafFX6WMpIFSwBYYBm1gfGNuPnD_t1YistqSlFjLNfrHGVilrenV7xpyBc2DE8Pnh-TTztt0p76gWKAiX4COqK2teU-lzFY9jj370zBEv5nhQadF__YlGEdB9dd6sxIVZIK7xsXDkDYxG0a4X70QA7ajdg-rcEXWRnkrBYZYqOCofq_3PNnALpjEfB27fywX3rLtU6H6sF274kDj0BAx1_qJkenHBI4vSYlEIhYgatEltFYuUHOr1HYTQWwdVYit49dQOTSZIlcglsRD0NeSaGvx5A5lhWjh0ldXmKCS5cHCgzJnQnEZXM8OgQjqeu27dQId1gDvQl6y6hYyMcK-PNo5ulMKqpT2nfYLIzAVAYTSKhj_LvaMo-KRdObiFXdoMnAe3vy5aoMXOGShEZ-b1Hkfj13fyVt4_RMQSD4x48betE_CNxLEn4yeGS2Og_8459WMUWjQRhILMyJKE-9vyXqMqd3VjBsQPVopsc1aBpHPI-95hM-kpDhnqoCwoWz3Un0OKGRUh3Q1TSzux2rI62q-GqGIxD6mTZ1Eh_XPLyl_pKrfUEX94rjSVac9UkH0n5IyR1RCCRSTYpOw6s1duO-0T4YPYaScy4E5wzbhOKf5laFNWADveGqm4zKtSeFS9Hs7yBSUoxOY_XnpUZhBvRI7GySkeVLiXrECYQijfwyXGEr3gqhVPMePQm1XrGgDyyH1YCPR68YIhSd_DVhiMyoHZ4tMCeWVcO4DK2qKMYAJpxay95vsmhE7AFv8rb8qc2AEnF6dkJ3LMIjFQKgpYWN3WJh9CKiMia7hu5wOW_B7Z1yDjQnwO2_3R_2A1A2CWH9BfY2ACOF47Wpb1Wcy5Hi1oCQqw3cDTMHQYXg6IJFsdA3OSklLeBVWpuIqZhCUNw0tk34hIV1XLSviYxbE1sebNuTmi6sZDaBVVSKTCqzBpiWR0JET9iCUwP_dRjjJ_viPBZP_tFC7iWCJVA7dBrr7E0AETbCD2LoCphVeqo5p1sj1Fnr74A0a6OgL7-17uSaCicB8WsCi1eaWIjZXBnLs6IppixQ8CCrmsHsr65zT6pHRivJdyXtzLWDn8GCBCnn0yqRLqqF9xRSOjAy-JtkUWBHPxvFYWDaJzfDpvNXYadYhBw6s0XVSQzmoOvwbPJ6mP632tHqI0Ih34kpzKuKQx74EFUJ-T_FxdQBoICoGtH5fB8pohAuEyDLiyXFXWHz_TrRvk6DAIsmBm1yubBicZ2_mRqu2UKJxkeJfRziglyjDNJ5qPDKeZ1uF5Hnoq94IjKDLCZFVXcu2Q3a3kH9oymxQYcp4QIGd_NegRi244GYArtlhttHmepbA0XQJwbn_v8ytOtiVylWYr2YyBM0EZu1QJKi_5Av2UylZ2qrJe8ETskYDR85prY8UbQiwPHIAQOFfzXX6qm67RtM9zQdAiqqYdrgp9NQ7Ahd5B57_hXB1RAXFasoRUdGOURFNXqbSvOtUfJUX_I97q8N0vJOHWaVYz5mREt5SdApegZ5CvKUh6QJ5Jd5ELHqWZgWggj-xM-rIOiQdNpGj8ouJ0UyLjnRMqy4uoQmOSfsLejU4uDjKtATL873vaw99UNgZXkKx8YPiPfb3BNCNVbCSl3tl9Dl4m2NhamSDqLkjxw1pwIzLYB-7Nl949mPEiZtOMFM29yKWxCVXmVljI9BHJbYN3uroabcZEcMextAyf00XSGBTlz1L4WQ7TXgYecJCgLk2P-IRK-3NfDjMxArmWJObqPE6eBVs4cLYxZs8vAoYRGE56jc_TuBW9sggfQK7bh__1xYu8fWkCdZuh1d7cNpdiPhkC5SgOkaTqKRtGC3ovUL348NQaSJYRD0eY1E-5H8aWozjkBh7UIcN74BomeuCruoEogyjC-hWWmwqcHTmvcnxXW0oKWZlQrgyoPhEiUhBKmbWS2-ayMjXZ8ULm4PQ_jJQg7neBzTryHml8NM6i5L0HthHSXAaZkCptxrWdRIWvB-Hbyvlm8xmxhJfUkbCyFnHSvPULAPo0XDS4MKx-irE7SME-TJdPXYUw-RLuM16fHzJHAe2QkLIC_quySkk-uiQlcaJTBt6jOn_uPGHuklCe0TzhxGxgb8kIERnDILfJuPRdVeF9aqN_22xAeZ_5qwAFqsqL6otRM8-sLbhwNyY5yL7qnsgzTZr89URqo7I1JTv8BSdmhszDRoOkG6JJ929LZDef5tkbLYeLyHWyusQCgo7UC652ieFS0ma0ZMxI-mJsGDRjSvlebTQVQhpmb7Ukcre_LxeLF_F4eMXZLkwHloLirJm616fh-9hHHGYeUiwQOPaNx63XPSCALoLjBx2N2kunWVJyrJg1t3lah0ruPaVvtAN1ZeiG9TE2UyOAJups0ZjOlllk0h8AKjaZnmtdG2lRkqv8Q-Yas6F0qDaRR_7iruoDboLLUwCbtO5JudMNcy8wmvBHmykoIyNo8SFTi8lFJBO-I-kgjblqmbNivBBsXURHhIEsVIOelwCT1_eWPePnr9i1WhJhfUq2F14Q3A8XNQxHLnydhuo94pRsFfIqBK2_ZAKbSEYxy-VBah5cbpOH7IzuDR0KjWpUZK57QIpkQZb30u2G0Kx6Cm9gHSBw6Br_FenMod4sS6aayXakFumMycmO6E66jWqZh0MQS8YMx7lafMpzTbBIoNHzsJrNS8x-3zyk5bJN0tUa_rBK0rvr3wyV_Gsl-mrf2rsDKbLb_fCm-fp4c1Jy4s8qqACwon7wNq5qZLD98p90g&cid=CAQSPAAvHhf_izI1anJfByC3OzxEDZMJ2tqJh8emZE3IvnICH-aNiENjAZ7DJAp3eNaA8Lukdna3JJwqpex12xgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

ed4b22bf18842058e28fc3bca41776a0389165127334f978d7390b07846ca580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17662
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7E65 1 KB
643 B 12ms
12ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Fri, 15 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 csi
csi.gstatic.com/ Frame 0224 0
17 B 27ms
26ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lq624ryr&c=101957989913&slotId=50978994956.5&qqid=CNPA4ZC9kIMDFYWe_QcdpbMMPw&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0224 15 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 238926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:53:59 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0224 15 KB
15 KB 13ms
10ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:28:03 GMT
x-content-type-options: nosniff
age: 294482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:28:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0224 0
20 B 51ms
49ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CdXeO9cR7ZZPyE4W99u8Ppeey-AOduNzJdNC1r6i0Eprdv6DUARABIKOx-iVglfKGgpgHoAHcxoqJKcgBBakCt9_W3tFxsj6oAwHIA5sEqgSmAk_QELS1lOtDmNfS_fdLMMj8IWFipwjlR2ck9EkKsfxaHKx9SHjssx51eJ-2Y6vWFoOmyv8d8_ZPBfzFFoYs5oPU0zSPgZtY2DXoytGPW95A0_arGJP72HEc3fei56WGvGEKEEdBEKNfQBBOFGH13kPow4552aTJDh1s4rFqx_J9E1fXT6go-DWhWGqe56kcOT16UO91FykOVMc6GyA523b0imzD7Qdb_9yQxnXdpc6dmtzFtjIav6y9AYHrEec4OjE_r7JoCzqcTmgKnGkk5VxAGGEiXBsZQglCnjIoIIuSM21dpgf2MNdgPDieiyQs0hsaE0ClMKuIP0dMY4E2K7UMZ3SUZ3y-GMW6KbKOrANKdS5zfnCFnUf2dCHi83aoFFUuTAiGCMAEhp3E7sAE4AQDiAWtw-_LTZAGAaAGdoAH3P7a6AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliApOGQvZCDA4AKAcgLAeALAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOlsuwVyBO3mP_jA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1702610165923&ai=CdXeO9cR7ZZPyE4W99u8Ppeey-AOduNzJdNC1r6i0Eprdv6DUARABIKOx-iVglfKGgpgHoAHcxoqJKcgBBakCt9_W3tFxsj6oAwHIA5sEqgSmAk_QELS1lOtDmNfS_fdLMMj8IWFipwjlR2ck9EkKsfxaHKx9SHjssx51eJ-2Y6vWFoOmyv8d8_ZPBfzFFoYs5oPU0zSPgZtY2DXoytGPW95A0_arGJP72HEc3fei56WGvGEKEEdBEKNfQBBOFGH13kPow4552aTJDh1s4rFqx_J9E1fXT6go-DWhWGqe56kcOT16UO91FykOVMc6GyA523b0imzD7Qdb_9yQxnXdpc6dmtzFtjIav6y9AYHrEec4OjE_r7JoCzqcTmgKnGkk5VxAGGEiXBsZQglCnjIoIIuSM21dpgf2MNdgPDieiyQs0hsaE0ClMKuIP0dMY4E2K7UMZ3SUZ3y-GMW6KbKOrANKdS5zfnCFnUf2dCHi83aoFFUuTAiGCMAEhp3E7sAE4AQDiAWtw-_LTZAGAaAGdoAH3P7a6AOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliApOGQvZCDA4AKAcgLAeALAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOlsuwVyBO3mP_jA9ATANgTCogUAtgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0224 0
17 B 29ms
27ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lq624rz8&c=101957989913&slotId=50978994956.5&qqid=CNPA4ZC9kIMDFYWe_QcdpbMMPw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.hc&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0224 32 KB
17 KB 59ms
58ms XHR
text/xml 66.102.1.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CTorelOEY65deDEJp8eCAXndQRrOQiBE60Xg_nVAiHPtp4CkdGrlXkj8TuIv94fLApQ7NkpaQxWT12K7nWQvknKb3A8g&cry=1&dbm_d=AKAmf-DVSHJjaeY2laW10a2IqrcOpjYCa76xPD7XlS4GgfsYQxGO7FMyQEobeqCjySijpRoCktqp8RZVw9BDlrJcrvaYKIWq77I-p1nEI1b-TLQJnktX8qkj8UamghjO6zPQdMN09xBgOR9rXJIi-4I2OEmDvr1c5oTA1SbVrVoje_0sf82LXU0v7SWCP7k-yc0ndCeXzHpX6V6Gm-2mnXqyhmwGNuZUxGo431Ks2AG-96dP6FxCDKMF_d82amKvuFU5Aj_XgPLEU9ufRVrgqJ1rtWZ50EUuJ9rTZgey_R0dW0VM2OBPr-sNoLXgePmnQ9t_08vBPuJUl89U4JltvRTfI_Bw-wt8qAzh2gruCe1bfIknQf2Uvfsuwg75J4EmlFY9sgTpzTJAbRQZ2UKAZm5ceJ36oAhn3EQtFZ1NkiTdke0dAAWjsvg6PV7jtQJi8Nq_r6dQevn7sDvmNevKmU-opW9gWEV598GywjrWU4Uy76JwTHunHHjfBFiJM-KECmAJ_dE4ip3H6utEG7YHYT0zhraXAnudHKp38WT3sc6xkKX61gE9hxlHT-iuQto-IbRoPbKCdhibsRD1rETNCRXEzkWTLBOASNMBssCyXTFPx1-7XuzUItl7EBdIWrvdwAjOROIwmXsfObYLGdBSKSCtmGNboULj1XpToSV2Wg1xDcKzLFmOi0iPPCIjz8f33YSGNkQY-aIzd6fi2aaTYHQdpGtMoBYwpkqse8IHL7DHOIWoVNH_0U8ceM1eimOvLL2aI2tkFBtx8r8uZYVJLGcLYmGRazII9AgoZDGJEWyEVCZPM8-N4jrb1wyelSqDlAJjVKKFjtBgcoVslw-SC2HARd2vG1Ry9sXfun9PeIiM2H33AN6Geqlwiv7JWcJpNS8Sbj5vFY6wmZUk-6rrRbQjqsDme6Qo2qIynfrmmhXzomdqYKSuRfsjwzLIoAystdGs3LPfWZbopnTaWVmg_BN-N064xGsACbx2gFT_k2sman_7SjoF7yHvNbouK3qq8Mq5XMbekKyEYx5r1SgId6aheq4HceeXpca42aImNQdpdwAzckCnNRhK_uy5bPiqejqb4Pdlr0WpSjjrHrtF-tlDQFLaXkHT7F4vY8kB9nInsFK3zwTFii_TqRHzQXIUtlZLQJTpTzYavb8Hg4BzdioNoEbXkzx-eSIALMBc3Qq8a8sXNPwCr8Fdw0C6ZRTPYG6dOAX5gDGto9WObD3IaUqqi-cYJ5AS8XvzpGe-CEHbg-BySNiODzCRNmieYXLt34u30uuVISTn5RHjhXOhusqz2wdgnZ5JbXNPy54joq86TCW5V4a8n4ory0LPnxiDXPnMZrVqa-dYIq1FIejdA7DAmeMJxwQYOQpajlwSJOdQxM5tUSDeCMHgmZs5CKR4ZPs7f311eNhAI5X9REJ1ZSX45JWspeu-9s9Uwlg_TdPRQ4p-0FId67R83kgSP8YZhHduABVouSnSRjFctaQesuxVgaH-xNAv5eMdym7s89LJMnruLwlMW83VIupUXJIESxR6eiUstYDOYJMSSzNV6y9M7E-jIvuQmXjfrpjTXZzFhHdat_5ASFZp0PPb7GDsDv3ojfQCYnVzmDVinOkOHedQjAu7v2E1IdTpU0zHynmoWLyuuwEl8adwFNtTXYwNE7hhU86-rLF9pNYRar8YzvHc41muyx8rlhQnDDrS66g5Br9Uvig0ww8Dnkv0PbmW9EKNhL2RYPdMZnWNFfUVnDT5JE2rg65vXnEGkqcQA_b6eoygiiBoWKCEk2Ta_Qnu4j_mglpT-TV82FXnl5mC1y80vCTMdKk283MLLelyme8dqnp7YLWKbVDgvcaRPBTTFUAcjG-Xv7Y-3xZkfFhwoDWI0ONrShAayjzvT7ojnhBerXgdRAwEAUK6n-AkJClLwqUEyCh1pktwmVksCC4a9Ft04i2vnmTekKQNG0eUYpUr0Zap_6i2KUwDpgQPAhPBMwpd7AfdAoOh1taZkhlBgrisYCwAanQw7Hf83pstmJJPbBMpxDjgjX1P_hCK_U9HbzlvRb0K-wE7XGbdCiNt0bWMetqRntaBhKxH_JFpOipU1QMkRjFxKZHRHvSsdxYPxZGjUya1qFEP-EajfAMPmSEhr636GX-jMt82gHpJI8DBXeisVOZ9WoT1T81B0lq_JbwX2nn4F2tmPGqEqJt1iXoCn6Lj2LOD6w8-_J1FM91PSe9aesUaE_H4aYYeAGCS_0yqnJgohdn20mkupZh97Q2-QDM--nu0uUIDrN3WgPrN8dDrIoZswQncNUZk-RuPj3YpnCDCrw8Ez1S-u8EFiOuM5KJL7OpYHG253IPben6afV8ZEx5gNfdq_OkU4TMqrvzeiPxYRl9BPbekuNNkOQ6BeqegofT3V1uYGI0txYR_8U2FjDjXj6UIyFAjkeA2R3I6BpIWMdt2AJ_9BG3zfBMS_1n_VdF36iPISvg5EkG7CaFl3zazPP7l05o67eajnEO2oQhYubGQt1E2luAkwjHdHjbDtpq4fwvZ8N-N86EShpsrlm0LFUc5LY4H71Bo2J4rm-8Je2eqN3vz39lCbpX3kz1nhe1R8ttf0ao1eml-u_F_WUpR9GfuLBavlt4731QEJhh4vHRVI4MA5zjT0hzMt5ODfITn4TF0GmoVc6UFFP30QDrST-CM2nNu7QbuN66rkR1o-t1L4y9f6IrMDMWa9AxbGFVP6UDrg6SC0CHIIEhd4_As9pXosSzsLHYh3Q17LEuSLzhOlU9j_hwkv91NNoKd6_C_zdwQk-nWs_dgGX3lRselwpT5uQ2-_FqjooF-oP676ZpAiltRi-tP2CHfFdWeNVdRhZLzH1Py9QiAaHU8MuwKiPrlLAZ1VXSj87egjSKYotl7WV0HkE_6dqg5gGkK_HDd5Jyd5JyROGe5oqf-o3DPC8H9gAR1R9AHnuTC_hmk84V85JfCccEW4bGqPYjg4LmjRTscwhBlvuqh68zSuke8gx1qm-9tGmEYlM1yX_LFH8b_as-2WWG05R9g_zqYlxfb-H4dBdbIkBImg5REGy91-GM_LYDD1AvAkEzNDb7Dnutx39y6sVqIWQ4_ZTxZ4WkyHXig_Pt8NsZz7gttZLMeQXf4iEgepj1YLh3VW5ptIr_C8XTBcDrMvGiGR2J8q4jPA-RcBCGs4AjwVF8RUFNBXcPhZwbJhcFwJ0mCzliPB5EtP5COUtZryPAwuSc53Yh0dCky9xY5k9HtT_XQDeBFElb-psQlzkAxsFV1mru0tXM8X-eZBw7LaAkXFQBQVDN_AbxLEvN_dE3lyR2eClzrQg5nKxTuok4mty3KRRyUTy6NrtIpODbEZ3leG4fkSSL8VxC3GTnsD3tZTWSHuWsyVpPAGok8wBfzLD2o2mIsyGXsvkMLuQwouHIJ70Ft4iVpHQpxyK4x1L20euJ44devOx1sR6zdvqGgnW__l2hpEm_2j_hQ0snkMhmIGm0D1U4eDkCopNLaqjh4AjdXFVeonRfbH54vARIoIvfOHVXcJdW6ap5z0e0XmoxIg8PpbumkI_gROxp0HrmmrM7irtBDjLvL8v9HyddyOeXPfKWgjm4ldoUHgenbFbXKeQq2sBzmQfCqO1GxWw07COctXO4ohYT7jlAfpR8u5kShHhJdZPEJl0qh576VJnLddKMJSJaQdG8-4yoavm99CUjnEEJBYuQFojxEaoAx6a0QNL8rbTvQgmmyaOcFuQ_OEJJ_5RGg19tKn1on2XEvAsF-8ZqZtbCuoSFlQYDuZr-so4NFt4kQR60kKCWVJonIiiZMhXYGEytQX7duuVDmJzNSefd3T-gk5R6mqhyxrxbdr_5cNJvP1kTH_4_MFfswxb9Lc6VtlRjvBgegfhmAEn3JXV_P0xykfg5Xgn1Eh37P_k2gX_mEDjYcAtHT7K2LhXEKwJNuVP5lM5Te4tB_czP5tWp0P8__rWLyAHbf3_XI1n6ZzC_uaV3sbyCi4D4F9ofYwdirwM3-d8DGMmcOWxHCKkZOSgg&cid=CAQSPAAvHhf_Eb2j-OSZsHHYs7aXIvYjYI99aqSiHmHpzuWT35xc05y_EDSaP2DHTL-z_3DjKLMqII8wHeKonxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f156.1e100.net

Software

cafe /

Resource Hash

91d1430b4df37035b428f46a3989e2948291bb4c9170ec45945934a2066f72e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17633
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1121 1 KB
643 B 9ms
9ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 48395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Fri, 15 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5B86 23 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 247184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 06:36:22 GMT
expires: Wed, 11 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 067A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4ef5e9313a21d5ff2acd91b089e7fcbe1bca9365630d237bae7a0ed847e4ca7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 csi
csi.gstatic.com/ Frame 067A 0
17 B 27ms
26ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq624ry0&c=4043223067710&slotId=2021611533855&qqid=CIro4ZC9kIMDFZmd_QcdW3AEZQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 067A 41 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 067A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

109ms
7ms

Fetch
video/mp4

2a00:1450:4001:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/47D72A43AAEF4BDDD3245978666211CFB5B2A3FA.800D9F21CF61F6EE2C3EAF27E0260D246E99D827/key/cms1/cms_redirect/yes/mh/Xd/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5lznek/ms/onc/mt/1702608990/mv/u/mvi/1/pl/43/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:14::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 03:16:06 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4960007
Last-Modified: Wed, 29 Nov 2023 18:12:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Dec 2023 03:16:06 GMT

Redirect headers

date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/47D72A43AAEF4BDDD3245978666211CFB5B2A3FA.800D9F21CF61F6EE2C3EAF27E0260D246E99D827/key/cms1/cms_redirect/yes/mh/Xd/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5lznek/ms/onc/mt/1702608990/mv/u/mvi/1/pl/43/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0224 0
17 B 28ms
27ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lq624rzd&c=101957989913&slotId=50978994956.5&qqid=CNPA4ZC9kIMDFYWe_QcdpbMMPw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0224 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:29:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 542788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:29:38 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0224
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag...

0
0

91ms
7ms

Fetch
video/mp4

2a00:1450:4001:17::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5D425962863C5B5F8519D1522D18CB959E4AD15D.6DC4F91E85ED80715B3869371535ABF755985DE9/key/cms1/cms_redirect/yes/mh/l4/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5ednde/ms/onc/mt/1702608990/mv/u/mvi/4/pl/43/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

HTTP/1.1

Server

2a00:1450:4001:17::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Fri, 15 Dec 2023 03:16:06 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3280167
Last-Modified: Wed, 29 Nov 2023 18:22:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 15 Dec 2023 03:16:06 GMT

Redirect headers

date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5D425962863C5B5F8519D1522D18CB959E4AD15D.6DC4F91E85ED80715B3869371535ABF755985DE9/key/cms1/cms_redirect/yes/mh/l4/mip/2a01:4a0:2b::4/mm/42/mn/sn-4g5ednde/ms/onc/mt/1702608990/mv/u/mvi/4/pl/43/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0224 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7079de9554e7413b3aaa0c3c9fe8883c7adc9b02b856da74e455aaacaa5b82bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7E65
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGCfETfiq_qA-3jEmSZeW9U&google_cver=1&google_push=AXcoOmTyfO4Z0JD9xOyc1Alcmet-oxjI-fxptZPfFCJWxyRnnuwT623gpl-Trb4OuUuwXPF-Tf5iKCTMlEOg0jC0vK2dGpdz9uN1DBD1
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODI5ODkzNzgxNTI5MDM2MzU5Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcSgl--GP8Qa3BmkNvey0Y&google_cver=1

43 B
398 B

76ms
14ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcSgl--GP8Qa3BmkNvey0Y&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOcSgl--GP8Qa3BmkNvey0Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 7E65 0
104 B 116ms
22ms Image
text/plain 2a02:fa8:8806:21::1720
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEH_Oo-Mz_I65r5nVFB4aTGg&google_cver=1&google_push=AXcoOmTUCzKKU6r8myGvj1804LdCW4g9OSW36JuAMf92RfFkxPmL9NPNG9fEjDYAwXf9UfzvJADbJjrY27gg8wFwIC5lFka_uaL7mOk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7E65 70 B
149 B 117ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELlDGHzb-nxeo70eD63cvvY&google_cver=1&google_push=AXcoOmRqghcvdlEPXTaJ3MTH0kDau5x7U3ae9WS1LI_cVoAVpaOnBEkFayZgDUX3eLymEkvVs5LkD8-C-cV2E3htr1m7d3V0DUBoy1WY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7E65
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEGulQqbhrChyh-13DK7vKOM&google_cver=1&google_push=AXcoOmSQufdI3mDgvtBZ84ZP0-qITNWc3etPS4SwE2dy4Rf882mcFQ73JrdA1jLDO50z37W_J6vpv-xCPf_55o...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjY1NDk4MDgwODg5ODcxMQ%3D%3D&google_push=AXcoOmSQufdI3mDgvtBZ84ZP0-qITNWc3etPS4SwE2dy4Rf882mcFQ73JrdA1jLDO50z37W_J6vpv-xCPf_55oMf2Z...

170 B
329 B

35ms
34ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjY1NDk4MDgwODg5ODcxMQ%3D%3D&google_push=AXcoOmSQufdI3mDgvtBZ84ZP0-qITNWc3etPS4SwE2dy4Rf882mcFQ73JrdA1jLDO50z37W_J6vpv-xCPf_55oMf2Z5LJnRsDIjU2nqG

Requested by

Host: taxcalculatorphilippines.com
URL: https://taxcalculatorphilippines.com/

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMxMjY1NDk4MDgwODg5ODcxMQ%3D%3D&google_push=AXcoOmSQufdI3mDgvtBZ84ZP0-qITNWc3etPS4SwE2dy4Rf882mcFQ73JrdA1jLDO50z37W_J6vpv-xCPf_55oMf2Z5LJnRsDIjU2nqG
Date: Fri, 15 Dec 2023 03:16:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E65
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEO_WDA4bHk0VJzFdN-eO79M&google_cver=1&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3y...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEO_WDA4bHk0VJzFdN-eO79M&google_cver=1&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3yDn7aCLvM

170 B
188 B

28ms
28ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3yDn7aCLvM

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQI2wEkrWLnHicDCkzTek5fljRlmzK-HyNtxRGDwOtGfRsp5wZRfXmO7qwWdBEMfULRxV6_7EhDnVqXrM6n8ss7B3yDn7aCLvM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7E65 43 B
362 B 61ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSxF-PbNYjNUuQSn7R8NXsuTsJDEQYfviIMMPmvn1o5LRhoPfHUXafdaebCetZDFJsNSaTflibeCILGF3P6heqrl0cmbdMKHSb8&google_gid=CAESEHY4vAWzGagIzNdmx2rLvcw&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219492
expires: Fri, 15 Dec 2023 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 7E65
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENRmok6fqg8m...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmRyM4L_GC2azjMfq_1RhTg0n5zkWGFufS45R6OVu7o-cLdGDUgVcGCRpmL7_2u0fmkmFers10M_0pywCYLFabhEf8fhXtd-_ezTuQ
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

38ms
38ms

Image
image/gif

23.32.185.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol: H2
Server: 23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-35.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 15 Dec 2023 03:16:06 GMT
pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7E65 0
139 B 74ms
27ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6T_g5xbftFrTcBudLACgEnvE2g6v8qyQkPb5xjd5EJFX0WzmEUFSPCmpzUSDiHjVKJKghLQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1121 35 B
464 B 35ms
11ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGKJAKNyyss_dYto39y1Pig&google_cver=1&google_push=AXcoOmSaW4WuUlr-FM331iV5bokpG8MFx9L2ctR_K2ZXAi6HjWNMJHr66tCIDqpa7XzmDAmK7v0DvkZp7zj7HnHoCAwLR7BCFmcxAbI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1121
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ODRiamRXUE8xUmRZR2k1&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cver=1&google_push=AXcoOmQ7TvqIG_hUoaLrCbTFfSkJ1xRZy7xoxTQJ9BwIAki...

170 B
188 B

31ms
30ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ODRiamRXUE8xUmRZR2k1&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cver=1&google_push=AXcoOmQ7TvqIG_hUoaLrCbTFfSkJ1xRZy7xoxTQJ9BwIAkijw5gtDvcu1_Rns4BP8q9Yr6eJ8PJsiZd_oQtL34gij6IJnCWo2tOuKIM

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 15 Dec 2023 03:16:05 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ODRiamRXUE8xUmRZR2k1&google_gid=CAESEPY18PaAkzkW7fYFzOj9rmQ&google_cver=1&google_push=AXcoOmQ7TvqIG_hUoaLrCbTFfSkJ1xRZy7xoxTQJ9BwIAkijw5gtDvcu1_Rns4BP8q9Yr6eJ8PJsiZd_oQtL34gij6IJnCWo2tOuKIM
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1121
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELnLlZ4DBMFEaDJeEeGLyqA&google_cver=1&google_push=AXcoOmR09xVJjGEvcj77YoMg9dvFFyKVGgu_q5i7pZR8ht6YodgHqRrGqESTFN0qNdtcWzFynnXa_fSM32Nfrg4XldeccWbBcJQrFxnE
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8248667396AE4E40A42EE21C3780017F&google_push=AXcoOmR09xVJjGEvcj77YoMg9dvFFyKVGgu_q5i7pZR8ht6YodgHqRrGqESTFN0qNdtcWzFynnXa_fSM32Nfrg4...

170 B
232 B

31ms
30ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8248667396AE4E40A42EE21C3780017F&google_push=AXcoOmR09xVJjGEvcj77YoMg9dvFFyKVGgu_q5i7pZR8ht6YodgHqRrGqESTFN0qNdtcWzFynnXa_fSM32Nfrg4XldeccWbBcJQrFxnE

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Dec 2023 03:16:06 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8248667396AE4E40A42EE21C3780017F&google_push=AXcoOmR09xVJjGEvcj77YoMg9dvFFyKVGgu_q5i7pZR8ht6YodgHqRrGqESTFN0qNdtcWzFynnXa_fSM32Nfrg4XldeccWbBcJQrFxnE
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 14 Dec 2023 03:16:06 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1121
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEN43nBAg20LiXNhfGTFzM6M&google_cver=1&google_push=AXcoOmQhoxQiIokmgUQMjDLPkELOLSOgZP2dIzVSIkzEjK5e6fzLKxeoaoflUQP80jsw6UNGq4wZvq_zzPx...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhoxQiIokmgUQMjDLPkELOLSOgZP2dIzVSIkzEjK5e6fzLKxeoaoflUQP80jsw6UNGq4wZvq_zzPx0fmMzf0DJQlU0-GFx8aXl&google_hm=fri5qOmgSDygcZgJ...

170 B
232 B

33ms
30ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhoxQiIokmgUQMjDLPkELOLSOgZP2dIzVSIkzEjK5e6fzLKxeoaoflUQP80jsw6UNGq4wZvq_zzPx0fmMzf0DJQlU0-GFx8aXl&google_hm=fri5qOmgSDygcZgJ3srshCo

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQhoxQiIokmgUQMjDLPkELOLSOgZP2dIzVSIkzEjK5e6fzLKxeoaoflUQP80jsw6UNGq4wZvq_zzPx0fmMzf0DJQlU0-GFx8aXl&google_hm=fri5qOmgSDygcZgJ3srshCo
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1121
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESED1AZV0OkuZHyTxSrYaShZQ&google_cver=1&google_push=AXcoOmTLwbNgzuuwaVPzRGKegGRKc2u916ZO0PtPhzfQY4fXvoxYbstC6urPIsXBKFlRIOtUJX9lRp0-5oRg1dD1...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yjxiuEi0SBke6saH3OLcuA&google_push=AXcoOmTLwbNgzuuwaVPzRGKegGRKc2u916ZO0PtPhzfQY4fXvoxYbstC6urPIsXBKFlRIOtUJX9lRp0-5oRg1dD1zsuURbCQB7gN6li-

170 B
232 B

31ms
31ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yjxiuEi0SBke6saH3OLcuA&google_push=AXcoOmTLwbNgzuuwaVPzRGKegGRKc2u916ZO0PtPhzfQY4fXvoxYbstC6urPIsXBKFlRIOtUJX9lRp0-5oRg1dD1zsuURbCQB7gN6li-

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Dec 2023 03:16:06 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yjxiuEi0SBke6saH3OLcuA&google_push=AXcoOmTLwbNgzuuwaVPzRGKegGRKc2u916ZO0PtPhzfQY4fXvoxYbstC6urPIsXBKFlRIOtUJX9lRp0-5oRg1dD1zsuURbCQB7gN6li-
x-host: tde-deliveryengine-production-8567857d65-fjsmc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1121
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFLdiX-Zopd5lTTook3Egyc&google_cver=1&google_push=AXcoOmT9UPFaWTVzjFVhLgBnMIYKXl8C8BwborRM0bP7L4SlgECSoT_-ADkq6SeYK1Wdh1oWo2OdIl9uLzyKHi_0IVUnWLC...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9UPFaWTVzjFVhLgBnMIYKXl8C8BwborRM0bP7L4SlgECSoT_-ADkq6SeYK1Wdh1oWo2OdIl9uLzyKHi_0IVUnWLCsGzVmBvU&google_hm=eS1uUjE0WXNWRTJwR1l...

170 B
188 B

30ms
29ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9UPFaWTVzjFVhLgBnMIYKXl8C8BwborRM0bP7L4SlgECSoT_-ADkq6SeYK1Wdh1oWo2OdIl9uLzyKHi_0IVUnWLCsGzVmBvU&google_hm=eS1uUjE0WXNWRTJwR1ltOHRlSVlGSHdVYm9TdEtDZFRMMX5B

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 15 Dec 2023 03:16:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmT9UPFaWTVzjFVhLgBnMIYKXl8C8BwborRM0bP7L4SlgECSoT_-ADkq6SeYK1Wdh1oWo2OdIl9uLzyKHi_0IVUnWLCsGzVmBvU&google_hm=eS1uUjE0WXNWRTJwR1ltOHRlSVlGSHdVYm9TdEtDZFRMMX5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1121 43 B
363 B 50ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT9ArPvhvoZq1tz6XYFXY4xrkfoNIxaqX99V-HD1MVBDYxY8Fgh6ade3NLKqH_edh77uDIB9F9rfszEFUaWRM3f79U_Q3N7XbM&google_gid=CAESEOxaaOBnE9DA7aVNmOsIVbA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 233587
expires: Fri, 15 Dec 2023 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1121 0
49 B 65ms
28ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkwNnadeOslK7NhhSuqjpi9RV4mqUhTviC4lrAYRphCeE9NMH40qTqaotYN1Q0ClUtDDxJ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 75FD 23 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 247184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 06:36:22 GMT
expires: Wed, 11 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame FFB6 23 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 247184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 06:36:22 GMT
expires: Wed, 11 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B86 39 KB
15 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 10:34:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 067A 0
0 48ms
47ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CROp99cR7ZcqZFJm79u8P2-CRqAaN0fHIdPrX352fEsqYu6PpDhABIKOx-iVglfKGgpgHoAHcxoqJKcgBBakCXOhPu4Vwsj6oAwGqBKwCT9DoByFeRSGohW6YMRahLwBlL9HtnCB0peSB1uFzf280X2quMq3tiD68QgfOGYPsfcVHcNBVmPIAMpBk-Bs56WQj5TWFDKHIXhAOv8-KrGhSAXslDIZ_eobItXw0YNVWTAXjRnvg7k6P6fePNjg6ou8GnURJZf328IDuwhNfYI1XsYmGtgFx-CuD5UoUdh7yeU6X6j-11SuNzT7X4st2JMiDHBjxVefTUNcsie8ZpUsoCSlLB6eX0JJYlkBdrjqPJga4VdsjaWGbilGjL5_IgdmzAEu93ynxS0h27tBJw6rpEa-tlrBfZWDOmT-hiO6Dbio6AWCOaTdk93pGWSgwCJEOrdA3aDW94nMP2kncPvbG0Oa35qpB6_J1wP3XoluEIPFsNFwmyTqNLXpHwASxvoS10ATgBAOIBcaRhspNkgUGCAMQAhgBkgULCCIQAhgBSKzgmAKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ1qUNGIv2_v8B0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlinyOGQvZCDA4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQKwE7Gy7BXIE82Z_-MD0BMA2BMKiBQC2BQB0BUBgBcBshccChoIABIUcHViLTkyNzA4NDk4MDY1NzEzMTkYAOgXBQ&sigh=tzg69NVR6UQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_izI1anJfByC3OzxEDZMJ2tqJh8emZE3IvnICH-aNiENjAZ7DJAp3eNaA8Lukdna3JJwqpex12xgB&vt=10&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=2980879607&pi=t.aa~a.4216074152~i.73~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=987&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C728x280&nras=3&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=4442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=10
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0224 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRNH99cR7ZZPyE4W99u8Ppeey-AOduNzJdNC1r6i0Eprdv6DUARABIKOx-iVglfKGgpgHoAHcxoqJKcgBBakCt9_W3tFxsj6oAwGqBKMCT9AQtLWU60OY19L990swyPwhYWKnCOVHZyT0SQqx_FocrH1IeOyzHnV4n7Zjq9YWg6bK_x3z9k8F_MUWhizmg9TTNI-Bm1jYNejK0Y9b3kDT9qsYk_vYcRzd96LnpYa8YQoQR0EQo19AEE4UYfXeQ-jDjnnZpMkOHWzisWrH8n0TV9dPqCj4NaFYap7nqRw5PXpQ73UXKQ5UxzobIDnbdvSKbMPtB1v_3JDGdd2lzp2a3MW2Mhq_rL0BgesR5zg6MT-vsmgLOpxOaAqcaSTlXEAYYSJcGxlCCUKeMiggi5IzbV3-BmzFRPJ6qloiwW9p_kaWwpyyKYe-rEXiQnMPv69tXYyI2E0RRHPPnKC02urvF_HekKuxXzDo3KFIZjKzhPvzwASGncTuwATgBAOIBa3D78tNkgUGCAMQAhgBkgULCCIQAhgBSKzgmAKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQ1fMNGKbn__8B0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliApOGQvZCDA4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxArATpbLsFcgTt5j_4wPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItOTI3MDg0OTgwNjU3MTMxORgA6BcF&sigh=oQQy7NArUoQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_Eb2j-OSZsHHYs7aXIvYjYI99aqSiHmHpzuWT35xc05y_EDSaP2DHTL-z_3DjKLMqII8wHeKonxgB&vt=10&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&adk=2737048788&adf=3247881204&pi=t.aa~a.4216074152~i.19~rp.4&w=728&fwrn=4&fwrnh=100&lmt=1702610165&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1838042067&ad_type=text_image&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&pra=3&rh=182&rw=728&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610165297&bpp=1&bdt=986&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=2&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 87ms
60ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2250de284fb116b952ba2b5cfa61ecc3e7368be14248bdfa695f7f187f5bad1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 75FD 39 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 10:34:36 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame FFB6 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 10:34:36 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 03:16:06 GMT

GET
H3 206 file.mp4
r4---sn-4g5ednde.c.2mdn.net/videoplayback/id/bad2d6e1a9f12396/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0224 818 KB
0 17ms
7ms Media
video/mp4 2a00:1450:4001:17::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:17::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 15 Dec 2023 03:16:06 GMT
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-3280166/3280167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 3280167
last-modified: Wed, 29 Nov 2023 18:22:30 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r2---sn-4g5ednly.c.2mdn.net/videoplayback/id/32ca47640c8a13be/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3846240834/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame DB13 2 MB
2 MB 20ms
10ms Media
video/mp4 2a00:1450:4001:67::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:67::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a24e7b3830e2c5212d6ff52b7af0ea8b6d0bb85141bc9c5d9d4534b14bf87a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 15 Dec 2023 03:16:06 GMT
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-1715587/1715588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 1715588
last-modified: Tue, 05 Dec 2023 16:11:35 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/c303481f705fee12/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734146165/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 067A 200 KB
0 21ms
11ms Media
video/mp4 2a00:1450:4001:14::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:14::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 15 Dec 2023 03:16:06 GMT
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4960006/4960007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4960007
last-modified: Wed, 29 Nov 2023 18:12:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5E3 13 KB
5 KB 16ms
9ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 22:24:23 GMT
expires: Fri, 13 Dec 2024 22:24:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F075 829 B
559 B 36ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82ea79c366dcea64ec42263fe46faea0081e0c353cc97e5f70c5430581245023

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eFVTJzEYA_aJasxULuLw1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://taxcalculatorphilippines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eFVTJzEYA_aJasxULuLw1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 03:16:06 GMT
expires: Fri, 15 Dec 2023 03:16:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dc_oe=ChMIsr_9kL2QgwMVeUgdCR00qQsWEAAYACCD38liOhoIuoXQ1gIQu4jbyL4EGL-kxOMDINO1k6aYEkITCLPAyJC9kIMDFV7HuwgdBX8MHA;dc_rmcid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOK...
ade.googlesyndication.com/ddm/activity/ Frame DB13 42 B
401 B 124ms
48ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsr_9kL2QgwMVeUgdCR00qQsWEAAYACCD38liOhoIuoXQ1gIQu4jbyL4EGL-kxOMDINO1k6aYEkITCLPAyJC9kIMDFV7HuwgdBX8MHA;dc_rmcid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOliDo8iQvZCDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D16%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702610166350;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DB13 42 B
64 B 61ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGWla9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMByAObBKoErAJP0PFbu5Shc9oZFNahGCCGSHnNB7kRJW3EHIY-2XBFMtQhEwVYkR1ed-SJt4J_0P2ISQmqHGsY0X3DD1B2qzvjCJkular2WTW3JY40-jhxChfTgjLL8RuH9b4Q5DF-NHoYsmosugD9iCZ21VxybMx8dxxt7iQoFmstCy4lF57E1NZZQB0RUlxYcvKTMXVEgyVOCKYqz8DF8QYqeMLx8VykfxwrqaQVsDOwAsJxoOky_8ydR1460qirBiOh63Uzj4KkdKzC4wjRBbeLVnF5hTTueJCoWRTQMViTtM1GiEqK-EVQUs5laioBU48CXmpoRv1_W4i--V79PO9f6cWhUsD8VOSxFYYvlsyKJRnzTXX8tgYMm_aMI6qMT0rdkf1uqtr2tFNgfzJ2-aKFsCzABLuI28i-BOAEA4gFrcWtx0yQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg6PIkL2QgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=qmeJtMXYI0Q&label=part2viewed&ad_mt=16&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D16%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702610166350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DB13 0
557 B 154ms
54ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOF-4u3KsCzdogz1xW0VxEV7PXsS1YWOqHfyzYAyETA9y6DyVYStLHsKX8PU0P85r4MkD3n_lupAC3Tdxu4LCvmTeXnsRtSuZiqo6XkCGKTY9xjD27ZbpP0FKJcMJJi6TU3iZ6XcBrQuItYB9gH51WCBIOuOWTyKs3RHzSDhNcZ5QJOZrR1wKcZMmqJTLrnd6p58PxpGdX-NvI1ydN-L73WH_-o_-Ure3qV50Tt8oQiEVv8lw7w6UMhT1PDAj_TbgEhE3hLkai_ss5s_e5naezKOmm7Ov6nmN6gGBnR9Uevgug_foQlBGt7OusjxEMHQbwim9Rf09YIvS-VKpI4S4_ZgH6xm21-X1VfngFy5r4bCf_6k6u6TZE1-XSoSUzNz3T1jK85GNbHly1fw37P_fB7HT2G5XpIjAKybzM2tdQsmbcOIJCO43eQ-z0IsUJ2eYjvGXAO7tpUlURdZ5GK0Mkal9Zr7j7ceFV80GoZOYxewsow-XWBM_k-rULiyVPDMvT8HWGFrMPGVx8YGDNE-i6SyESZm60cZuqCVsNzPin-AdghgmQcPOWIvn-QUeV4Hpt_C-1K1SwA6aZl6FK4ffgXrPc8W8UKCjCVK1PWTXp2sWkytxsB8IpYwygguR4efzxgxsMBlIVNFPuXFzPhnjNu3fvf6ozhQRzyFpJIEr_ijEdhK1DrXfrxQ1llJEkdud9Tml4HpcLZWc0NFfs7SBIRS03sney0Cg1XYJgI65sPO84blLLLwsvy_P94BsILAl9Lc-viWs6LjJ1OSrz_O0FlBulxCwdZyD1p2rKCrSLz4lqhay0dNSOvROudeMJlj9l6xV8H2bco1VhH-KzoMJGEmIcDLQb6TCT5WMekExGz-rG-vYgN74L1-BsaL6aM2jqP0AuHBVcs8n32Y-u1zfoNFikbgPcz1XLweEOelLVSpf8EegcW3KsjAh6csXSaNLRihHHXjRulOe2Vp6fQtTdKkS2EnHM7op2IuLOf62CydQVBhjx3jzbRhZBFHGueTYIWMcxrK8iLSlU5WX_oFHtQUJrT8bX9fARk5XPWnzvNyp4AepdePHnqnuoaow4iNjblFQOWJ7jIdUPVNRsZ9L74n0AXQ46fLmPs7LAl4V69BLTz0RXK150KxQCZ0nXuj3k0OXdZ2MAUlz2CekFawUNTOnK1n14tTf45tG4fi8z16MrW58UPTabCO6PO7zHCL3EkmSEhSjACyTZjmfyQ4J45K_4cTEFfCk5tIFtDj1SIt15b0Eg9gI_EDbEC_u2NFklPzZ7mVQZ8g_YfgEC8K__ZG0-Q0lwcrftWvSF2BHOvPGw3pTErVr53yq4xsvExjhTTQa2QGM6PSsaOgtsAUfqEs-KYUQZqbPOJ7mujpYecnwV85qw69t_GCnqHQw&sai=AMfl-YS1U4tsJquvJx6KRAu-84WUZr6PIQWcKrmq8Ttr6T7X_F5-CD0wSLT2d0lOGyKugkwg6GfD4xSeQ3PhT5c-lccwQmVhD5A0eJQPCISLXnVYrd28OtvgspapRspDO1QackcoVLChEV2umc3uQhrfwfzujsB0DWINAgGg_L1NgyJs6NKkgM-APkkDAOId6dn6HreuGzmkLe0cOdpXwLg7X0FTEkggni0z5Ou92uKYK03PqXvGVpQazjdgOUW1kFTr6uheTSwcga-Mnmk9YR9pLLLiifAW1mnG2IbRJg&sig=Cg0ArKJSzM5qm16whtB9EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adServerESI.aspx
secure.insightexpressai.com/adServer/ Frame DB13 35 B
2 KB 98ms
36ms Image
image/gif 2a02:26f0:480:9b4::1ec4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.insightexpressai.com/adServer/adServerESI.aspx?script=false&bannerID=11784158&siteID=N7657.3553448DISPLAYVIDEO360&creativeID=206729091&placementID=380567266&rnd=1242229218&gdpr=&gdpr_consent=&redir=https://secure.insightexpressai.com/adserver/1pixel.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:9b4::1ec4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src ; style-src 'unsafe-inline';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Fri, 15 Dec 2023 03:16:06 GMT
P3P: CP="NOI DSP COR NID CUR ADMa OUR STP STA"
Connection: keep-alive
Content-Length: 35
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: unsafe-url
Vary: Accept-Encoding
X-Frame-Options: ALLOWALL
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache
Feature-Policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
Expires: Fri, 15 Dec 2023 03:16:06 GMT

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame DB13 0
162 B 160ms
34ms Image
text/plain 130.211.44.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=10242044&cmp=30443038&sid=5513185&plc=380567266&num=&adid=&advid=10957991&adsrv=1&btreg=572283934&btadsrv=doubleclick&crt=206729091&crtname=&chnl=&unit=&pid=&uid=&tagtype=video&dvtagver=6.1.img&
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.44.5 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.44.211.130.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 15 Dec 2023 03:16:06 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/14/2023 03:16:06

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame DB13 0
16 B 59ms
55ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyAIxC6hdDWAhiPnpb9ASABMAE&v=APEucNUiX4aSagTT-7LACKigMNX9VrPbBaLQaWSiyVX2YHxlGAQN5_I7yNdKvAPfChZhRkervYj1KeK8J-q2QWsFstOCPY-NrA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DB13 0
20 B 53ms
50ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DB13 42 B
64 B 54ms
51ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDeQSLctunxEN_gNVUT7PRKTqf5rAaNgWAOFrjVerrH8yAkg93Ss2A4byNWV7DegfI_SVyHqxbWimPRYNDb4stN_GsaCiPIbpC_PEYzTImh4xNLlpQdjLcxZtm1hFbOLFI7LVu0aGHfPU&sai=AMfl-YRsvjsFMJpgNohHu1Zl9lnvTiyVOhxx7O0l8EAqXpgi9YvRG_YMUqf6VV49kAuhJbpKzzua4pTN0Pd4bpC_Ffkgmkr_h_bkSeFVfRxvP91BqpqSyPIu3ETPbcrAspU4oZPNm-fgKIhjtJUm0jgc&sig=Cg0ArKJSzLVYuK-2L3YPEAE&cid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D16%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1702610166350&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DB13 42 B
64 B 58ms
55ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGWla9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMByAObBKoErAJP0PFbu5Shc9oZFNahGCCGSHnNB7kRJW3EHIY-2XBFMtQhEwVYkR1ed-SJt4J_0P2ISQmqHGsY0X3DD1B2qzvjCJkular2WTW3JY40-jhxChfTgjLL8RuH9b4Q5DF-NHoYsmosugD9iCZ21VxybMx8dxxt7iQoFmstCy4lF57E1NZZQB0RUlxYcvKTMXVEgyVOCKYqz8DF8QYqeMLx8VykfxwrqaQVsDOwAsJxoOky_8ydR1460qirBiOh63Uzj4KkdKzC4wjRBbeLVnF5hTTueJCoWRTQMViTtM1GiEqK-EVQUs5laioBU48CXmpoRv1_W4i--V79PO9f6cWhUsD8VOSxFYYvlsyKJRnzTXX8tgYMm_aMI6qMT0rdkf1uqtr2tFNgfzJ2-aKFsCzABLuI28i-BOAEA4gFrcWtx0yQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg6PIkL2QgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=qmeJtMXYI0Q&label=vast_creativeview&ad_mt=16&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D6016%26vmtime%3D16%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1702610166350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame DB13 0
17 B 33ms
30ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lq624rxg&c=3940083227759&slotId=1970041613879.5&qqid=CLPAyJC9kIMDFV7HuwgdBX8MHA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&dm=6000&ple=1&umsem=0&event_name=first_play&asset_bytes=199264&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.14d~ff.155~videopreviewstarted.157
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F075 0
0 42ms
42ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2704516694308573&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B86 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BU1Dg9cR7ZfLwL_mQ9fgPtNKusAEAAAAAOAHgBAI&bg=!6Oul66TNAAY3kmNgF5I7ADQBe5WfOOVEZofLuBAnWqkggUSSwpQ3tuu0PhsRs9FhtyPcW3AHRG0rnR4nYfy4YPCIRYwCAgAAAUpSAAAAA2gBB5kDK82Kik8eu2YEQ5fAO2vf15VuyGF-YFrytwqgyLdUO6JVQxzTeBhN6veEM3JzpGkR2qqEs0rn7Hqgx5kOWINqse41y2iCpj80-u1XdXcgIwsAk-6pni9YsygKtdDeyep7PR6wd6xxps1031uE4NY0PHFrtYfr9LtvAOGKi_9s-ZGSjTpKYE8f_lQ-Fs6qFrfk2uW5tOcvEdTqnZDSb_meskunIE8ZPJYdWC9DE1jt7PDH_gzHE5zIVe3ssBpkvccBkcCLQw6aed4umphz0s1mZ4l9Q3NDTUtmB10KAcEj3kOioc35snEMfs43ucJYM-pZxMVOLlAk-FfxVstqfQSCN12aWvY-C92v33RPYxJsu13j5l6snhNFgzpdlMFEsu7HoJUJ-U1WpoTZvDUbqII8jvrQPZRirAgTIGPjrXSE_2sybl64L5dqBFCplyQSppLwTRfUQtC5dZuXw3K2TJDoUIiNnIMMJ7Cqe7zmOwaXu8Gb5s2t_XWlYtUGOnd6cYkyiJN8LQ7UmqXTqnudW5eT_xq0ksvGy_vBJ1AT4VChYn0vgsAYqZT90DUgNaaE4XgjIP1386Fc8LuGGw38PFhoMdpHY0cBfNDkenIvR2p3mgkMINlKAxfyBFYL4FYhuTOdmUQ3JjGyWH_c_cBkCgkTe19h69-k-Uu8P67hGFF9C4ysCFTY8u8N8bhWhrKtE-WFHQw0m4Adzrh6QG1mV4u6i381aBIRAM-zVvTeoIvxoOLZ2TfouczSGC3m_F5ou9xvZxRxptVjAnuRmW1aGV8XB4mHzzlmOaT5FoARV087dTny9HT8425YPENOFQ9ZrbZ7QhaUpiJE4fVUenKBDVfdTMD_GG6OhvXKRPlkYErslV2Xyw7wWyPmobbjUDTvirMuJ7E8m2QMpNbM-xm5GI6I608foaWBy3HQ68M0TcJQJ_kbOv3yWwbIRF9H49GrBpFNRxmbfh5vHeE3nxrz6sG1l3yN6jFfP9RbmPo-kqq1tRZCLTtCut82dmevD3UZW1G9CM9xtf8zXnEO3x2pKW81nLS3GoEaaIDOhfoiIZu2vkDy7KV8bgE8BTC7F_s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E5E3 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 10:34:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 75FD 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BZ3WQ9cR7ZcjdNsbMnsEPvqewkAYAAAAAOAHgBAI&bg=!4-Cl4K_NAAY3kmNgF5I7ADQBe5WfOCc-p0T4Wv33Nq1pYggGWBlbNO8DfG2i82TpFkIDPXPOVTRWkCVFMVdpr6-MX7eTAgAAAVRSAAAABGgBBwoASTnwzGbkIPn2atVBfNvd0m9SD_IYNUtt1zynS1i-4QGLvH86-IYvAjRv8IJU3aYt89cpyBklJcfNw5psLqbJl7aPH1GZ8pfID8-ZAx7HvDjHNSR7LOT_dMMza-_-vSXxhbwKEsFDvQGOWdjaskEI_lTptx5bZkNjrFJY59G3V1xhGR6698L-Spf9dqatzq7IY_LpJytb2dNkiiFkfjybqecSlNzYcxi__3HyDqStlwTkRSqsPawTyBLF64-P3jJQXf1MurDJSkj_gcpyZH8sg24BTeon55sqzygOcL7uj4Y-cWyxTnR8frQpbPf-fJYIahsgAP6WEmxr9ErGT5Vn3OMAWYzrN8Qe38S2QVJhfmykwXy-FNOQcevSwhSwSKH3mt1UWe37lXzd5WgLKyMHvIQY0n3PWZOiPOGiKltFH17cBQiJ_2bDDDKvZsVqm0gwmUCLGZwuxK9dTfy4_mQTZ6iwRo0bJh5HQnV9J6sCfsa7yEgEcBlGmYzM5sVe3GHu9Rt6_mM7Dm_BzbFa8xyJHzDkaBJ9_OoQNKmvnUZ1oh36MbJ31XDCYeSInMWp2XyfprIgAW0OXGrFAGaWt5uYxzP500ICEVE9LBFxmhrGNeRNy9hq-dS1yZm0zK77rKgUHMbKXaLRMCuNUfV4muWSTwEH5zav2fo6RtCfX2IMf-ilcasK67FVfWM5SHllI1L2TaLr6A8qKNJA2SmEMjjPbxdehp383vsYEJJuqB6wnNQpNHXoVGWcrTMueJojz6oBFnJXIpD6eBMncY8kjMd-hlbHRV8Jy4ay0adgD-bRjyno7Zsg9X307W0DItlrz68-TLSoa2DYOkgJUXIoHsfEMr8mk2hfrz64TkD9YiJKHdEVBF6Ln-pBWJj9XrGwmtJ_NGt1chSgTD-xthXnZA4xZOlvmoctqrb2oDllfYI4XV0WxMoeXE8Cr-UUwkERMhT13u794-Chp_z4ikvwDhrsG3J-MAmS_2CEV4PKfj6fYmDx1SVoacjh9M_kzhk7vkcKcJ3XgcKhs5LCeN-DXeHh8hVxpeim5xmZVWgk8PkThd8-oyMZerwQTbJ2jz-d483MVPIIpUnxL3FX1HlKa_JxgMxfEzCqmlFIHRoV1XaFvZYpQMlcGE00qplYH9H6pJAX3CPTFWZqSR7jE5U

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFB6 0
20 B 297ms
297ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BPeLB9cR7ZYDfOYWQlgSvzpaYDwAAAAA4AeAEAg&bg=!BQalBknNAAY3kmNgF5I7ADQBe5WfOE0X0XEjccebysjxwdu0_tDepQ50L0qXeZg1M8u0G9YUSDF0lVkee70yfMiV96kSAgAAAUlSAAAABGgBB5kDKVr1rBwd-lnIhIp76SR0uU-VXcMr4qGeuT4ydc50zXPnKSe2x67PgIu3RCLKrENY7wKMwucaMAUdBFS7uOccErV42YcQFd3RZB0yBDQ9_X275YaNPGstesvQVoPpV1jMmdpibC3HInWUO2wfR_jjHCuBbWh4K58ydpaTsa1ab2hmT0r3pxetBsM7_3aE83dNknRHl_lxvVK6S1tyuDGznh6hYBgpRUEk7rPSo3NiOJp-B-WjR7Hkrwbs6_w3nOVEXYD78wI-rDXhnMXNqpberzbqQ5uCBLuI8pEXYaOmclNhQxT1CHTn7N5aDUTKujP8pGUp6ASSv4TLc-mwbysSthUky4j5Lyyw4cuQ3IDXbAC60T6JoQPHfpT0wrKvffGTey1baDlA7XX8zZ8uYeRKHkcJJQ3hQJZWDUP1JX3q55_TxQgpDVJAnpWbx0Wk9s0a1oFeeYvXIQaRvrpKvLK3ojyrI8Woyu9nbT-Di0sOwANwRquL5mEtpNUaLhLOOFrZLX6WvWqgU3pQMGoKm-niUD8z3KGk67SAe4OeOObYBRz7Kk0TC1QW_aAiiD1C9HjPLzDHhS1OrOwslTIT6F60z6xulN2UGm7bBR-ly3tDQFHiWcXcZh2SlpAB-LAbb4LQCfs-QdX-6BgpFnAXuf1lZkDifcFYVzOjowXbNzPYIPX3ny6zRqHv-00PDpSBQIC4GRm8arShHYr5ORJTvGrJPa_-8sa5ptLrZd57HrkClKfObyoD3GRY69F7FGYlulqwqLBiLtxmiMXZ1s9_IvgwGOOFrHo8EUvkyWdEVWbL7aZ7_LOzPgwq8saKgFxF2LKJu5R0nr34ufGUCcekfrOYkgYkXuN04HxrycFeQjchwxZssYMX4ozpMlwkweYQ-ODJ-eHL5oP817IejtiQgIH2gCtPvVz92vABncNRZuTNI0KaLSK6ssAvQcCjVmq7JWcYhA6dJu21QMeZupqfwBfbaTJbZIeqLpXKtCCcmu8N2bE1TuDPhV4Pg1UppntcfnZxB38SsuZGL0vi_ZEqcKbmPkVAGfpqJ__F-WzTPOhgl5Zliq0popk4Nqpq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5E3 0
10 B 237ms
237ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZdzpUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 03:16:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame DB13 0
17 B 28ms
27ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lq624sbu&c=3940083227759&slotId=1970041613879.5&qqid=CLPAyJC9kIMDFV7HuwgdBX8MHA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2076&mt=video%2Fmp4&vs=1024x576&dm=6000&met.4=vfl.180
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 64ms
63ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2704516694308573&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOJkJyOGa6QNN-s7bglE9-bx-rPgHjL_iqJY88ExP3fIxW6_cTdtyQOPYS-g0m3e6AgAAAHVSAAAABGgBB5kDAfI_10PQsK3DSroYzYV1cnTGUwmNtQT4M_puVq3RV0xkfzsV1duYD-fr39HVXe5FdcGg1pt4cwi4i3qN6jWSvp6S_5Y1lH_y4lWjJOhVGMyWsl5nhC2AcDKph2FpwiH5jngvR96mLzghLF7f68_8DRGDeALr1YvWTXY7b8wwTdM6z8MkAN9NWk2RbLiAUYCfQt9h3wjR_vdqa_DWqNLc3SpNHaASDOP1mKhqDCTh0jAtw6GRZnLNu0brBKZbq60Agxdx-YKCNRW7z1-SL_A08aoqVob6KSAn8o-KRnrlSQKaHvnPqWIqbhEp9hUu5uKJnnXNE5JxCEozhugllekHJCCMRDP1GqaMGC91LQsmm8hGOcU3v5CQYk-OPukINMEiTLUEuYbLt_KF1OMnmj0B6q2Yoamo2mYgfvgO5mI4LRNK7OitihQNl_0xf4OQNWUForClpi88y5FFGwPVpyBxgGYa1XEDE8KiWDINcKy-d9dczTwWF0wq2H0HU50U13q_RE7fWFncZqXQCqhDAqp_IcsUZ5p15LRHO0a2WeL50XhOa9vjWHJU0iVio7QRE_KYMEx-_s-aJgLo6I9iiMgl954AKqEHUPcl7s9ax6TiT-aoNaJd10avGRMs9-Gxv4YtT9YvOnQ5yC1gEhiRPh-OEcW--wltvF1SHreBsNuDTK3lkU9lI5xDBIOg8PkJYTXSfFo8SKbY1DoxaWKEBvr13dDSJRLmzupd4n5-iKdmHGh7V37BtohDVr6IBKxvi-MG4p6bVlOrC7oRM-N_8XW1TbYgK74D_VhKQy398gGeVec-swHcuGneMMDHi1ggGLj60SBRO8HTt1v9ARO3o_zvAFBuZhwagUfzcN8z7SrML_hR8oYuJMRXDaLQcNfnSNWIs4hyUqgfBIbqib9sQdmZXHU7GuhP0Bhse_JfjKHYtvor9p0VUonTbuG5SYKv7lp20uO2o6q7roesyTmJAN_H6BdcQcHTZxwUSlWYnPFoCMEMosR77DrcTo-SRXmHU_12k18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 067A 0
17 B 26ms
26ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq624s1n&c=4043223067710&slotId=2021611533855&qqid=CIro4ZC9kIMDFZmd_QcdW3AEZQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2924&mt=video%2Fmp4&vs=1024x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.jk~vil.sw&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0224 0
17 B 27ms
27ms Ping
image/gif 2a00:1450:4009:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lq624s1w&c=101957989913&slotId=50978994956.5&qqid=CNPA4ZC9kIMDFYWe_QcdpbMMPw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1549&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.jx~vil.s7&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:07 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIsr_9kL2QgwMVeUgdCR00qQsWEAAYACCD38liOhoIuoXQ1gIQu4jbyL4EGL-kxOMDINO1k6aYEkITCLPAyJC9kIMDFV7HuwgdBX8MHA;dc_rmcid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOK...
ade.googlesyndication.com/ddm/activity/ Frame DB13 42 B
107 B 47ms
46ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsr_9kL2QgwMVeUgdCR00qQsWEAAYACCD38liOhoIuoXQ1gIQu4jbyL4EGL-kxOMDINO1k6aYEkITCLPAyJC9kIMDFV7HuwgdBX8MHA;dc_rmcid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOliDo8iQvZCDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D1317,0,0,0,0%26mtos%3D1317,1317,1317,1317,1317%26amtos%3D0,0,0,0,0%26mcvt%3D1317%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1523%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D206%26dur%3D6016%26vmtime%3D1544%26dvs%3D1317%26dfvs%3D1317%26dvpt%3D1523%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1317,1317,1317,1317,1317%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1317;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1702610166350;ecn1=1;etm1=0;eid1=960584;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DB13 42 B
64 B 48ms
47ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGWla9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMByAObBKoErAJP0PFbu5Shc9oZFNahGCCGSHnNB7kRJW3EHIY-2XBFMtQhEwVYkR1ed-SJt4J_0P2ISQmqHGsY0X3DD1B2qzvjCJkular2WTW3JY40-jhxChfTgjLL8RuH9b4Q5DF-NHoYsmosugD9iCZ21VxybMx8dxxt7iQoFmstCy4lF57E1NZZQB0RUlxYcvKTMXVEgyVOCKYqz8DF8QYqeMLx8VykfxwrqaQVsDOwAsJxoOky_8ydR1460qirBiOh63Uzj4KkdKzC4wjRBbeLVnF5hTTueJCoWRTQMViTtM1GiEqK-EVQUs5laioBU48CXmpoRv1_W4i--V79PO9f6cWhUsD8VOSxFYYvlsyKJRnzTXX8tgYMm_aMI6qMT0rdkf1uqtr2tFNgfzJ2-aKFsCzABLuI28i-BOAEA4gFrcWtx0yQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg6PIkL2QgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=qmeJtMXYI0Q&label=videoplaytime25&ad_mt=1545&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D1317,0,0,0,0%26mtos%3D1317,1317,1317,1317,1317%26amtos%3D0,0,0,0,0%26mcvt%3D1317%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1523%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D3%26pst%3D206%26dur%3D6016%26vmtime%3D1544%26dvs%3D1317%26dfvs%3D1317%26dvpt%3D1523%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D256%26cs%3D33554706%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1317,1317,1317,1317,1317%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D3%26psv%3D2%26psfv%3D2%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1317&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.06%26t%3D1702610166350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame DB13 42 B
64 B 46ms
45ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDeQSLctunxEN_gNVUT7PRKTqf5rAaNgWAOFrjVerrH8yAkg93Ss2A4byNWV7DegfI_SVyHqxbWimPRYNDb4stN_GsaCiPIbpC_PEYzTImh4xNLlpQdjLcxZtm1hFbOLFI7LVu0aGHfPU&sai=AMfl-YRsvjsFMJpgNohHu1Zl9lnvTiyVOhxx7O0l8EAqXpgi9YvRG_YMUqf6VV49kAuhJbpKzzua4pTN0Pd4bpC_Ffkgmkr_h_bkSeFVfRxvP91BqpqSyPIu3ETPbcrAspU4oZPNm-fgKIhjtJUm0jgc&sig=Cg0ArKJSzLVYuK-2L3YPEAE&cid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB&id=lidarv&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2118,0,0,0,0%26mtos%3D2118,2118,2118,2118,2118%26amtos%3D0,0,0,0,0%26mcvt%3D2118%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2324%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D4%26pst%3D206%26dur%3D6016%26vmtime%3D2347%26dtos%3D2118%26dtoss%3D1%26dvs%3D801%26dfvs%3D801%26dvpt%3D801%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26ic%3D16777217%26cs%3D50331923%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2118&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702610166350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIsr_9kL2QgwMVeUgdCR00qQsWEAAYACCD38liOhoIuoXQ1gIQu4jbyL4EGL-kxOMDINO1k6aYEkITCLPAyJC9kIMDFV7HuwgdBX8MHA;dc_rmcid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOK...
ade.googlesyndication.com/ddm/activity/ Frame DB13 42 B
63 B 48ms
47ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsr_9kL2QgwMVeUgdCR00qQsWEAAYACCD38liOhoIuoXQ1gIQu4jbyL4EGL-kxOMDINO1k6aYEkITCLPAyJC9kIMDFV7HuwgdBX8MHA;dc_rmcid=CAQSTgAvHhf_tLZpOhGrF3ZFL4k3atc5edNqYAy_KD1BY9GUAlXPrqg425WXBa_u4WCp377LlOKacVYUuNLRfNlp3D68gLq8l7qNX3s4l9zmDBgB;eps=CIDhgBAQARgfMgKqAjoCgEBIvf3BOliDo8iQvZCDAw;met=1;acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2909,0,0,0,0%26mtos%3D2909,2909,2909,2909,2909%26amtos%3D0,0,0,0,0%26mcvt%3D2909%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3115%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D5%26pst%3D206%26dur%3D6016%26vmtime%3D3138%26dtos%3D791%26dtoss%3D2%26dvs%3D791%26dfvs%3D791%26dvpt%3D791%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1592,1592,1592,1592,1592%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2909;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702610166350;ecn1=1;etm1=0;eid1=18;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame DB13 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CGWla9MR7ZbP2N96O7_UPhf6x4AGpov7TdNO1k6aYEs-Ph_mUMRABIKOx-iVglfKGgpgHyAEFqAMByAObBKoErAJP0PFbu5Shc9oZFNahGCCGSHnNB7kRJW3EHIY-2XBFMtQhEwVYkR1ed-SJt4J_0P2ISQmqHGsY0X3DD1B2qzvjCJkular2WTW3JY40-jhxChfTgjLL8RuH9b4Q5DF-NHoYsmosugD9iCZ21VxybMx8dxxt7iQoFmstCy4lF57E1NZZQB0RUlxYcvKTMXVEgyVOCKYqz8DF8QYqeMLx8VykfxwrqaQVsDOwAsJxoOky_8ydR1460qirBiOh63Uzj4KkdKzC4wjRBbeLVnF5hTTueJCoWRTQMViTtM1GiEqK-EVQUs5laioBU48CXmpoRv1_W4i--V79PO9f6cWhUsD8VOSxFYYvlsyKJRnzTXX8tgYMm_aMI6qMT0rdkf1uqtr2tFNgfzJ2-aKFsCzABLuI28i-BOAEA4gFrcWtx0yQBgGgBk6AB5qS6NUCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg6PIkL2QgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLEC5LSxAu61sQK7u7ECqg0CREWwE6WM3hXIE7-kxOMD2BMKiBQE2BQB0BUB-BYBgBcB6BcF&sigh=qmeJtMXYI0Q&label=videoplaytime50&ad_mt=3139&acvw=sv%3D959%26v%3D20231113%26cb%3Dout%26e%3D2%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,128,273,601%26tos%3D2909,0,0,0,0%26mtos%3D2909,2909,2909,2909,2909%26amtos%3D0,0,0,0,0%26mcvt%3D2909%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3115%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D5%26pst%3D206%26dur%3D6016%26vmtime%3D3138%26dtos%3D791%26dtoss%3D2%26dvs%3D791%26dfvs%3D791%26dvpt%3D791%26is%3D33554707%26i0%3D33554450%26i1%3D33554707%26i2%3D33554707%26ic%3D512%26cs%3D50332435%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1592,1592,1592,1592,1592%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D195832646%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2909&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.06%26t%3D1702610166350

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9270849806571319&output=html&h=280&slotname=7933161224&adk=1304435780&adf=2896993837&pi=t.ma~as.7933161224&w=728&fwrn=4&fwrnh=100&lmt=1702610164&rafmt=1&format=728x280&url=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702610164676&bpp=1&bdt=365&idt=213&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8717328310171&frm=20&pv=1&ga_vid=1714929603.1702610164&ga_sid=1702610165&ga_hid=2020057861&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=92&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42532598%2C95320885%2C21065724&oid=2&pvsid=2704516694308573&tmod=619601058&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=218
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 27ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5JPJ3E6T5V&gtm=45je3bt0v869651364&_p=1702610164473&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1714929603.1702610164&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702610164&sct=1&seg=0&dl=https%3A%2F%2Ftaxcalculatorphilippines.com%2F&dt=Tax%20Calculator%20Philippines%202023&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6088
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JPJ3E6T5V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxcalculatorphilippines.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 03:16:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://taxcalculatorphilippines.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taxcalculatorphilippines.com/	1970-01-21 02:32:50	Name: _ga Value: GA1.1.1714929603.1702610164
.taxcalculatorphilippines.com/	1970-01-21 02:32:50	Name: _ga_5JPJ3E6T5V Value: GS1.1.1702610164.1.0.1702610164.0.0.0
.taxcalculatorphilippines.com/	1970-01-21 02:18:26	Name: __gads Value: ID=6a468d69ff4a55c6:T=1702610164:RT=1702610164:S=ALNI_MY6omAGPDnjjlA0bj0cNMyRklgl_A
.taxcalculatorphilippines.com/	1970-01-21 02:18:26	Name: __gpi Value: UID=00000d1a4cf00be3:T=1702610164:RT=1702610164:S=ALNI_MaNWsHcgd8dOWt0Bq1wVklbA_5tEw
.doubleclick.net/	1970-01-20 16:56:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:18:26	Name: IDE Value: AHWqTUmoVHOuMivj4dV4Iw3f-JTm1tnO2Afw5-a6hxTJhb56VbGoEC0iB-ytGkLBbWM
.doubleclick.net/	1970-01-20 21:16:02	Name: APC Value: AfxxVi7xC7UvpLZF66OjlrXMFmJgZC_bk7pD4F7QUxRHeTknZBP0CQ
.quantserve.com/	1970-01-20 19:06:26	Name: d Value: EGcBCQHVKoEA
.quantserve.com/	1970-01-21 02:27:04	Name: mc Value: 657bc4f6-130b4-53667-285e6
.adfarm1.adition.com/	1970-01-20 19:06:26	Name: UserID1 Value: 7312654980808898711
.ctnsnet.com/	1970-01-21 01:42:26	Name: gid_CAESEN43nBAg20LiXNhfGTFzM6M Value: 1
.ctnsnet.com/	1970-01-21 01:42:26	Name: cid_7eb8b9a8e9a0483ca0719809decaec84 Value: 1
.w55c.net/	1970-01-21 02:28:30	Name: wfivefivec Value: 84bjdWPO1RdYGi5
.simpli.fi/	1970-01-21 01:43:52	Name: suid Value: 8248667396AE4E40A42EE21C3780017F
.travelaudience.com/	1970-01-21 02:28:30	Name: _tracker Value: %7B%22UUID%22%3A%22CA3C62B8-48B4-4819-1EEA-C687DCE2DCB8%22%7D
.de17a.com/	1970-01-21 01:35:14	Name: guid Value: 1.2987439006860762417
.w55c.net/	1970-01-20 17:40:02	Name: matchgoogle Value: 5
.yahoo.com/	1970-01-21 01:42:47	Name: A3 Value: d=AQABBPbEe2UCEF2dR9Ryu5mNQDjlTLEw_4MFEgEBAQEWfWWFZQAAAAAA_eMAAA&S=AQAAAnNuy50dReKCSxllNDTVs-c
.turn.com/	1970-01-20 21:16:02	Name: uid Value: 8298937815290363597
.insightexpressai.com/	1970-01-21 01:42:26	Name: DW Value: 00000000-0000-000e-64ae-a01702610166
.insightexpressai.com/	1970-01-21 02:32:50	Name: IXAI70510 Value: FTF
.insightexpressai.com/	1970-01-21 01:42:26	Name: DW_Time Value: 1702610166
.insightexpressai.com/	1970-01-21 01:42:26	Name: TID Value: 00000000-0000-000e-64ae-a01702610166

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ade.googlesyndication.com
ads.travelaudience.com
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-4g5lznek.c.2mdn.net
r2---sn-4g5ednly.c.2mdn.net
r4---sn-4g5ednde.c.2mdn.net
region1.google-analytics.com
secure.insightexpressai.com
sync.teads.tv
taxcalculatorphilippines.com
tpc.googlesyndication.com
tps.doubleverify.com
um.simpli.fi
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
130.211.44.5
142.250.186.66
142.250.186.98
15.197.193.217
178.250.1.9
198.54.115.143
2001:4860:4802:32::36
213.155.156.181
216.58.212.162
23.32.185.35
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:14::6
2a00:1450:4001:17::9
2a00:1450:4001:67::7
2a00:1450:4001:802::2008
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4009:817::2003
2a02:26f0:480:9b4::1ec4
2a02:fa8:8806:21::1720
2a05:d018:d29:3602:e076:33cd:685:7924
3.121.34.204
34.91.62.186
35.186.193.173
35.190.0.66
46.228.164.11
66.102.1.156
85.114.159.93
08a99a3a639df4bbd0c23c97891d1ae067855d7f0e294695b92d0fde28947399
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2250de284fb116b952ba2b5cfa61ecc3e7368be14248bdfa695f7f187f5bad1d
22816a00dfe9fcdc30063d22717ab9cbab3aeb2a8e9844e9d774d256dc48b7c8
232746c4d8d99557b7bd8402efcd16c64cbb082b2f8c11a6f955a0e77bfae590
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
41448ce4891ad73962363ab2f22c05a38d45c057a987752611ae74cbb29b49e6
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
465963ae676147393eed08151a76c8954cc623488cc28c3b46daa2548fa03e1a
48039d4ea2224e26f9a975569dc4e5574d7e532a2fad86733f7000ec6d240f0d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d1765abfee5c7d55e9036969adbf8f84e0472da08ef7b8817b91345e282df58
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
7079de9554e7413b3aaa0c3c9fe8883c7adc9b02b856da74e455aaacaa5b82bd
82ea79c366dcea64ec42263fe46faea0081e0c353cc97e5f70c5430581245023
83f20cebf2b01ff7902f42417acc3edaa6a53993fbaaa9d504656a30d5f10179
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ef4e18c88bb7b0a322fefe9dfe4a27afba8583f29ad89a918d218e194391375
91d1430b4df37035b428f46a3989e2948291bb4c9170ec45945934a2066f72e0
9828d8bed54348b860dc723db0b7033e80e3a9639e2c0948f4d44c197dbcdc65
9846a7c9c6bba965eb99a7f26c99867b5978352f8b0af1f2c5986cdde6c53ec2
987e41b7f23fa5f5466c31ac7c1755ae5448a32ca229769389c17b3c9a871b8f
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
99ac6932bb7cad441a4b165f38c2c167015ab2fa49b80df57729a971d255dbc3
9a95a08a0127de910d72e2ba594453369733395c9d7469861525cea10fab4269
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24e7b3830e2c5212d6ff52b7af0ea8b6d0bb85141bc9c5d9d4534b14bf87a65
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
c0a24f6dd7ecd009d85fe2529c35e0f976ac526febe52296f54f1c798bed9e74
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95f7d34cfdedb8755d7103701316c6bd973748c82ca875d3b086af3dcbf9ba9
eb3a9b167229e33749d13ef5a3669d7b6d1b8faaef507d9a91ae32d844bb1f59
ed4b22bf18842058e28fc3bca41776a0389165127334f978d7390b07846ca580
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ef5e9313a21d5ff2acd91b089e7fcbe1bca9365630d237bae7a0ed847e4ca7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

taxcalculatorphilippines.com Open in urlscan Pro 198.54.115.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

87 %HTTPS

56 %IPv6

25 Domains

37 Subdomains

29 IPs

8 Countries

3147 kBTransfer

6558 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

taxcalculatorphilippines.com Open in urlscan Pro
198.54.115.143 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

87 %
HTTPS

56 %
IPv6

25
Domains

37
Subdomains

29
IPs

8
Countries

3147 kB
Transfer

6558 kB
Size

23
Cookies

137 HTTP transactions
3 data transactions